Job Description

Who We Are Kyndryl is a market leader that thinks and acts like a start-up. We design, build, manage, and modernize the mission-critical technology systems that the world depends on every day. So why work at Kyndryl We are always moving forward - always pushing ourselves to go further in our efforts to build a more equitable, inclusive world for our employees, our customers, and our communities. The Role Your Role and Key Responsibilities: The security delivery support clients in managing their Security Operations and protecting their environments to mitigate security risks (e.g., insider and external threats, intentional and accidental). Position is for an experienced security professional with demonstrated experience within Security Operations, Threat Detection & Response, Security Intelligence, CSM (Continuous Security Monitoring) and NSM (Network Security Monitoring) within the SOC operations environment. Lead complex investigations and conduct deep analysis of security events focused on rapid containment, remediation, and mitigation. Lead in the detection, triage, analysis and response to cyber-attacks. Serve as a technical Cyber SME and onsite task lead. Provide insight and expertise to examine malicious code (malware), attack vectors, network communication methods, analyze threats against target systems and networks, determine target network capabilities and vulnerabilities. Training and mentoring Level 1 & Level 2 peers to improve SOC Analyst capability. Engaging across the organization and partnership with a diverse set of IT and business stakeholders, awareness of business needs for delivery and agility and to ensure security topics (operations, engineering, risk, compliance) are integrated and automated properly. Working with Cybersecurity, Information Technology Services teams, and others across the global business organization on practical implementation of SOAR and SOC Runbooks and Playbooks Identifying, monitoring, and reporting on trackable metrics to improve processes, procedures, and overall operational security while minimizing business impact Perform Security Operations maturity assessments, formulate roadmaps to bridge existing security gaps and help accelerate transformation towards SOC maturity. Reviewing SOC Runbooks and Playbooks and determining if good practices are being followed, considering most common cybersecurity threats within clients\' industries, business and Geo locations. Reviewing SOAR and XDR products utilized and determining if they are configured properly. Deploying SOC automation technology through SOAR, Case Management. Reviewing Security Operations Runbooks and Playbooks through assessing SOC threat landscape existing automations and providing recommendations to comply with SOC automation best practices, using applicable cybersecurity framework. A willingness to go beyond the ordinary to meet and exceed client expectations. Required Technical and Professional Expertise Bachelor\'s degree in Computer Science, Cybersecurity, Information Technology, or other related fields, from an accredited university. Equivalent professional experience can be used in lieu of a degree. 8+ years of security analyst experience, preferably in a managed services environment. A minimum of 5 years \'hands-on\' experience on SOC operations (Standard Operations Procedures, Runbook and Playbooks). Experience threat hunting, proactively and iteratively searching to detect advanced threats that evade existing security solutions. Expertise in network, host, and cloud-based security, attack techniques, analysis, and investigation Strong experience with Operating systems (Windows, Linux and MacOS) & IT Architecture Deep understanding of a variety of logs coming from cloud, network or endpoint devices. Expert level understanding of advanced attacks and defense techniques. Experience in Cloud Security monitoring and in advanced analytics (UEBA) Experience with leading security incident response Experience with triaging various disparate anomalies to detect meaningful threat scenarios. Sound experience on programming languages: Python and/or R. and/or PowerShell Experience in REST API interfaces to support data collection or integration. Experience with Data monitoring / Data Science Strong Understanding of the current cyber threat landscape, the different tactics commonly used by adversaries and how you would investigate, contain and recover against their attacks. Deep knowledge in the most common and used frameworks (E.g., NIST CSF, ISO2700x, CMM SOC, etc.) English: Fluent Strong critical thinking and analytical skills and ability to think \'out of the box\' required. Must be able to work independently or with a team, under minimum supervision. Who You Are Preferred Technical and Professional Experience MBA or master\'s degree A minimum of 5 years hands on experience with one or more of the following areas: Operation and Implementation of SIEM solutions including: QRadar or Splunk and Microsoft Sentinel. Operation and Implementation of Security Automation solutions including: Thorough knowledge of SOAR (Security Orchestration Automation & Response) technologies. Desing and Implementation of Monitoring strategy including: Thorough knowledge on defining data sources monitoring based on clients\' business Thorough knowledge on MITRE Frameworks (ATT&CK, D3FEND) Familiar with Cyber Kill Chain Desing and Implementation of Configuration Governance solutions including: Thorough knowledge on how to operationalize ongoing security configuration governance service using SOC standard methodologies, metrics, KPIs, KRIs, Operational Procedures. Cyber Network Operations/Penetration Test Methodologies and tools like Metasploit, Kali Linux, Cobalt Strike Required Education Bachelor\'s Degree Preferred Education Master\'s Degree Being You Diversity is a whole lot more than what we look like or where we come from, it\'s how we think and who we are. We welcome people of all cultures, backgrounds, and experiences. But we\'re not doing it single-handily: Our Kyndryl Inclusion Networks are only one of many ways we create a workplace where all Kyndryls can find and provide support and advice. This dedication to welcoming everyone into our company means that Kyndryl gives you - and everyone next to you - the ability to bring your whole self to work, individually and collectively, and support the activation of our equitable culture. That\'s the Kyndryl Way. What You Can Expect With state-of-the-art resources and Fortune 100 clients, every day is an opportunity to innovate, build new capabilities, new relationships, new processes, and new value. Our employee learning hub gives you access to the best learning in the industry to receive certifications and accreditations, including Microsoft University, AWS Cloud Center of Excellence, Udemy, and the Harvard Business Review. Through our company-wide volunteering and giving platform, you can donate, start fundraisers, volunteer, and search over 2 million non-profit organizations. At Kyndryl, we invest heavily in you! We want you to succeed so that together, we will all succeed.

foundit