Managing Consultant - Cyber Threat Management Consultant

IBM Cyber Threat Management takes a holistic approach to building and operating cyber security and response solutions and capabilities that support the cyber threat management and regulatory compliance needs of the world's largest enterprises. Our team combines robust methodologies for security intelligence and operations with industry-experienced consultants and market-leading technology.

The Senior Managing Security Consultant will take direction from the CTM leader and work directly with the client to ensure the security solutions are implemented or improved according to the client's business requirements. He will work to develop solutions and capabilities to identify, analyze, and respond to cyber attacks, violations, and abuse within the client environment. He will help in business development, building proposals, and meeting clients.

• Manage the day-to-day interactions with various business groups, executive management, and other key business stake-holders.
• Manage or lead the day-to-day operations of a cyber‑defence capability on behalf of the client (if needed/required).
• Develop solution processes, procedures, and information workflows.
• Develop threat models.
• Develop business lead use cases and correlations rules.
• Assist the client and consultant team as needed to ensure all aspects of the project are completed on‑time.
• Establish and manage project plans for the engagements.
• Communicate on a regular basis with the client and with IBM leadership team regarding the overall progress of the project, current challenges, risks, and other information that may impact the project.
• Manage engagement risk and define deliverable content.
• Assist with team selection (recruiting, interviewing, etc).
• Manage skill development, training, and career progression of client solution staff (if needed).
• Develop client solution staffing schedules and training plans.
• Serve as the primary IBM approver for solution processes, procedures, and information workflows for the engagement.
• Engages in peer‑to‑peer dialogue with clients about their industry and their situation.
• Opens new discussions and builds new opportunities with clients.
• Builds strong rapport with clients creating respect and trust.
• Opens new relationship opportunities within the client environment.
• Understands how to construct and gain agreement for business cases.
• Selects appropriate tools available to develop and validate business cases.
• Shapes and influences client attitudes to outcomes and key benefits for both the client and IBM.
• Plan and lead delivery of workshops and facilitated client events.

Bachelor's Degree

• 12+ years working within the information security field, with emphasis on security operations, incident management, intrusion detection and analysis, firewall deployment, compliance efforts, and security event analysis.
• 5+ years experience in managing clients' relationship, performing presentation and building propossals.
• 6+ years experience leading a security operations center team to quickly and completely solve business problems.
• Experience in designing and building security or network operations centers.
• Experience designing, implementing and managing (processes, technology, governance model, people).
• Incident management process development and/or incident management experience.
• Ability to train level 1 and level 2 security operations center analysts/engineers.
• Great customer service skills.
• Strong communication and presentation skills.
• Advanced technical writing skills.
• Strong analytical skills.
• Good project management skills.
• Product knowledge of SIEM: PAN XSIAM, Splunk, MSFT Sentinel.
• Depth of Knowledge in Threat modeling, Use Cases and response runbooks (A Must).
• Experience in building Threat Intelligence and Threat Hunting capabilities.
• Experience with log management or security information management tools.
• Experience with Security Assessment tools (NMAP, Nessus, Metasploit, Netcat).
• Comfortable working in a project based / client serving model.
• Drive client pursuits and engage in complex deals.
• Ability to work with global and diverse teams in a dynamic environment.
• Professional certifications to include CISSP, SANS GCIA, GMON, Cloud certifications are a plus (i.e. AWS).

Language - English