X-Force Threat Management - Blue Squad Leader


June 10, 2021

At IBM, work is more than a job - it's a calling: To build. To design. To code. To consult. To think along with clients and sell. To make markets. To invent. To collaborate. Not just to do something better, but to attempt things you've never thought possible. Are you ready to lead in this new era of technology and solve some of the world's most challenging problems? If so, lets talk.
Your Role and Responsibilities
Currently, we are looking for X-Force Threat Management - Blue Squad Leader.
The Blue Squad Leader provides cross-disciplinary and cross-platform leadership of XFTM operations to achieve the client's security objectives and optimal technical outcomes. The Blue Squad Leader serves as a highly specialized extension of the client's security apparatus to optimize the full spectrum of XFTM capabilities: threat insight, prevention, detection, response, and recovery.
  • Establish and maintain an intimate situational awareness of the client's security organization, objectives, decision-making, posture, and threat landscape to guide XFTM operations.
  • Provide internal, technical leadership of XFTM operations to optimize the overall service and SIEM environment, ensure the implementation of best practices and client feedback, and drive the resolution of risks and issues.
  • Analyze XFTM operational metrics and KPIs for risks, issues, and opportunities to recommend actions to advance the overall service and the client's security posture.
  • Lead weekly reviews with the client to maintain operational alignment, facilitate service delivery, and close feedback loops.
  • Analyze and brief XFTM operational metrics and KPIs included in periodic reviews owned by the SSAM.
  • Internally align XFTM operations with the client's security program maturity roadmap established in collaboration with SIOC.
  • Capture XFTM operational training gaps, platform requirements, and solution and support requirements exceptional to the contracted service, communicate to the appropriate IBM owners, and champion resolution.
  • Participate in the evaluation and implementation of custom reporting requirements to tailor XFTM operational reviews and the client's visibility to their security program objectives.
  • Enhance XFTM operational support to high severity Security Incidents by facilitating internal, operational communications and conducting post-recovery reviews to identify XFTM lessons learned. Develop and track action plans to address XFTM lessons learned.
  • Review X-Force Red penetration test reports to identify IBM lessons learned. Develop and track action plans to address XFTM lessons learned.
Additional benefits:
  • Internal and external training and certifications
  • Upskilling programs, wide possibilities of skills’ development
  • Multisport card
  • Private medical package (Medicover) and insurance package
  • Fresh fruits in the office
  • Cinema, ski, and mountain trips for IBMers
  • Holiday camps for children
  • Discounts for IBMers (for a wide range of services/products)
  • Social Fund benefits

Required Technical and Professional Expertise
  • Strong Analytical skills
  • Fluency in English
  • Excellent communication skills (written and verbal)
  • Industry certifications (e.g. CISSP, CISM, ITIL, PMP, COBIT, Six Sigma, GIAC)
  • 5+ years of experience with subscription security software and services
  • 5+ years of relevant industry experience in a security analyst, consultant or engineer role
  • Experience working with QRadar or any other SIEM Solution

Preferred Technical and Professional Expertise
  • Bachelor’s degree in engineering, computer science, or business, master’s degree.
  • Technical expertise in network and application threat detection and protection, SIEM, vulnerability scanning, security telemetry configuration and processing, use-case logic, correlation logic and heuristics, and incident response orchestration
  • Familiarity with industry standards and methods such as: Mitre ATT&CK, TAXII & STIX, NIST CSF, and Lockheed Martin Cyber Kill Chain.
  • 10+ years of relevant industry experience in client facing management roles within a technical organization

About Business UnitIBM’s Cloud and Cognitive software business is committed to bringing the power of IBM’s Cloud and Watson/AI technologies to life for our clients and ecosystem partners around the world. IBM provides you with the most comprehensive and consistent approach to development, security and operations across hybrid environments—with complete software solutions for business and IT operations, development, data science, security, and management. Our experts and software capabilities help organizations develop applications once and deploy them anywhere, integrate security across the breadth of their IT estate, and automate operations with management visibility. With IBM, you also have access to new skills and methods, governance and management approaches, and a deep ecosystem of industry experts and partners.
Your Life @ IBMWhat matters to you when you’re looking for your next career challenge?
Maybe you want to get involved in work that really changes the world? What about somewhere with incredible and diverse career and development opportunities – where you can truly discover your passion? Are you looking for a culture of openness, collaboration and trust – where everyone has a voice? What about all of these? If so, then IBM could be your next career challenge. Join us, not to do something better, but to attempt things you never thought possible.
Impact. Inclusion. Infinite Experiences. Do your best work ever.
About IBMIBM’s greatest invention is the IBMer. We believe that progress is made through progressive thinking, progressive leadership, progressive policy and progressive action. IBMers believe that the application of intelligence, reason and science can improve business, society and the human condition. Restlessly reinventing since 1911, we are the largest technology and consulting employer in the world, with more than 380,000 IBMers serving clients in 170 countries.
Location StatementIBM wants you to bring your whole self to work and for you this might mean the ability to work flexibly. If you are interested in a flexible working pattern, please talk to our recruitment team to find out if this is possible in the current working environment.
Being You @ IBMIBM is committed to creating a diverse environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, pregnancy, disability, age, veteran status, or other characteristics. IBM is also committed to compliance with all fair employment practices regarding citizenship and immigration status.