Job Information
IBM Threat Hunter in Budapest, Hungary
Introduction
A sneak peek into this role:
In this role, you'll work in our IBM Client Innovation Center (CIC), where we deliver deep technical and industry expertise
to a wide range of public and private sector clients around the world. These centers offer our clients locally-based skills
and technical expertise to drive innovation and adoption of new technology.
You will join IBM Security Services which is a division of IBM Consulting, responsible for delivering security services to its
large global customers, alongside major digital transformation projects in the application and cloud domains.
Your Role and Responsibilities
Why you'll love your job:
You will join IBM Security Services which is a division of IBM Consulting (https://youtu.be/lr1kcrysyzc) , responsible for delivering security services to its large global customers, alongside major digital transformation projects in the application and cloud domains. We look for an experienced Threat Hunter who will join our large SOC centre in Budapest to work for our large enterprise clients based in EMEA.
You will be responsible for:
Threat hunting and incident response activities in the customer environment using Azure /Microsoft Sentinel
Demonstrating the ability to recognize attacks and attack patterns
Deep analysis of threats
Developing attack detection and playbooks
Giving feedback to the analyst team on previous incidents
Required Technical and Professional Expertise
Minimum of 6 years of relevant job experience
Minimum of 2 years of experience in threat analysis & (technical) threat hunting
Knowledge and experience in analysis of various threat actor groups, attack patterns and tactics, techniques and procedures (TTPs), deep analysis of threats across the enterprise by combining security rules, content, policy and relevant datasets
Ability to recognize and research attacks and attack patterns
Demonstrable systems thinking and ability to clearly synthesize and communicate complex topics
Ability to collaborate in a virtual team and interface with multitude of stakeholders within or outside the SOC
Experience in creating clear & well-articulated documents /artefacts
Technical competence and skills:
Strong analytical, logical and problem-solving skills
Knowledge of cyber security threats, threat actors and their associated TTPs
Knowledge on OSI layers
Knowledge on Security Tools in Application, Data, Networks and Endpoint layers
Knowledge on malware-analysis and malware functionalities
Knowledge on native system and network policies
Knowledge on Query structures like Regular Expression, YARA and Snort rule, AQL and KQL types
Basic knowledge on scripting languages like Bash, Python and PowerShell, etc.
Knowledge of log formats for syslog, http logs, DB logs and how to gather forensics for traceability back to a security event
Experience with security devices such as SIEM, IDS/IPS, HIDS/HIPS, anomaly detection, Firewall, Antivirus systems, Endpoint Detection & Response tools and their log output
Experience in analyzing large data sets
Experience in using data mining, analytic and visualization tools, such as data lakes (Elastic, HDFS), Linux tools (ex. Grep, cut, sort) and regex
Experience with industrial taxonomies like Cyber Kill Chain, MiTRE's ATT&CK, MiTRE's CAPEC, MiTRE's CAR, NIST, CIF, SANS and STIX 2.0
Strong communication skills both written and verbally
Ability to translate security impacts to the wider business
Ability to understand end-to-end threat landscape of all sectors
Skills to analyze attack vectors against a particular system to determine attack surface
Ability to produce contextual attack models applied to a scenario
Ability to demonstrate intrusion sets using cyber kill-chain and Tactics, Techniques and Procedures
Ability to co-ordinate with other security focal points during an active incident
Knowledge of security controls, how they can be monitored, and thwarted
Knowledge on vulnerability detection and response from Threat Hunting point of view
Network forensics: network traffic protocols, traffic analysis (i.e. Network flows and PCAP), intrusion detection
Preferred Technical and Professional Expertise
Taking an active part in the gathering, analysis, and communication of threat intelligence through the intelligence process
Providing intelligence briefings to other areas of the business on threats or threat actors and the risk they bring to the environment
Coordinating the planning, development and production of communication materials using various communication vehicles
Interfacing with management and related internal groups for review, production, and dissemination of content
Experience in technical publication management
About Business UnitIBM Consulting is IBM's consulting and global professional services business, with market leading capabilities in business and technology transformation. With deep expertise in many industries, we offer strategy, experience, technology, and operations services to many of the most innovative and valuable companies in the world. Our people are focused on accelerating our clients' businesses through the power of collaboration. We believe in the power of technology responsibly used to help people, partners and the planet.
Your Life @ IBMIn a world where technology never stands still, we understand that, dedication to our clients success, innovation that matters, and trust and personal responsibility in all our relationships, lives in what we do as IBMers as we strive to be the catalyst that makes the world work better.
Being an IBMer means you'll be able to learn and develop yourself and your career, you'll be encouraged to be courageous and experiment everyday, all whilst having continuous trust and support in an environment where everyone can thrive whatever their personal or professional background.
Our IBMers are growth minded, always staying curious, open to feedback and learning new information and skills to constantly transform themselves and our company. They are trusted to provide on-going feedback to help other IBMers grow, as well as collaborate with colleagues keeping in mind a team focused approach to include different perspectives to drive exceptional outcomes for our customers. The courage our IBMers have to make critical decisions everyday is essential to IBM becoming the catalyst for progress, always embracing challenges with resources they have to hand, a can-do attitude and always striving for an outcome focused approach within everything that they do.
Are you ready to be an IBMer?
About IBMIBM's greatest invention is the IBMer. We believe that through the application of intelligence, reason and science, we can improve business, society and the human condition, bringing the power of an open hybrid cloud and AI strategy to life for our clients and partners around the world.Restlessly reinventing since 1911, we are not only one of the largest corporate organizations in the world, we're also one of the biggest technology and consulting employers, with many of the Fortune 50 companies relying on the IBM Cloud to run their business. At IBM, we pride ourselves on being an early adopter of artificial intelligence, quantum computing and blockchain. Now it's time for you to join us on our journey to being a responsible technology innovator and a force for good in the world.
Location StatementFor additional information about location requirements, please discuss with the recruiter following submission of your application.
Being You @ IBMIBM is committed to creating a diverse environment and is proud to be an equal-opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender, gender identity or expression, sexual orientation, national origin, caste, genetics, pregnancy, disability, neurodivergence, age, veteran status, or other characteristics. IBM is also committed to compliance with all fair employment practices regarding citizenship and immigration status.
IBM
- IBM Jobs