Junior Threat Detection Analyst with Security Clearance

---

Job description

Introduction
A career in IBM Consulting is rooted by long-term relationships and close collaboration with clients across the globe. You'll work with visionaries across multiple industries to improve the hybrid cloud and AI journey for the most innovative and valuable companies in the world. Your ability to accelerate impact and make meaningful change for your clients is enabled by our strategic partner ecosystem and our robust technology platforms across the IBM portfolio; including Software and Red Hat. Curiosity and a constant quest for knowledge serve as the foundation to success in IBM Consulting. In your role, you'll be encouraged to challenge the norm, investigate ideas outside of your role, and come up with creative solutions resulting in ground breaking impact for a wide network of clients. Our culture of evolution and empathy centers on long-term career growth and development opportunities in an environment that embraces your unique skills and experience. Your Role and Responsibilities
The Opportunity: Cyber threats are evolving, and perimeter security and automated protection aren't enough-it's time to go threat hunting. We need your cyber knowledge to detect advanced cyber threats in Cloud and O365 environments as well as on servers and endpoints.
We're looking for a Cyber Threat Hunter who can think like a cyber attacker to figure out how to circumvent security measures. This is an opportunity to use your analytical skills and gain network defense experience. You'll learn to rapidly prototype and develop scripts to create haystacks where you'll sift through the false positives to find patterns and indicators.
Learn from our team of Detection Engineers as you find the adversary in the SEIM's blind spot to help us close the gaps and harden their network. This is a chance to think differently about cyber defense, use completely new tools and approaches, and develop the next generation of security analytics. Due to the nature of work performed within this facility, U.S. citizenship is required.
This role requires shift work with a rotating schedule. The shift hours will alternate between 9:00 AM to 9:00 PM and 9:00 PM to 9:00 AM, following a 2 days on, 3 days off pattern. Required Technical and Professional Expertise A minimum of 3 years experience working in cybersecurity with an emphasis in threat hunting and detection engineering
Experience with EDR platforms, including CrowdStrike, or Defender for Endpoint
Experience with conventional network and host-based intrusion analysis, digital forensics, or handling malware
Experience with hunt teams, cyber threat intelligence, incident response, or security operations teams
Knowledge of security principles, including MITRE framework, threat landscapes, or attacker TTPs
Knowledge on Security Tools in Application, Data, Networks, and Endpoint layers
Ability to leverage internal and external resources for research threats, vulnerabilities, and intelligence on various attackers and attack infrastructure
Ability to identify anomalous behavior on endpoint devices or network communications
Security+ CertificationThis position requires the ability to obtain and maintain a Public Trust Clearance. Applicants must be U.S. citizens and eligible to work in the United States. Preferred Technical and Professional Expertise Experience with non-Windows operating systems, including MacOS and Linux
Experience with Web Application Firewall (WAF) and web based attacks
Experience with endpoint telemetry, Carbon Black, FireEye HX, Falcon, Tanium, or Endgame
Ability to write scripts, including Python, Powershell, and Bash

<!– job description page –>