Security Consultant - SOC
IBM · Mumbai Metropolitan Region
- On site
- Full-time
- $110,000 / year
- Mumbai Metropolitan Region
Job highlights
- Monitor and analyze security alerts using SIEM/XDR.
- Investigate and respond to various security incidents.
- Automate security tasks with scripting and SOAR.
- Collaborate with cross-functional teams for remediation.
- Continuously improve SOC processes and detection.
About the role
About IBM Consulting
A career in IBM Consulting is built on long-term client relationships and close collaboration worldwide. You’ll work with leading companies across industries, helping them shape their hybrid cloud and AI journeys. With support from our strategic partners, robust IBM technology, and Red Hat, you’ll have the tools to drive meaningful change and accelerate client impact. At IBM Consulting, curiosity fuels success. You’ll be encouraged to challenge the norm, explore new ideas, and create innovative solutions that deliver real results. Our culture of growth and empathy focuses on your long-term career development while valuing your unique skills and experiences.Your Role And Responsibilities
- Monitor and triage security alerts from SIEM and XDR, SIEM platform and XSOAR.
- Perform initial analysis to identify true positives, false positives, and suspicious activities.
- Investigate incidents such as malware, phishing, lateral movement, and data exfiltration.
- Execute incident response actions including containment, eradication, and recovery coordination.
- Onboard and normalize logs from multiple sources (firewalls, endpoints, servers, cloud).
- Map detections and incidents to MITRE ATT&CK techniques and tactics.
- Work on XDR/XSIAM incident handling, alert enrichment, and automated response workflows.
- Integrate and operate SOAR platforms like Cortex XSOAR for playbook execution.
- Create and maintain automation scripts using Python, PowerShell, or APIs.
- Analyze endpoint, network, and user activity logs for anomaly detection.
- Reduce alert fatigue by fine-tuning detection logic and improving signal-to-noise ratio.
- Generate incident reports, dashboards, and operational metrics (MTTD, MTTR).
- Collaborate with IR, network, endpoint, and application teams for remediation.
- Leverage threat intelligence feeds and IOCs for proactive detection.
- Support compliance, audit requirements, and security assessments.
- Continuously improve SOC processes, detection coverage, and response capabilities.
Preferred Education
Master's DegreeRequired Technical And Professional Expertise
- Hands-on experience with SIEM/XDR platforms, Palo Alto Cortex XSIAM.
- Basic scripting skills (Python, PowerShell, or Bash) for automation and enrichment.
- Strong analytical thinking and problem-solving capability.
Preferred Technical And Professional Experience
- Experience in purple teaming, attack simulation, or detection validation.
- Understanding of compliance frameworks (ISO 27001, NIST, CIS).
- Experience in API integrations and advanced automation use cases.
- Ability to create dashboards, reports, and SOC metrics (MTTD, MTTR, SLA tracking).
Key skills/competency
- SIEM
- XDR
- SOAR
- Incident Response
- Python
- PowerShell
- Cybersecurity
- Threat Intelligence
- Log Analysis
- MITRE ATT&CK
Skills & topics
- Security Consultant
- SOC Analyst
- SIEM
- XDR
- SOAR
- Incident Response
- Cybersecurity
- Python
- PowerShell
- IBM Consulting
How to get hired
- Tailor your resume: Highlight SIEM, XDR, SOAR, and scripting (Python, PowerShell) experience.
- Showcase analytical skills: Provide examples of problem-solving in security contexts.
- Prepare for technical questions: Review incident response steps and MITRE ATT&CK.
- Demonstrate collaboration: Be ready to discuss teamwork with other IT teams.
Technical preparation
Master SIEM/XDR platforms (Palo Alto Cortex XSIAM).,Practice Python/PowerShell for automation.,Understand MITRE ATT&CK framework.,Familiarize with incident response procedures.
Behavioral questions
Describe a complex security incident you investigated.,How do you handle high-pressure situations?,Explain your collaboration with other teams.,How do you stay updated on threats?
Frequently asked questions
- What are the primary tools used by a Security Consultant at IBM?
- As a Security Consultant at IBM focusing on SOC operations, you'll primarily work with SIEM and XDR platforms, including Palo Alto Cortex XSIAM. Experience with SOAR platforms like Cortex XSOAR for automation and playbook execution is also key. You'll also leverage scripting languages such as Python and PowerShell for automation and enrichment tasks.
- What specific security incidents will I investigate as a Security Consultant at IBM?
- In this role, you will investigate a range of security incidents including malware, phishing attacks, lateral movement attempts, and data exfiltration. Your responsibilities will include performing initial analysis to distinguish true positives from false positives and executing incident response actions such as containment, eradication, and recovery.
- Does IBM value continuous learning for Security Consultants?
- Absolutely. IBM Consulting fosters a culture of growth and empathy, encouraging curiosity and continuous learning. You'll be empowered to explore new ideas and contribute to innovative solutions, with a focus on your long-term career development and the utilization of your unique skills.
- What are the expected scripting skills for an IBM Security Consultant?
- Basic scripting skills in Python, PowerShell, or Bash are required for this Security Consultant role. These skills are essential for automation, log enrichment, and integrating various security tools and platforms to enhance SOC operations and response capabilities.
- How does IBM Consulting support employee growth in security roles?
- IBM Consulting prioritizes employee growth through a supportive culture that encourages challenging the norm and exploring new ideas. You will have access to resources, strategic partners, and robust IBM technology, including Red Hat, to drive meaningful change and accelerate client impact, alongside structured career development opportunities.