Security Consultant SAF & MEA at Kyndryl

Your Role And Responsibilities
The expectation from this role is to lead the consult customers for the design and implementation of complementary security technologies to enable entrprise security aspects of any IT environment.

• Security Consultant should be able to analyze and refine the technology requirements along with business requirements to identify and evaluate technology alternatives.
• Security Consultant should be able to identify and document technology requirements (functional and non-functional) needed for an enterprise IT .
• Security Consultant should be able team up specialists in order to cover all required skills for design and implementation activities.
• Security Consultant should lead a team of architects and specialists to come up with a holistic roadmap for security technologies as well as design and implementation plan.
• Security Consultant should lead the discussions with 3rd party vendors and providers.
• Security Consultant should be able to review existing operational model (manuals, policies and procedures) and recommend changes required to effective operations.

Required Technical And Professional Expertise

• Experience with large scale IT infrastructure projects covering design, implementation, upgrade or migration of datacenter components.
• Experience with IT projects of at least one of strategic disruptive technologies is preferred (XaaS, Container platform, Automation, IoT, SDN, Cognitive Systems etc.)
• Ability to take the lead in conflict resolution and coordination of multi-disciplinary groups
• Strong written and oral communication skills, and the ability to effectively communicate with technical and non-technical audiences
• At least 5 years of experience in related position with at least 10 years’ experience in IT industry
• Remediation design and documentation
• Threat analyzing on given business environment
• Statistical analysis of log data, including creating custom log parsers
• Troubleshooting SIEM platform related issues
• Completed SIEM projects as onboarding specialist
• Use case development for applications and infrastructure technologies
• Technical implementation of following technologies or similars to IBM QRadar SIEM solution, Windows OS, Linux/Unix, Oracle RDBMS, SQL Server, Sharepoint, IIS, Apache, Salesforce
• Conducting Penetration Tests (Social Engineering Testing, Mobile Application Security, Web Application Security, Database Systems, DDOS Testing, Domains and End-User Computers, Network Topology and Active Devices, Wireless Network Systems, VOIP Security)

Experience at least two of below areas:
Security Intelligence & Operations Consulting:

• Developing more maturity in intelligence-driven security operations across all environments. Assessing security posture and maturity against best practices in security. Building, designing or improving security operations center (SOC).

CyberSecurity Assessment And Response:

• Delivering cybersecurity assessments, penetration testing, planning and response services, with proven expertise from mainframe to mobile.

Security Strategy, Risk and Compliance:

• Evaluating existing security practices—including payment card industry (PCI) security, identity and IT regulatory compliance needs and gaps— against business requirements and objectives. Delivering a wide range of capabilities—from security program development, to regulatory and standards compliance, to security education and training.

Identity & Access Management Services:

• Evaluating and designing every aspect of identity and access management across enterprises, including user provisioning, certification, Identity Governance technologies, web access management, enterprise single sign-on, multi-factor authentication, and user activity compliance.

Data & Application Security Services:

• Incorporating a risk-balanced strategy along with data protection technology to more cost effectively help safeguard organizations' critical information and sensitive data for enterprise applications.

Preferred Technical And Professional Experience
At least two of following technologies:

1. Data Access Management
2. Identity Management
3. SIEM
4. Directory Services
5. SMTP Gateway

• Concepts and architecture for High Availability and Clustering of Security technologies
• Certified on at least one of security profession levels (CISO , CISA, SSCP, CISSP etc.)
• Experience on cloud security concepts and technologies (GCP, AWS, Azure)
• Experience in at least one of the Proxy technologies (Bluecoat, Cisco Ironport etc.)
• Experience in at least one of the Web application firewall technologies

Required Education

• None

Preferred Education

• Bachelor's Degree