Security Intelligence Analyst (SIA) - Cyber Security

IBM Global Services Delivery Center employs IT professionals across all sectors. This site is fast becoming a “Centre of Excellence” in key areas of the global technology industry. Few places offer as many opportunities to gain knowledge in your field, to work in a stimulating environment and rewards for outstanding performance as IBM. IBM can provide the perfect setting for your career and freedom to enjoy a rich personal life.

Managed Security Services is a pioneer and world leader in software and services that protect corporate and personal information from an ever-changing spectrum of online threats and misuse. MSS core operations are performed in Security Operations Centers (SOC) located in 8 locations around the Globe. SOC Poland is 2nd largest center covering globally all MSS operations.

IBM Security is looking for a Security Intelligence Analyst (SIA). The SIA is responsible for analyzing threats across both the threat landscape in general and threats targeting a specific client or industry’s IT environment, for delivering high quality written reports based on the cyber security analysis of the client’s environment, the client's industry, the client's geography, and the threat landscape in general and makes recommendations to assist clients to reduce their exposure to the IT Security threat.

The SIA monitors and researches security threats, as well as assesses client security data such as Intrusion Detection System (IDS)/ Intrusion Prevention System (IPS) logs, firewall logs, antivirus logs, Directory Services logs, Security Incident and Event Management (SIEM) events and more - searching out and investigating repeating trends, attacks, malicious Internet Protocols (IPs), and anomaly type events.
The SIA conducts scan reviews and provides recommendations to customers with regards to policy tuning recommendations, blocking recommendations, and vulnerability remediation. The SIA provides trend reporting to clients on weekly, biweekly, monthly basis.
Additionally, the SIA provides regular briefings to the client on threat information highlighted in trend reports.
The candidate must possess demonstrated analytic skills, as well as, must be able to communicate effectively to both technical and executive level staff.
Client engagement is a critical focus for this role and customer interaction and collaboration is critically important. The SIA will be required to travel to meet the client face to face, to build their knowledge of the client’s business and develop client insight.

• Performing an analysis of intelligence events or reports that are generated by intelligence source(s);
• Documenting the analysis results which may include (as appropriate):
  • trending of intelligence or security events;
  • Identify known malicious indicators of compromise (IP addresses, file hashes, URLs, domains, etc.), threat actors, attack types, and more;
  • general security threats as well as those which may apply to customer specific environment
  • bench marking of customer by industry and geography
  • recommendations for security policy modifications
  • recommendations for new SIEM use cases / rules / reports
  • deliver high-priority alerts as received and as appropriate to customer
  • provide technical and executive level formal recommendations and reporting
• Perform multiple assigned technical tasks including research, analysis, and root cause analysis of cyber threats and compromises. Have network security product, technology, and Managed Security Services (MSS) specialized skills.
• Have IT Security Industry experience, work regularly with client teams to develop requirements, plan, design, and generate a solution that meet the client security needs. This often includes using tools and methods to analyze, design and implement client solutions.
• Have demonstrated professional, operational, and inter-personal skills to function effectively in collaborative high stakes and high stress situations with clients.
• Able to adjust processes and actions in line with changing environment.
• Proficient in sourcing or producing solutions in time critical situations.
• Provide analytical ability and creativity necessary in developing and implementing solution deliverables for medium size projects or components of a larger project.
  Provide professional and technical guidance to newer or less experienced team personnel. Assist with and, on occasion, assume responsibility for leadership in the analysis, design, or development, or implementation of the deliverable materials.

• At least 2 years’ experience in:
  • Threat Analysis - IT (IDS/IPS) IDS- Intrusion Detection Systems IPS -Intrusion Prevention Systems
  • trending of threat analysis reporting
  • firewall log analysis
  • IDS/IPS log analysis
• At least 1 year experience in experience in analyzing SIEM logs (QRadar or ArcSight)
• Readiness to travel 10-20% annually
• English - fluent

• Work for the best Security Company in Europe (SC winner 2016) and The Best Mobile Security Solution with IBM MaaS360 2016 SC Magazine Europe Awards
• Training and certifications
• Private medical package and insurance package
• Multisport Card
• Working on international projects in multicultural teams
• Good to be an IBMer discounts
• Cinema & trips for IBMers
• Language classes
• Summer camps for children