Job Description

Who We Are Kyndryl is a market leader that thinks and acts like a start-up. We design, build, manage, and modernize the mission-critical technology systems that the world depends on every day. So why work at Kyndryl We are always moving forward - always pushing ourselves to go further in our efforts to build a more equitable, inclusive world for our employees, our customers, and our communities. The Role Your Role and Key Responsibilities: The security consultant support clients in advice, implement, and maintain EDR, XDR, SIEM, Deception and SOAR solutions to mitigate security risks (e.g., insider and external threats, intentional and accidental). Position is for an experienced security professional with demonstrated experience within EDR, XDR, SIEM, Deception and SOAR solutions and Zero Trust architecture. Advise clients on how to best define and implement detection and correlation rules based on Zero Trust core principals of no trust and always verify and identified business risks. Development of high-level and low-level detection and response architecture designs and take ownership of end-end technical delivery of detection and response implementation work for client and ensure what\'s sold is getting delivered to satisfaction of client. Perform detection and response maturity assessments and have experience in formulating roadmaps to bridge existing security gaps. A willingness to go beyond the ordinary to meet and exceed client expectations. Support detection and response opportunity creation and development of client presentations and SOWs. Establish strong client relationships in key accounts to help progress the Security Services portfolio. Contribute content and advice to the offering development process. Perform endpoint security maturity assessments and have experience with formulating roadmaps to bridge existing security gaps. You will help design and implement advanced endpoint threat detection and prevention capabilities and integrate with customers\' existing ecosystems and workflows. Help clients implement endpoint security controls necessary for Zero Trust architecture. Stay current on threats, vulnerabilities and exploits across the industry A willingness to go beyond the ordinary to meet and exceed client expectations. Support endpoint security opportunity creation and development of client presentations and SOWs. Establish strong client relationships in key accounts to help progress the Security Services portfolio. Contribute content and advice to the offering development process. Required Technical and Professional Expertise A minimum of 5 years \'hands on\' experience assessing, designing, and implementing detection and response solutions. Has experience writing complex use case scenarios and correlation rules for multiple detection solutions. Has experience writing response playbooks for multiple response solutions. Experience in implementing, managing, and/or working a Security Operations Center Candidates should possess proven record in advising on detection and response solutions at the Chief Information Security Officer (CISO) and/or Senior Security Manager levels and be recognized for business as well as technical acumen. Experience in delivering detection and response maturity assessments including roadmaps to bridge existing security gaps. As a technical lead/architect, successfully designed and implemented detection and response solutions that supported clients wider Zero Trust architecture. Deep knowledge in Zero Trust Network Access architecture and associated frameworks (E.g., NIST SP 800-207, CISA\'s Zero Trust Maturity Model) The candidate must have exceptional communication and presentation skills as well as must be a self-starter and always exhibit professional business conduct. Stakeholder management and interpersonal skills at both a technical and non-technical level. Must be willing to travel up to 50%, depending on client requirements. Excellent customer service and communication (oral / written) skills required. English: Fluent Strong critical thinking and analytical skills and ability to think \'out of the box\' required. Must be able to work independently or with a team, under minimum supervision. Strong cyber security experience (SOC Analyst, Red Team, Threat Analyst, Security Engineering) Strong system administration experience with common enterprise operating systems including Windows, Linux, and MacOS Knowledge of Utility Scripting (e.g. bash, PowerShell, VBScript, Python, etc.) Knowledge of common cyber security threat hunting and compliance frameworks (HIPAA, SOC2, MITRE ATT&CK, Cyber Kill Chain) Candidates should possess proven record in advising on endpoint security strategy at the Chief Information Security Officer (CISO) and/or Senior Security Manager levels and be recognized for business as well as technical acumen. A minimum of 5 