Level 3 (L3) On-Site Security Operations Center (SOC) Architect
Location:
Remote
Posted:
November 18, 2017
Reference:
114749BR
IBM Security Services has openings for  Level 3 (L3) On-Site Security Operations Center (SOC)Architects. The L3 On-Site SOC Architect will work directly with the client around our SOC/SIEM tooling roadmap, development, testing, deployment, and ongoing maintenance and support of our SOC/SIEM solution design tool suite. 

The L3 On-Site SOC Architect will:
  • Provide technical support to customers (more precise needed)
  • Provide Oversight of Incident Response
    • Oversee/manage status/progress of actions/incidents
  • Can initiate new/changed Use Cases
  • Linking pin for communication (Liaison GID - Ahold L2/L3)
    • Link with SOC/SIEM Manager (GID)
  • Proactive in requirement raising based on threat/vulnerability evolutions
  • Manage 3rd parties (Incident response, plus follow on activities towards 3rd parties not related to Incidents)
  • Responsible for support issues from beginning to end and follows the documented escalation procedures (oversight end2end)
  • Takes an active part in the resolution of problems, even after they are escalated
  • Issue documentation and proactively contacting customers when an issue is resolved to ensure the service provided met or exceeded the customers' expectations
  • Manage assigned trouble ticket queue (assignment, progress, resolution, close)
  • Understanding and exceeding all SLA commitments
  • Knowledge base article submissions (intelligence, procedures, .....)
  • Monitoring and awareness of what is happening in the data security industry, and on various newsgroups/mailing lists regarding security and security products
  • Local regulation awareness
  • Planning, roadmapping, of new use cases to be developed
  • SOC Guru: L3 SME (Incident response is different)
  • US - NL handover across each other 
  • Ensure QA is 'alive'
  • Data source management / log source integration;   contextual information integration  à guidance to L2
    • Note: both RSA and Archer, NetWitness
  • Evaluate log / source 'behaviour', initiate action if needed
  • Ability to effectively communicate on executive level
Positions are located in Greenville, SC and Salisbury, NC.

A little about us:
IBM is the world’s largest information technology company with more than 360,000 employees serving clients in 170 countries.

Know someone who would be interested in this job? Share it with your network.