SOC_MDR Specialist

The Role

As a Cybersecurity Defense professional at Kyndryl, you will encompass cybersecurity, incident response, security operations, vulnerability management, and the world of cyber threat hunting and security intelligence analysis all to protect the very heartbeat of organizations – their infrastructure.

At Kyndryl, we design, run, and manage the most modern and reliable technology infrastructure that the world depends on every day. Kyndryl Consult provides advice, move, build, and implementation services by working in partnership with customers and are dedicated to ensuring that each achieves their peak digital performance.

Kyndryl's Security & Resiliency is one of our most critical practices, ensuring enterprises, regardless of their size and complexity, remain secure, available, reliable, and resilient. We take Cybersecurity seriously. We're not just invested; we're committed. We're not just protecting data; we're empowering. Kyndryl is committed to making the world safer, not only by investing in state-of-the-art services and technologies but also by empowering underserved communities with essential cyber skills.

Security Operations and Incident Response is a critical service within Kyndryl, and this Security Consultant role will be reporting to the Global lead for Security Operations Advisory service within the Kyndryl Consult Security & Resiliency Business in a hands-on and customer facing role focused on assess, advise and implement Threat monitoring and detection solutions that will support clients' SOC initiatives.

Your Future at Kyndryl

When you join Kyndryl, you're not just joining a company – you're entering a space of opportunities. Our partnerships with industry alliances and vendors mean you'll have access to skilling and certification programs needed to excel in Security & Resiliency, while simultaneously supporting your personal growth. Whether you envision your career path as a technical leader within cybersecurity or transition into other technical, consulting, or go-to-market roles – we're invested in your journey.

Who You Are

You're good at what you do and possess the required experience to prove it. However, equally as important – you have a growth mindset; keen to drive your own personal and professional development. You are customer-focused – someone who prioritizes customer success in their work. And finally, you're open and borderless – naturally inclusive in how you work with others.

Required Technical and Professional Expertise

• 10 years in the cyber threat hunting industry or equivalent knowledge and experience
• Experience with security devices such as SIEM, IDS / IPS, HIDS / HIPS, anomaly detection, Firewall, Antivirus systems, Endpoint Detection & Response tools and their log output
• Experience in analysing large data sets
• Experience in using data mining, analytic and visualization tools, such as data lakes (Elastic, HDFS), Linux tools (ex. Grep, cut, sort) and regex
• Experience with industrial taxonomies like Cyber Kill Chain, MiTRE's ATT&CK, MiTRE's CAPEC, MiTRE's CAR, NIST, CIF, SANS and STIX 2.0
• Strong communication skills both written and verbally
• Ability to translate security impacts to the wider business
• Ability to understand end-to-end threat landscape of all sectors
• Skills to analyze attack vectors against a particular system to determine attack surface
• Ability to produce contextual attack models applied to a scenario
• Ability to demonstrate intrusion sets using cyber kill-chain and Tactics, Techniques and Procedures
• Ability to co-ordinate with other security focal point during an active incident
• Knowledge of security controls, how they can be monitored, and thwarted
• Knowledge on vulnerability detection and response from Threat Hunting point of view
• Network forensics : network traffic protocols, traffic analysis (i.e. Network flows and PCAP), intrusion detection

Preferred Technical and Professional Experience

Skills Required

Soc, Splunk