Security Consultant - SOC
IBM · Mumbai Metropolitan Region
- On site
- Full-time
- $120,000 / year
- Mumbai Metropolitan Region
Job highlights
- Drive SOC operations with Palo Alto security stack.
- Manage security monitoring, detection, and response.
- Lead incident lifecycle and automation initiatives.
- Conduct threat hunting and advanced investigations.
- Improve SOC maturity and team skills.
About the role
Introduction
A career in IBM Consulting is built on long-term client relationships and close collaboration worldwide. You’ll work with leading companies across industries, helping them shape their hybrid cloud and AI journeys. With support from our strategic partners, robust IBM technology, and Red Hat, you’ll have the tools to drive meaningful change and accelerate client impact. At IBM Consulting, curiosity fuels success. You’ll be encouraged to challenge the norm, explore new ideas, and create innovative solutions that deliver real results. Our culture of growth and empathy focuses on your long-term career development while valuing your unique skills and experiences.
Your Role And Responsibilities
- Hands-on experience of SOC operations leveraging Palo Alto security stack including Palo Alto Cortex XSIAM, Cortex XSOAR, and Cortex XDR.
- Drive end-to-end security monitoring, detection, and response strategy using XSIAM’s unified data and analytics capabilities.
- Oversee incident lifecycle management for critical and high-severity incidents ensuring timely containment and resolution.
- Design and implement detection use cases, correlation rules, and analytics aligned with MITRE ATT&CK.
- Lead automation initiatives by building and optimizing playbooks in XSOAR to reduce manual effort and improve MTTR.
- Manage and optimize XDR policies for endpoint protection, behavioral detection, and threat prevention.
- Provide strategic direction for log ingestion, data onboarding, and normalization within XSIAM.
- Conduct advanced threat hunting leveraging XDR telemetry, causality chains, and behavioral analytics.
- Act as escalation point for L2/L3 analysts and guide complex investigations and RCA.
- Drive continuous improvement of SOC maturity, detection coverage, and response capabilities.
- Collaborate with network, cloud, and IR teams to ensure integrated security operations across environments.
- Monitor and report SOC KPIs such as MTTD, MTTR, alert fidelity, and automation efficiency.
- Ensure compliance with security frameworks and audit requirements.
- Lead stakeholder communication including executive reporting, incident briefings, and risk updates.
- Mentor and develop SOC team members, ensuring skill enhancement on Palo Alto platforms.
- Stay updated with the latest threat landscape, Palo Alto feature enhancements, and industry best practices.
Required Technical And Professional Expertise
- Hands-on experience with SIEM/XDR platforms, Palo Alto Cortex XSIAM.
- Basic scripting skills (Python, PowerShell, or Bash) for automation and enrichment.
- Strong analytical thinking and problem-solving capability.
Preferred Technical And Professional Experience
- Experience in purple teaming, attack simulation, or detection validation.
- Understanding of compliance frameworks (ISO 27001, NIST, CIS).
- Experience in API integrations and advanced automation use cases.
- Ability to create dashboards, reports, and SOC metrics (MTTD, MTTR, SLA tracking).
Key skills/competency
- Security Consultant
- SOC Operations
- Palo Alto Cortex XSIAM
- Palo Alto Cortex XSOAR
- Palo Alto Cortex XDR
- SIEM/XDR Platforms
- Incident Response
- Threat Hunting
- Automation
- Scripting (Python, PowerShell, Bash)
Skills & topics
- Security Consultant
- SOC
- IBM
- Palo Alto Cortex XSIAM
- Palo Alto Cortex XSOAR
- Palo Alto Cortex XDR
- SIEM
- XDR
- Threat Hunting
- Incident Response
- Security Operations
- Automation
- Python
- PowerShell
- Bash
- Cybersecurity
- Hybrid Cloud
- AI
How to get hired
- Tailor your resume: Highlight your hands-on SOC experience with Palo Alto Cortex XSIAM, XSOAR, and XDR, emphasizing automation and threat hunting.
- Showcase technical skills: Demonstrate your proficiency in SIEM/XDR platforms, scripting (Python, PowerShell, Bash), and analytical problem-solving abilities.
- Prepare for interviews: Be ready to discuss your experience with incident lifecycle management, detection use case design, and leading complex investigations.
- Understand IBM Consulting: Research IBM's focus on hybrid cloud, AI, and their client-centric approach to consulting to align your answers.
- Ask insightful questions: Inquire about team collaboration, specific client challenges, and opportunities for professional development within the SOC team.
Technical preparation
Master Palo Alto Cortex XSIAM, XSOAR, XDR.,Script automation with Python, PowerShell, or Bash.,Practice SIEM/XDR data analysis and correlation.,Develop threat hunting and incident response scenarios.
Behavioral questions
Describe a complex security incident you managed.,How do you handle high-pressure SOC situations?,Share an example of automating a SOC process.,How do you stay updated on threat intelligence?
Frequently asked questions
- What specific Palo Alto security products are essential for this Security Consultant - SOC role at IBM?
- For this Security Consultant - SOC position at IBM, hands-on experience with Palo Alto Cortex XSIAM, Cortex XSOAR, and Cortex XDR is essential. Proficiency in these tools will be key to success in driving security monitoring, detection, response, and automation initiatives.
- Does IBM Consulting require specific scripting skills for the Security Consultant - SOC role?
- Yes, basic scripting skills in Python, PowerShell, or Bash are required for this Security Consultant - SOC role at IBM. These skills are necessary for automation and data enrichment tasks within the Security Operations Center (SOC).
- What level of experience is expected for incident response in this IBM Security Consultant role?
- This Security Consultant - SOC role at IBM requires you to oversee the incident lifecycle for critical and high-severity incidents, ensuring timely containment and resolution. You will also act as an escalation point for L2/L3 analysts during complex investigations.
- Are there opportunities for professional growth within the SOC team at IBM?
- Absolutely. IBM Consulting emphasizes long-term career development. This Security Consultant - SOC role includes mentoring and developing team members, ensuring skill enhancement on Palo Alto platforms and staying updated with the latest threat landscape and industry best practices.
- What are the key performance indicators (KPIs) monitored by the SOC team at IBM for this role?
- The Security Consultant - SOC team at IBM monitors key performance indicators such as Mean Time to Detect (MTTD), Mean Time to Respond (MTTR), alert fidelity, and automation efficiency. Your role will involve monitoring and reporting on these critical SOC metrics.
- What understanding of compliance frameworks is preferred for this IBM Security Consultant position?
- While hands-on SIEM/XDR experience is required, understanding of compliance frameworks like ISO 27001, NIST, and CIS is preferred for this Security Consultant - SOC role at IBM. This knowledge helps ensure adherence to security standards and audit requirements.
- How does IBM Consulting foster innovation in its Security Consultant roles?
- At IBM Consulting, curiosity fuels success. You'll be encouraged to challenge the norm, explore new ideas, and create innovative solutions. This Security Consultant - SOC role involves leading automation initiatives and driving continuous improvement of SOC capabilities.