years \'hands on\' experience assessing, designing, and implementing endpoint security technologies. Experience in delivering endpoint security maturity / IT Hygiene assessments including roadmaps to bridge existing security gaps. Deep knowledge in Zero Trust architecture and associated frameworks (E.g., NIST SP 800-207, CISA\'s Zero Trust Maturity Model) The candidate must have exceptional communication and presentation skills as well as must be a self-starter and always exhibit professional business conduct. Stakeholder management and interpersonal skills at both a technical and non-technical level. Must be willing to travel up to 50%, depending on client requirements. Excellent customer service and communication (oral / written) skills required. English: Fluent Strong critical thinking and analytical skills and ability to think \'out of the box\' required. Must be able to work independently or with a team, under minimum supervision. Preferred Technical and Professional Experience MBA or master\'s degree At least 2-year experience in information security consulting working for International Recognized consulting firms. A minimum of 5 years hands on experience with one or more of the following areas: Assess, Advise, and Implementation of Splunk solutions including: Thorough knowledge of Splunk Enterprise Security, SOAR, and UBA Splunk Enterprise Certified Architect Splunk Enterprise Security Certified Admin Splunk SOAR Certified Automation Developer Assess, Advise, and Implementation of Cybereason solutions including: Thorough knowledge of EDR, XDR, Endpoint Controls, Mobile Assess, Advise, and Implementation of Palo Alto Cortex solutions including: Thorough knowledge of Palo Alto XDR, XSOAR, and Xpanse Palo Alto Networks Certified Detection and Remediation Analyst (PCDRA) Palo Alto Networks Certified Security Automation Engineer (PCSAE) Assess, Advise, and Implementation of Deception solutions including: Thorough knowledge of Avocado Systems (Protect and Reveal) or Fortinet FortiDeceptor Assess, Advise, and Implementation of QRadar solutions including: Thorough knowledge of Qradar SIEM, SOAR, NDR, and XDR IBM Certified Deployment Professional - Security Qradar Assess, Advise, and Implementation of Microsoft Defender solutions including: Thorough knowledge of Microsoft Defender for Cloud and Storage, including threat and vulnerability management, Just-in-time (JIT) virtual machine access, File integrity monitoring (FIM), Adaptive application controls (AAC), Adaptive network hardening (ANH), Docker host hardening, Fileless attack detection, . Microsoft Certified: Security Operations Analyst Associate, Information Protection Administrator Associate, and Windows Server Hybrid Administrator Associate Assess, Advise, and Implementation of Tanium solutions including: Thorough knowledge of Tanium Threat Response module and other Tanium modules (Core, Comply, Discover, Enforce). Tanium Certified Administrator Assess, Advise, and Implementation of Crowdstrike solutions including: Thorough knowledge of Crowdstrike Falcon Prevent, Device Control, Insight, Overwatch, and Discover. CrowdStrike Certified Falcon Administrator (CCFA) Assess, Advise, and Operationalize of Asset Tracking, Vulnerability Management, Patching, Endpoint Compliance Management services, including: Thorough knowledge of how to operationalize asset tracking, vulnerability management, patching, endpoint compliance management within larger organizations. Who You Are Job Qualifications Required Education Bachelor\'s Degree Preferred Education Master\'s Degree Being You Diversity is a whole lot more than what we look like or where we come from, it\'s how we think and who we are. We welcome people of all cultures, backgrounds, and experiences. But we\'re not doing it single-handily: Our Kyndryl Inclusion Networks are only one of many ways we create a workplace where all Kyndryls can find and provide support and advice. This dedication to welcoming everyone into our company means that Kyndryl gives you - and everyone next to you - the ability to bring your whole self to work, individually and collectively, and support the activation of our equitable culture. That\'s the Kyndryl Way. What You Can Expect With state-of-the-art resources and Fortune 100 clients, every day is an opportunity to innovate, build new capabilities, new relationships, new processes, and new value. Our employee learning hub gives you access to the best learning in the industry to receive certifications and accreditations, including Microsoft University, AWS Cloud Center of Excellence, Udemy, and the Harvard Business Review. Through our company-wide volunteering and giving platform, you can donate, start fundraisers, volunteer, and search over 2 million non-profit organizations. At Kyndryl, we invest heavily in you! We want you to succeed so that together, we will all succeed.

foundit