SOC Analyst
IBM
SOC Analyst
Job Description
SOC Analyst
📋 Job Overview
The SOC Analyst at IBM is responsible for deep-dive investigation, advanced analysis, and resolution of security incidents escalated from automated systems. They work closely with CDC and engineering teams to ensure incidents are accurately classified, mitigated, and documented, providing contextual threat analysis and remediation.
📍 Location: BUDAPEST, HU (Remote/Hybrid)
💼 Career Level: Professional
🎯 Key Responsibilities
- Independently analyse SIEM alerts in Splunk, correlate across multiple data sources, and enrich with threat intelligence feeds
- Conduct root-cause analysis and propose improvements to detection logic
- Collaborate with engineering teams to enhance Splunk detection rules and SOPs
- Validate escalations and ensure incident creation in ticketing platform e.g. Service Now is accurate
- Analyse complex e-mail or hotline cases that fall outside SOPs
- Perform in-depth triage and investigation of CrowdStrike Falcon incidents
- Correlate alerts with endpoint telemetry, Splunk logs, and threat intelligence
- Take pre-approved remediation actions via automated workflows
- Conduct root-cause analysis on recurring incidents
- Recommend whitelist/blacklist updates to reduce false positives
- Analyse suspicious emails, including attachment and URL behavioural analysis
- Initiate mitigation measures (IoC blocking, proxy actions, sandbox validation)
- Classify severity and escalate critical events to CDC
- Produce intelligence reports on emerging email-borne threats
- Support continuous improvement of workflows and operational procedures
✅ Required Qualifications
- 1–4 years of SOC analyst or incident response experience
🛠️ Required Skills
- Splunk
- SIEM
- Threat intelligence
- Root-cause analysis
- Detection logic
- Collaboration
- Service Now
- CrowdStrike Falcon
- Endpoint telemetry
- Automated workflows
- Whitelist/blacklist management
- Email analysis
- URL analysis
- Mitigation measures
- IoC blocking
- Proxy actions
- Sandbox validation
- Severity classification
- Intelligence reporting
- Workflow improvement
- Operational procedures
🎁 Benefits & Perks
- Opportunity to learn and develop career
- Encouragement to be courageous and experiment
- Continuous trust and support in an inclusive environment
- Flexible working pattern
Locations
- BUDAPEST, HU, India (Remote)
Salary
Estimated Salary Rangemedium confidence
800,000 - 1,500,000 INR / yearly
Source: ai estimated
* This is an estimated range based on market data and may vary based on experience and qualifications.
Skills Required
- Splunkintermediate
- SIEMintermediate
- Threat intelligenceintermediate
- Root-cause analysisintermediate
- Detection logicintermediate
- Collaborationintermediate
- Service Nowintermediate
- CrowdStrike Falconintermediate
- Endpoint telemetryintermediate
- Automated workflowsintermediate
- Whitelist/blacklist managementintermediate
- Email analysisintermediate
- URL analysisintermediate
- Mitigation measuresintermediate
- IoC blockingintermediate
- Proxy actionsintermediate
- Sandbox validationintermediate
- Severity classificationintermediate
- Intelligence reportingintermediate
- Workflow improvementintermediate
- Operational proceduresintermediate
Required Qualifications
- 1–4 years of SOC analyst or incident response experience (experience)
Responsibilities
- Independently analyse SIEM alerts in Splunk, correlate across multiple data sources, and enrich with threat intelligence feeds
- Conduct root-cause analysis and propose improvements to detection logic
- Collaborate with engineering teams to enhance Splunk detection rules and SOPs
- Validate escalations and ensure incident creation in ticketing platform e.g. Service Now is accurate
- Analyse complex e-mail or hotline cases that fall outside SOPs
- Perform in-depth triage and investigation of CrowdStrike Falcon incidents
- Correlate alerts with endpoint telemetry, Splunk logs, and threat intelligence
- Take pre-approved remediation actions via automated workflows
- Conduct root-cause analysis on recurring incidents
- Recommend whitelist/blacklist updates to reduce false positives
- Analyse suspicious emails, including attachment and URL behavioural analysis
- Initiate mitigation measures (IoC blocking, proxy actions, sandbox validation)
- Classify severity and escalate critical events to CDC
- Produce intelligence reports on emerging email-borne threats
- Support continuous improvement of workflows and operational procedures
Benefits
- general: Opportunity to learn and develop career
- general: Encouragement to be courageous and experiment
- general: Continuous trust and support in an inclusive environment
- general: Flexible working pattern
Tags & Categories
Answer 10 quick questions to check your fit for SOC Analyst @ IBM.
