Security Technical Operations Lead

Our goal in our SIOC practice is for our consultants is to become a "trusted advisor" to our clients, that can speak to all levels of client management from security analysts to director / c-level executives, in the areas of security intelligence and operations including.

• advance persistent threats (APTs) relevant to our client's industry

• advanced security controls

• incident response process and procedures

• metrics and analytics

with knowledge of various security technologies such as Security Information and Event Management (SIEM) and incident response tools.

In this role, you will partner with other IBM consultants from other IBM practices to deliver the best possible solution to our clients. You will be responsible for,

• leading workshops to assess the security capabilities of a client.

• lead discussions in a pre-sale's sales capacity

• Respond to Request for Proposal (RFP) or Invitation to Tender (ITT)

• as well as leading, managing and delivering our SIOC services to our clients.

Responsibilities & Duties:

1. Threat Monitoring and Detection

• Continuously monitor security events across IT and OT (if applicable) environments.
• Analyse logs, network traffic, endpoints, cloud, and application behaviours for suspicious activities.
• Use SIEM (Security Information and Event Management) tools and threat intelligence platforms.

2. Incident Response

• Triage security alerts and assess the severity and potential impact.
• Investigate incidents using forensics tools and techniques.
• Coordinate containment, eradication, and recovery actions during security events.
• Produce incident reports and post-incident reviews (lessons learned).

3. Threat Intelligence Integration

• Ingest threat intelligence feeds (external and internal).
• Enrich alerts and cases with contextual threat intelligence.
• Perform threat hunting based on new indicators of compromise (IOCs) or tactics, techniques, and procedures (TTPs).

4. Vulnerability Management Support

• Identify vulnerabilities exposed during monitoring or threat hunting.
• Recommend remediation or compensating controls to address vulnerabilities.
• Work with risk and IT teams to prioritize vulnerabilities based on threat intelligence.

5. Security Tool Management and Tuning

• Manage and fine-tune SIEM, EDR, SOAR, IDS/IPS, and threat intelligence platforms.
• Ensure detection rules and use cases are updated to match evolving threats.
• Automate routine tasks where possible (e.g., enrichment, containment).

6. Reporting and Metrics

• Provide real-time and scheduled security dashboards and reports to leadership (CISO, CIO, Risk Committee).
• Track incident volumes, mean time to detect (MTTD), mean time to respond (MTTR), etc.
• Deliver intelligence briefings on emerging threats relevant to the business.

7. Collaboration and Escalation

• Act as a bridge between security, IT operations, and business units.
• Escalate significant incidents to leadership and crisis management teams.
• Engage law enforcement or regulatory bodies if required.

8. Continuous Improvement

• Review and improve incident response processes and playbooks.
• Conduct tabletop exercises and red/blue team simulations.
• Stay current on cybersecurity trends, threats, and technologies.

Required education

Associate's Degree/College Diploma

Preferred education

Bachelor's Degree

Required technical and professional expertise

• Demonstrate credentials in one of the core security domains and also represent overall security services capabilities

• Work closely with the solution design teams in developing client presentations and Statement of Works (SOWs)

• Become a recognized thought leader in one of the core security domains, utilizing conferences, white papers, client presentations to build awareness of IBM credentials

• Use your expertise in the security industry to contribute content and advice to the offering development process

• Ability to work easily with diverse and dynamic teams

• Work in a matrix management model

• Manage multiple client engagements or projects

• Lead and deliver a project based on different project methodologies (Waterfall, Agile, or client model)

• Lead large groups and be a primary facilitator

• Lead and shape client expectations

• Effective writing, communication and presentation skills

• Help drive pursuits and engage in complex deals, matching outcomes to expectations

Preferred technical and professional experience

At least 5 years of experience in management consulting and systems integration.

• At least 3 years of experience in working in projects related to Security Intelligence and Operations (SIOC)

• At least 1 years of experience in working across diverse teams to facilitate solutions.

• At least 1 years of experience in working with security consulting teams.

• Proficiency in one or more SIEM solutions including IBM QRadar with ability to design, implement, configure, and administrate the solution

• Proficiency in one or more SOAR solutions, including ability to design, implement, configure, and administrate the solution

• Readiness to travel 50% travel annually including international travel. Blend of technical and business skills to support both new business development and delivery projects. Team management experience is desired. Expert in SIEM, Threat Intelligence, Threat Hunting, SOAR and Incident Management domains.

• Good skills and experience in scripting (python and/or julia, etc.)

• Good skills in Linux OS

• Proficient in MS Office (Word, Excel, PPT, Visio)

• Technical security documentation and business writing skills

• Good communication skills

ABOUT BUSINESS UNIT

IBM Consulting is IBM's consulting and global professional services business, with market leading capabilities in business and technology transformation. With deep expertise in many industries, we offer strategy, experience, technology, and operations services to many of the most innovative and valuable companies in the world. Our people are focused on accelerating our clients' businesses through the power of collaboration. We believe in the power of technology responsibly used to help people, partners and the planet.

YOUR LIFE @ IBM

In a world where technology never stands still, we understand that, dedication to our clients success, innovation that matters, and trust and personal responsibility in all our relationships, lives in what we do as IBMers as we strive to be the catalyst that makes the world work better.

Being an IBMer means you'll be able to learn and develop yourself and your career, you'll be encouraged to be courageous and experiment everyday, all whilst having continuous trust and support in an environment where everyone can thrive whatever their personal or professional background.

Our IBMers are growth minded, always staying curious, open to feedback and learning new information and skills to constantly transform themselves and our company. They are trusted to provide on-going feedback to help other IBMers grow, as well as collaborate with colleagues keeping in mind a team focused approach to include different perspectives to drive exceptional outcomes for our customers. The courage our IBMers have to make critical decisions everyday is essential to IBM becoming the catalyst for progress, always embracing challenges with resources they have to hand, a can-do attitude and always striving for an outcome focused approach within everything that they do.

Are you ready to be an IBMer?

ABOUT IBM

IBM's greatest invention is the IBMer. We believe that through the application of intelligence, reason and science, we can improve business, society and the human condition, bringing the power of an open hybrid cloud and AI strategy to life for our clients and partners around the world.

Restlessly reinventing since 1911, we are not only one of the largest corporate organizations in the world, we're also one of the biggest technology and consulting employers, with many of the Fortune 50 companies relying on the IBM Cloud to run their business.

At IBM, we pride ourselves on being an early adopter of artificial intelligence, quantum computing and blockchain. Now it's time for you to join us on our journey to being a responsible technology innovator and a force for good in the world.

IBM is proud to be an equal-opportunity employer. All qualifiedapplicants will receive consideration for employment without regard to race,color, religion, sex, gender, gender identity or expression, sexualorientation, national origin, caste, genetics, pregnancy, disability,neurodivergence, age, veteran status, or other characteristics. IBM is alsocommitted to compliance with all fair employment practices regardingcitizenship and immigration status.

OTHER RELEVANT JOB DETAILS

For additional information about location requirements, please discuss with the recruiter following submission of your application.