Cybersecurity Subject Matter Expert

Who We Are At Kyndryl we design build manage and modernize the mission-critical technology systems that the world depends on every day So why work at Kyndryl We are always moving forward - always pushing ourselves to go further in our efforts to build a more equitable inclusive world for our employees our customers and our communities The Role Kyndryl s Security Resiliency is one of our most critical practices ensuring enterprises regardless of their size and complexity remain secure available reliable and resilient We take Cybersecurity seriously We re not just invested we re committed We re not just protecting data we re empowering Kyndryl is committed to making the world safer not only by investing in state-of-the-art services and technologies but also by empowering underserved communities with essential cyber skills When you walk through our doors you re not only joining a team but you re also becoming part of a legacy Welcome to Kyndryl where Cybersecurity isn t just a job - it s a passion a commitment to designing running and managing the most modern and reliable technology infrastructure that the world depends on every day As a Cybersecurity Defense professional at Kyndryl you will encompass cybersecurity incident response security operations vulnerability management and the world of cyber threat hunting and security intelligence analysis all to protect the very heartbeat of organizations - their infrastructure Responsibilities Design Implementation Lead the design configuration and implementation of Cortex XSIAM solutions ensuring they meet organizational security requirements and integrate with existing infrastructure Expertise in XSIAM Deep understanding of the XSIAM platform its features and capabilities including log ingestion correlation rules detection strategy and integration with other security tools Keep up to date with the latest XSIAM features releases and security threats ensuring ongoing expertise Log Ingestion and Optimization Devise and implement log ingestion strategies ensuring high-quality log sources are ingested Monitor and optimize log sources for performance Detection Strategy Design and implement effective detection strategies including the creation and tuning of correlation rules to identify and alert on potential threats Correlation Rules Create and fine-tune correlation rules to enhance security detections Automation Orchestration Develop and maintain automated workflows playbooks and integrations to streamline incident response threat detection and security operations Platform Optimization Continuously monitor tune and optimize Cortex XSIAM performance ensuring high availability and scalability Security Operations Collaboration Collaborate with Security Operations Center SOC teams to enhance incident management response times and threat intelligence sharing Integration with Security Tools Integrate Cortex XSIAM with SIEM EDR threat intelligence platforms and other security tools to create a comprehensive security ecosystem Problem Solving Identify analyze and resolve technical issues related to XSIAM providing effective solutions Documentation and Reporting Create and maintain technical documentation training materials and knowledge base articles for XSIAM Maintain detailed documentation for system configurations integrations and workflows Provide regular status reports to management on platform performance and incident metrics Best Practices Establish and maintain best practices for Cortex XSIAM configuration workflow design and incident response Understanding of cybersecurity threats vulnerabilities and industry best practices Customer Support and Consulting Serve as a subject matter expert providing consultative guidance to end-users on optimizing XSIAM usage Training Support Provide training to internal teams and clients on Cortex XSIAM features workflows and incident response protocols Act as a go-to resource for troubleshooting and technical support Innovation Continuous Improvement Stay current with the latest developments in Cortex XSIAM and cybersecurity automation bringing innovative ideas to enhance security operations Incident Management and Investigation Assist in the design and execution of automated response playbooks for common and emerging threats ensuring rapid and effective resolution of incidents Participate in incident response activities including investigating security alerts and supporting incident resolution Collaboration Foster collaboration with internal and external teams to drive product adoption Threat Hunting May be involved in proactive threat hunting activities identifying potential vulnerabilities and threats In this role you won t just monitor you ll actively engage in the relentless hunt for cyber adversaries In a world where every click and keystroke could be a potential gateway for attackers your role will be nothing short of critical as you seek out advanced threats attackers and Indicators of Compromise IOCs Your expertise in endpoint detection and response EDR will be the shield that safeguards individual workstations laptops servers and other devices from cybercrime Your responsibilities go beyond vigilance When it comes to network security you ll utilize Network Detection and Response NDR to monitor the ever-flowing currents of network traffic The incident management process will be used as you respond and manage to cybersecurity incidents Cybersecurity Defense is all about information You ll gather analyze and interpret data applying your own and external threat intelligence to uncover potential security threats and risks These insights and your ability to analyze complex attack scenarios will be the foundation of our security strategy - helping Kyndryl stay one step ahead of security breaches In Cybersecurity Defense at Kyndryl you re not just protecting the present - you re shaping the future of digital security Join us on this cybersecurity venture where your expertise and creativity will have a lasting impact in the world of digital defense Your Future at Kyndryl When you join Kyndryl you re not just joining a company - you re entering a space of opportunities Our partnerships with industry alliances and vendors mean you ll have access to skilling and certification programs needed to excel in Security Resiliency while simultaneously supporting your personal growth Whether you envision your career path as a technical leader within cybersecurity or transition into other technical consulting or go-to-market roles - we re invested in your journey Who You Are You re good at what you do and possess the required experience to prove it However equally as important - you have a growth mindset keen to drive your own personal and professional development You are customer-focused - someone who prioritizes customer success in their work And finally you re open and borderless - naturally inclusive in how you work with others Required Skills and Experience 8 to 10 years of security analyst experience preferably in a managed services environment in XSIAM Engineer In-depth expertise in Palo Alto Networks Cortex XSIAM XSOAR platform Proficient in scripting languages e g Python JavaScript for creating automated workflows and integrations Strong understanding of security technologies such as SIEM SOAR EDR XDR and threat intelligence platforms Hands-on experience with Cortex XSIAM integrations e g RESTful APIs webhooks etc Experience with developing and tuning playbooks tasks and workflows within the Cortex XSIAM platform Knowledge of security best practices and frameworks such as MITRE ATT CK NIST ISO 27001 etc Preferred Skills and Experience Cortex XSOAR certification e g Palo Alto Networks Cortex XSOAR Certified Automation Engineer Security Operations and Incident Response certifications e g GIAC SOC Analyst Being You Diversity is a whole lot more than what we look like or where we come from it s how we think and who we are We welcome people of all cultures backgrounds and experiences But we re not doing it single-handily Our Kyndryl Inclusion Networks are only one of many ways we create a workplace where all Kyndryls can find and provide support and advice This dedication to welcoming everyone into our company means that Kyndryl gives you - and everyone next to you - the ability to bring your whole self to work individually and collectively and support the activation of our equitable culture That s the Kyndryl Way What You Can Expect With state-of-the-art resources and Fortune 100 clients every day is an opportunity to innovate build new capabilities new relationships new processes and new value Kyndryl cares about your well-being and prides itself on offering benefits that give you choice reflect the diversity of our employees and support you and your family through the moments that matter - wherever you are in your life journey Our employee learning programs give you access to the best learning in the industry to receive certifications including Microsoft Google Amazon Skillsoft and many more Through our company-wide volunteering and giving platform you can donate start fundraisers volunteer and search over 2 million non-profit organizations At Kyndryl we invest heavily in you we want you to succeed so that together we will all succeed Get Referred If you know someone that works at Kyndryl when asked How Did You Hear About Us during the application process select Employee Referral and enter your contact s Kyndryl email address