**Introduction**
A career in IBM Consulting is built on long-term client relationships and close collaboration worldwide. You’ll work with leading companies across industries, helping them shape their hybrid cloud and AI journeys. With support from our strategic partners, robust IBM technology, and Red Hat, you’ll have the tools to drive meaningful change and accelerate client impact. At IBM Consulting, curiosity fuels success. You’ll be encouraged to challenge the norm, explore new ideas, and create innovative solutions that deliver real results. Our culture of growth and empathy focuses on your long-term career development while valuing your unique skills and experiences.
**Your role and responsibilities**
Handson experience of SOC operations leveraging Palo Alto security stack including Palo Alto Cortex XSIAM, Cortex XSOAR, and Cortex XDR
· Drive end-to-end security monitoring, detection, and response strategy using XSIAM’s unified data and analytics capabilities
· Oversee incident lifecycle management for critical and high-severity incidents ensuring timely containment and resolution
· Design and implement detection use cases, correlation rules, and analytics aligned with MITRE ATT&CK
· Lead automation initiatives by building and optimizing playbooks in XSOAR to reduce manual effort and improve MTTR
· Manage and optimize XDR policies for endpoint protection, behavioral detection, and threat prevention
· Provide strategic direction for log ingestion, data onboarding, and normalization within XSIAM
· Conduct advanced threat hunting leveraging XDR telemetry, causality chains, and behavioral analytics
· Act as escalation point for L2/L3 analysts and guide complex investigations and RCA
· Drive continuous improvement of SOC maturity, detection coverage, and response capabilities
· Collaborate with network, cloud, and IR teams to ensure integrated security operations across environments
· Monitor and report SOC KPIs such as MTTD, MTTR, alert fidelity, and automation efficiency
· Ensure compliance with security frameworks and audit requirements
**Required technical and professional expertise**
· Hands-on experience with SIEM/XDR platforms ,Palo Alto Cortex XSIAM
· Basic scripting skills (Python, PowerShell, or Bash) for automation and enrichment
· Strong analytical thinking and problem-solving capability
**Preferred technical and professional experience**
• Cloud Security Frameworks: Exposure to industry-recognized cloud security frameworks and standards, including knowledge of compliance requirements and regulatory mandates.
• Advanced Threat Analysis: Familiarity with advanced threat analysis and incident response methodologies, including experience with threat intelligence and security analytics tools.
• Zero Trust Architecture: Understanding of zero trust architecture principles and implementation strategies, including experience designing and deploying secure infrastructure solutions.
IBM is committed to creating a diverse environment and is proud to be an equal-opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender, gender identity or expression, sexual orientation, national origin, caste, genetics, pregnancy, disability, neurodivergence, age, veteran status, or other characteristics. IBM is also committed to compliance with all fair employment practices regarding citizenship and immigration status.
Want jobs like this matched to you?
Swoopd scores fresh postings against your résumé so you only see the matches that matter.