Job Description

Introduction
At IBM, work is more than a job - it\'s a calling: To build. To design. To code. To consult. To think along with clients and sell. To make markets. To invent. To collaborate. Not just to do something better, but to attempt things you\'ve never thought possible. Are you ready to lead in this new era of technology and solve some of the world\'s most challenging problems? If so, lets talk.

Your Role and Responsibilities
We are looking for experts in User Behaviour Entity Analytics on any of the premium technologies (QRadar , GURUCUL, ActivTrak / Teramind / Rapid7 / Splunk ) with a deep understanding of fine tuning, optimization, and SOC operations using UEBA.

Responsibilities :

• To provide UEBA technology leadership from the OEM to the customer
• Own the entire UEBA implementation, maintenance and support
• Lead and manage all UEBA related SOC operations
• Integration of UEBA with other tools and solutions
• Single point of contact to the Bank\'s stakeholders and OEM
• Own and maintain the architecture of the UEBA solution
• Work with the bank to define the necessary use cases to mature and evolve the UEBA setup
• Improvise threat hunting capabilities with UEBA. Continuous development of analytical, statistical, mathematical models leveraging AI/ML capabilities of the technology to threat detection and prediction capabilities and put in place advanced use cases
• Optimize performance and fine tune the configuration, rules, policies etc. on a continuous basis.
• Work with SOAR team to operationalize and automate remediation where ever possible to achieve SOC maturity
• Provide necessary support during audits, forensics investigation and threat hunting
• Prepare road map for product maturity and enhancements plan and ensure the recommended featured deliver within the agreed times.
• Represent the OEM in meetings, discussions etc. to provide technology specific perspective to top stakeholders at the bank. Make presentations on the current technology capabilities, use cases, automation done etc. and current and future enhancements / roadmap etc.

• Proven experience in cybersecurity, including hands-on experience with UEBA tools and technologies.
• Strong understanding of cybersecurity principles, network protocols, and information security best practices.
• Familiarity with data analysis, statistics, and machine learning concepts.
• Proficiency in scripting languages (e.g., Python) for data manipulation and automation.
• Ability to interpret and analyze logs, access records, and other relevant data sources.
• Excellent problem-solving skills and attention to detail.
• Strong communication skills to convey complex technical information to both technical and non-technical stakeholders.
• Relevant certifications such as Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), Certified UEBA Professional (CUP), or similar, are a plus.
• Experience with SIEM (Security Information and Event Management) systems and threat intelligence feeds is desirable.

• Preferably Splunk Certified Architect having good knowledge of Splunk / Qradar / SIEM implementations
• Proven documentation and verbal communication skills.

IBM