Jobs · Information Technology · Texas

Security Operations Center Engineer

IBM · Austin, TX · 2 wk ago
On-siteInformation TechnologyFull-time

Role Overview

The SOC Engineering team at IBM Infrastructure & Technology focuses on enhancing how security operations function, making detection and response processes faster, smarter, and more scalable. This role involves building and optimizing next-generation detection and response capabilities, including SIEM and detection engineering, automation, AI-driven security, telemetry integration, and analyst enablement.

Key Responsibilities

  • Manage and optimize SIEM platforms, including ingestion, parsing, correlation, and performance
  • Build and tune high-quality detections across SIEM, EDR/XDR, cloud, identity, and network environments
  • Improve signal quality, reduce false positives, and expand detection coverage
  • Translate threat intelligence and incident learnings into actionable detections
  • Troubleshoot data quality issues, telemetry gaps, and platform performance
  • Partner with SOC Operations to improve workflows and response effectiveness
  • Develop automation and orchestration for triage, investigation, and remediation
  • Integrate security tools and data sources into a unified detection ecosystem
  • Apply AI to enhance detection, triage, and analyst decision-making
  • Establish detection governance and drive continuous improvement

Required Education and Experience

  • Bachelor's Degree Required
  • 4+ years of information security experience with strong knowledge of SIEM tools, including administration, configuration, and log analysis
  • Hands-on experience with SIEM components such as building blocks, reference sets, flow data, and network hierarchies
  • Broad understanding of security practices including risk management, vulnerability management, threat analysis, auditing, monitoring, and incident response
  • Working knowledge of cloud computing, network protocols, and common information security standards/frameworks

Preferred Education and Experience

  • 5+ years of information security experience
  • CYSA+, GCIH, GCIA, OSCP, CISSP or similar certification

Similar jobs