Level 3 (L3) On-Site Security Operations Center (SOC) Architect

  • Company: IBM
  • Posted: November 14, 2017
  • Reference ID: 114749BR
IBM Security Services has openings for  Level 3 (L3) On-Site Security Operations Center (SOC)Architects. The L3 On-Site SOC Architect will work directly with the client around our SOC/SIEM tooling roadmap, development, testing, deployment, and ongoing maintenance and support of our SOC/SIEM solution design tool suite. 

The L3 On-Site SOC Architect will:
  • Provide technical support to customers
  • Provide Oversight of Incident Response
    • Oversee/manage status/progress of actions/incidents
  • Can initiate new/changed Use Cases
  • Linking pin for communication (Liaison GID - Ahold L2/L3)
    • Link with SOC/SIEM Manager (GID)
  • Proactive in requirement raising based on threat/vulnerability evolutions
  • Manage 3rd parties (Incident response, plus follow on activities towards 3rd parties not related to Incidents)
  • Responsible for support issues from beginning to end and follows the documented escalation procedures (oversight end2end)
  • Takes an active part in the resolution of problems, even after they are escalated
  • Issue documentation and proactively contacting customers when an issue is resolved to ensure the service provided met or exceeded the customers' expectations
  • Manage assigned trouble ticket queue (assignment, progress, resolution, close)
  • Understanding and exceeding all SLA commitments
  • Knowledge base article submissions (intelligence, procedures, .....)
  • Monitoring and awareness of what is happening in the data security industry, and on various newsgroups/mailing lists regarding security and security products
  • Local regulation awareness
  • Planning, roadmapping, of new use cases to be developed
  • SOC Guru: L3 SME (Incident response is different)
  • US - NL handover across each other 
  • Ensure QA is 'alive'
  • Data source management / log source integration;   contextual information integration  à guidance to L2
    • Note: both RSA and Archer, NetWitness
  • Evaluate log / source 'behaviour', initiate action if needed
  • Ability to effectively communicate on executive level
Positions are located in Greenville, SC and Salisbury, NC.

Share this Job