Introduction The IBM CISO SOC in Amsterdam is expanding into a multi-disciplinary team that protects the IBM organization around the clock against threats both internal and external, with a focus on
The IBM CISO SOC in Amsterdam is expanding into a multi-disciplinary team that protects the IBM organization around the clock against threats both internal and external, with a focus on EU-located assets and networks. To do this, we perform security event detection, response and remediation. We work closely together with other teams such as forensic analysts, threat hunters, threat intelligence and platform engineers. As time is our most valuable resource, we’d rather not look at the same false positive more than once so automation and tuning is key.
Your Role and Responsibilities
We are looking for analytical and curious brains with a focus on security, in addition to knowledge about network protocols and operating systems to put the information we receive in context. This information could be detections in our EDR consoles, security issues brought to our attention by fellow IBM’ers, input we receive from our Threat Intelligence analysts or results of our own pro-active threat hunting activities.
Our team is not your average SOC where you are looking at alerts and based on a playbook pass it on to the next team. We expect you, as our analyst, to be able to think outside of the box and independently work on detections. This means reducing false positives by making tuning suggestions, and handle true positives by working through the stages of analysis, containment, eradication and recovery. IBM is a big organization with a heterogeneous environment, you will be talking with people all over the globe on a daily basis.
This position is open to both junior and senior candidates, with benefits that scale along with the knowledge and experience you bring to the team. For junior candidates the most important asset will be your curiosity and ability to learn quickly.
This job role requires shift work.
Please note: if you’re not yet living and working in The Netherlands you will need to relocate and obtain a working permit before the job starts.
Working from home is an option but not all of the time; we believe that a strong team bond is something that’s hard to build over WebEx or Microsoft Teams. Also we’d love to just chat with you at the watercooler!
Required Technical and Professional Expertise
- Experience with Linux, Windows and/or MacOS systems as a power-user, developer, or administrator.
- Experience with security tools (Crowdstrike Falcon EDR, Microsoft Defender for Endpoint, QRadar SIEM) is a plus, but not required. Knowing principles is more important than remembering tool specifics.
- Recognizing and creating patterns, both figuratively and literally: for example writing regular expressions for tuning rule suggestions.
- Analytical and critical thinking combined with good problem-solving skills
- Passion for information security
- Able to work independently as well as collaborate inside and outside the team.
- Strong written and verbal skills (English)
- A pragmatic approach to security, keeping the needs of our customers (the rest of IBM) in mind.
Preferred Technical and Professional Expertise
About Business Unit
IBM Systems helps IT leaders think differently about their infrastructure. IBM servers and storage are no longer inanimate – they can understand, reason, and learn so our clients can innovate while avoiding IT issues. Our systems power the world’s most important industries and our clients are the architects of the future. Join us to help build our leading-edge technology portfolio designed for cognitive business and optimized for cloud computing.
Your Life @ IBM
Are you craving to learn more? Prepared to solve some of the world’s most unique challenges? And ready to shape the future for millions of people? If so, then it’s time to join us, express your individuality, unleash your curiosity and discover new possibilities.
Every IBMer, and potential ones like yourself, has a voice, carves their own path, and uses their expertise to help co-create and add to our story. Together, we have the power to make meaningful change – to alter the fabric of our clients, of society and IBM itself, to create a truly positive impact and make the world work better for everyone.
It’s time to define your career.
IBM’s greatest invention is the IBMer. We believe that through the application of intelligence, reason and science, we can improve business, society and the human condition, bringing the power of an open hybrid cloud and AI strategy to life for our clients and partners around the world.
Restlessly reinventing since 1911, we are not only one of the largest corporate organizations in the world, we’re also one of the biggest technology and consulting employers, with many of the Fortune 50 companies relying on the IBM Cloud to run their business.
At IBM, we pride ourselves on being an early adopter of artificial intelligence, quantum computing and blockchain. Now it’s time for you to join us on our journey to being a responsible technology innovator and a force for good in the world.
IBM wants you to bring your whole self to work and for you this might mean the ability to work flexibly. If you are interested in a flexible working pattern, please talk to our recruitment team to find out if this is possible in the current working environment.
Being You @ IBM
IBM is committed to creating a diverse environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, pregnancy, disability, age, veteran status, or other characteristics. IBM is also committed to compliance with all fair employment practices regarding citizenship and immigration status.