Skip to main content

Security Information & Event Management (SIEM) - TIER 2

Apply now
Locations Mexico City, Mexico
Job ID 598339BR
Date posted 01/17/2023
Primary Job Area Technical Specialist

Why Kyndryl

Our world has never been more alive with opportunities and, at Kyndryl, we’re ready to seize them. We design, build, manage and modernize the mission-critical technology systems that the world depends on every day. Kyndryl is at the heart of progress — dedicated to helping companies and people grow strong. Our people are actively discovering, co-creating, and strengthening. We push ourselves and each other to seek better, to go further, and we carry this energy to our customers. At Kyndryl, we want you to keep growing, and we’ll provide plenty of opportunities to make that happen. Please be aware that we have the Kyndryl candidate zone hosted by IBM for a certain period. If you have applied for an IBM role previously, you will be able to log into the candidate zone using your previous IBM log in details. When in the candidate zone, you will be able to see your previous applications for both IBM and Kyndryl. For further information on privacy, please visit www.kyndryl.com/privacy.

Your Role and Responsibilities

Primary functions include governance, oversight, and leadership for operational security activities, change requests, tuning and SLA/Service Quality metrics. Security Specialists assist in finding the proper balance between enabling and securing in relation to the client's organization, culture and ecosystem. Typical examples of the deliverables include asset classification models, risk analysis reports, information security policies, security solution scenarios, implementation plans, organization models, procedures, security services, security effectiveness evaluation reports and security awareness workshops. In this role specialty, the Security Specialist has expertise in the Security Incident & Event Management (SIEM) Security products.

Key responsibilies:
* Managing data inputs, indexing, data retention, on the SIEM platforms, as well as user access and privileges on the platforms.
* Manages the Deployment Server and our fleet of Universal Forwarders.
* Ensures (with the help of vendors/partners) data is normalized, optimized, and high fidelity.
* Contribute to detection engineering to enhance and improve the platforms.
* Support and contribute to cyber security investigations and cases.
* Contribute to the selection and implementation of new technology and solutions, including in the assistance of the development of business cases.

Required Technical and Professional Expertise

• Advanced knowledge and experience of Cyber Security and evidence of working as a SIEM Engineer with previous experience in software, including architectural design, configuring, operating, and problem-solving activities
• 3+ years of experience in SOC operation or incident response
• As a senior member of the team, you will be accountable for the technical elements of complex work packages, working closely with customers and internal stakeholders to deliver comprehensive SIEM Management and support
• A good understanding of implementing use cases and operational models or specific security solutions to meet the customer’s requirement and anunderstanding of how SIEM solution
• Support SOCs
• Provide a Technical Escalation Point during security incidents and advise on mitigation measures
• Support the customer with the creation of complex reports and dashboards, manage alarms and usage cases as and when required
• Drive to maintain a keen understanding of evolving threats and vulnerabilities to ensure the security of customer networks
• Update Protective Monitoring/SIEM documentation, processes, and procedures and ensure validity as required
• Good knowledge of RegEx, SPL, ITSI, ES, Ansible, and GIT Expert knowledge and hands-on experience in LogRhythm, Rapid 7, Arcsight, Azure Sentinel, Splunk, or any other SIEM tool
• Knowledge of ITIL disciplines such as Incident, Problem, and Change Management
• Good knowledge of network, security, and application security
• Practical Experience in the architecture and engineering of security solutions and ICT
• Understanding of legislative demands and compliance requirements mitigated through SIEM
• Experience with the supporting policy, procedures, and practices required to deliver and maintain an effective operational SIEM solution
• Operational experience in a Security Operations, Cyber Defense, or Threat Intelligence Centers is preferred
• SIEM-related certifications for Administration, implementation, deployment, architecture
• Ability to orchestrate a response to security incidents
• Ability to work in a high-pressure environment with changing priorities

Preferred Technical and Professional Experience

• SIEM Tier 2 Administrator

Required Education

Bachelor's Degree

Being You @ Kyndryl

Kyndryl is committed to creating a diverse environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, pregnancy, disability, age, veteran status, or other characteristics. Kyndryl is also committed to compliance with all fair employment practices regarding citizenship and immigration status.

Other things to know

For additional information about location requirements, please discuss with the recruiter following submission of your application.

Primary Job Category

Technical Specialist

Role (Job Role)

Security Specialist

Employment Type

Full-Time

Contract Type

Regular

Position Type

Professional

Travel Required

No Travel

Company

(Y045) Kyndryl Mexico S. de R.L. de C.V.

Is this role a commissionable / sales incentive based position

No

Apply now

Jobs for you

You haven’t saved any jobs yet, but when you find an opportunity that seems right for you, star it so you can return to it easily.

As you search for opportunities that fit your skills, any jobs you view will appear here.