10 Questions
~2 Minutes
Instant Score
Related Books and Jobs
SOC Analyst
IBM
SOC Analyst
Job Description
SOC Analyst
📋 Job Overview
The SOC Analyst at IBM is responsible for deep-dive investigation, advanced analysis, and resolution of security incidents escalated from automated systems. They work closely with CDC and engineering teams to ensure incidents are accurately classified, mitigated, and documented, providing contextual threat analysis and remediation.
📍 Location: BUDAPEST, HU (Remote/Hybrid)
💼 Career Level: Professional
🎯 Key Responsibilities
- Independently analyse SIEM alerts in Splunk, correlate across multiple data sources, and enrich with threat intelligence feeds
- Conduct root-cause analysis and propose improvements to detection logic
- Collaborate with engineering teams to enhance Splunk detection rules and SOPs
- Validate escalations and ensure incident creation in ticketing platform e.g. Service Now is accurate
- Analyse complex e-mail or hotline cases that fall outside SOPs
- Perform in-depth triage and investigation of CrowdStrike Falcon incidents
- Correlate alerts with endpoint telemetry, Splunk logs, and threat intelligence
- Take pre-approved remediation actions via automated workflows
- Conduct root-cause analysis on recurring incidents
- Recommend whitelist/blacklist updates to reduce false positives
- Analyse suspicious emails, including attachment and URL behavioural analysis
- Initiate mitigation measures (IoC blocking, proxy actions, sandbox validation)
- Classify severity and escalate critical events to CDC
- Produce intelligence reports on emerging email-borne threats
- Support continuous improvement of workflows and operational procedures
✅ Required Qualifications
- 1–4 years of SOC analyst or incident response experience
🛠️ Required Skills
- Splunk
- SIEM
- Threat intelligence
- Root-cause analysis
- Detection logic
- Collaboration
- Service Now
- CrowdStrike Falcon
- Endpoint telemetry
- Automated workflows
- Whitelist/blacklist management
- Email analysis
- URL analysis
- Mitigation measures
- IoC blocking
- Proxy actions
- Sandbox validation
- Severity classification
- Intelligence reporting
- Workflow improvement
- Operational procedures
🎁 Benefits & Perks
- Opportunity to learn and develop career
- Encouragement to be courageous and experiment
- Continuous trust and support in an inclusive environment
- Flexible working pattern
Locations
- BUDAPEST, HU, India (Remote)
Salary
Estimated Salary Rangemedium confidence
800,000 - 1,500,000 INR / yearly
Source: ai estimated
* This is an estimated range based on market data and may vary based on experience and qualifications.
Skills Required
- Splunkintermediate
- SIEMintermediate
- Threat intelligenceintermediate
- Root-cause analysisintermediate
- Detection logicintermediate
- Collaborationintermediate
- Service Nowintermediate
- CrowdStrike Falconintermediate
- Endpoint telemetryintermediate
- Automated workflowsintermediate
- Whitelist/blacklist managementintermediate
- Email analysisintermediate
- URL analysisintermediate
- Mitigation measuresintermediate
- IoC blockingintermediate
- Proxy actionsintermediate
- Sandbox validationintermediate
- Severity classificationintermediate
- Intelligence reportingintermediate
- Workflow improvementintermediate
- Operational proceduresintermediate
Required Qualifications
- 1–4 years of SOC analyst or incident response experience (experience)
Responsibilities
- Independently analyse SIEM alerts in Splunk, correlate across multiple data sources, and enrich with threat intelligence feeds
- Conduct root-cause analysis and propose improvements to detection logic
- Collaborate with engineering teams to enhance Splunk detection rules and SOPs
- Validate escalations and ensure incident creation in ticketing platform e.g. Service Now is accurate
- Analyse complex e-mail or hotline cases that fall outside SOPs
- Perform in-depth triage and investigation of CrowdStrike Falcon incidents
- Correlate alerts with endpoint telemetry, Splunk logs, and threat intelligence
- Take pre-approved remediation actions via automated workflows
- Conduct root-cause analysis on recurring incidents
- Recommend whitelist/blacklist updates to reduce false positives
- Analyse suspicious emails, including attachment and URL behavioural analysis
- Initiate mitigation measures (IoC blocking, proxy actions, sandbox validation)
- Classify severity and escalate critical events to CDC
- Produce intelligence reports on emerging email-borne threats
- Support continuous improvement of workflows and operational procedures
Benefits
- general: Opportunity to learn and develop career
- general: Encouragement to be courageous and experiment
- general: Continuous trust and support in an inclusive environment
- general: Flexible working pattern
Tags & Categories
Answer 10 quick questions to check your fit for SOC Analyst @ IBM.
10 Questions
~2 Minutes
Instant Score
Related Books and Jobs