Cybersecurity Subject Matter Expert

Who We Are

At Kyndryl, we design, build, manage and modernize the mission-critical technology systems that the world depends on every day. So why work at Kyndryl? We are always moving forward – always pushing ourselves to go further in our efforts to build a more equitable, inclusive world for our employees, our customers and our communities.

The Role

Kyndryl’s Security & Resiliency is one of our most critical practices, ensuring enterprises, regardless of their size and complexity, remain secure, available, reliable, and resilient. We take Cybersecurity seriously. We're not just invested; we're committed. We're not just protecting data; we're empowering. Kyndryl is committed to making the world safer, not only by investing in state-of-the-art services and technologies but also by empowering underserved communities with essential cyber skills.

When you walk through our doors, you're not only joining a team but you're also becoming part of a legacy. Welcome to Kyndryl, where Cybersecurity isn't just a job – it’s a passion; a commitment to designing, running, and managing the most modern and reliable technology infrastructure that the world depends on every day.

As a Cybersecurity Defense professional at Kyndryl, you will encompass cybersecurity, incident response, security operations, vulnerability management, and the world of cyber threat hunting and security intelligence analysis all to protect the very heartbeat of organizations – their infrastructure.

Responsibilities:

• Design & Implementation: Lead the design, configuration, and implementation of Cortex XSIAM solutions, ensuring they meet organizational security requirements and integrate with existing infrastructure.
• Expertise in XSIAM: Deep understanding of the XSIAM platform, its features, and capabilities, including log ingestion, correlation rules, detection strategy, and integration with other security tools. Keep up to date with the latest XSIAM features, releases, and security threats, ensuring ongoing expertise
• Log Ingestion and Optimization: Devise and implement log ingestion strategies, ensuring high-quality log sources are ingested. Monitor and optimize log sources for performance
• Detection Strategy: Design and implement effective detection strategies, including the creation and tuning of correlation rules to identify and alert on potential threats
• Correlation Rules: Create and fine-tune correlation rules to enhance security detections. 
• Automation & Orchestration: Develop and maintain automated workflows, playbooks, and integrations to streamline incident response, threat detection, and security operations.
• Platform Optimization: Continuously monitor, tune, and optimize Cortex XSIAM performance, ensuring high availability and scalability.
• Security Operations Collaboration: Collaborate with Security Operations Center (SOC) teams to enhance incident management, response times, and threat intelligence sharing.
• Integration with Security Tools: Integrate Cortex XSIAM with SIEM, EDR, threat intelligence platforms, and other security tools to create a comprehensive security ecosystem.
•  Problem Solving:  Identify, analyze, and resolve technical issues related to XSIAM, providing effective solutions.
• Documentation and Reporting: Create and maintain technical documentation, training materials, and knowledge base articles for XSIAM. Maintain detailed documentation for system configurations, integrations, and workflows. Provide regular status reports to management on platform performance and incident metrics.
• Best Practices: Establish and maintain best practices for Cortex XSIAM configuration, workflow design, and incident response. Understanding of cybersecurity threats, vulnerabilities, and industry best practices.
• Customer Support and Consulting: Serve as a subject matter expert, providing consultative guidance to end-users on optimizing XSIAM usage. 
• Training & Support: Provide training to internal teams and clients on Cortex XSIAM features, workflows, and incident response protocols. Act as a go-to resource for troubleshooting and technical support.
• Innovation & Continuous Improvement: Stay current with the latest developments in Cortex XSIAM and cybersecurity automation, bringing innovative ideas to enhance security operations.
• Incident Management and Investigation: Assist in the design and execution of automated response playbooks for common and emerging threats, ensuring rapid and effective resolution of incidents.

Participate in incident response activities, including investigating security alerts and supporting incident resolution. 

Collaboration: Foster collaboration with internal and external teams to drive product adoption

Threat Hunting: May be involved in proactive threat hunting activities, identifying potential vulnerabilities and threats. 

In this role, you won't just monitor; you'll actively engage in the relentless hunt for cyber adversaries. In a world where every click and keystroke could be a potential gateway for attackers, your role will be nothing short of critical as you seek out advanced threats, attackers, and Indicators of Compromise (IOCs). Your expertise in endpoint detection and response (EDR) will be the shield that safeguards individual workstations, laptops, servers, and other devices from cybercrime. Your responsibilities go beyond vigilance. When it comes to network security, you'll utilize Network Detection and Response (NDR) to monitor the ever-flowing currents of network traffic. The incident management process will be used as you respond and manage to cybersecurity incidents.

Cybersecurity Defense is all about information. You'll gather, analyze, and interpret data applying your own and external threat intelligence to uncover potential security threats and risks. These insights and your ability to analyze complex attack scenarios will be the foundation of our security strategy – helping Kyndryl stay one step ahead of security breaches.

In Cybersecurity Defense at Kyndryl, you’re not just protecting the present – you’re shaping the future of digital security. Join us on this cybersecurity venture where your expertise and creativity will have a lasting impact in the world of digital defense.

Your Future at Kyndryl
When you join Kyndryl, you're not just joining a company – you're entering a space of opportunities. Our partnerships with industry alliances and vendors mean you'll have access to skilling and certification programs needed to excel in Security & Resiliency, while simultaneously supporting your personal growth. Whether you envision your career path as a technical leader within cybersecurity or transition into other technical, consulting, or go-to-market roles – we’re invested in your journey.

Who You Are

You’re good at what you do and possess the required experience to prove it. However, equally as important – you have a growth mindset; keen to drive your own personal and professional development. You are customer-focused – someone who prioritizes customer success in their work. And finally, you’re open and borderless – naturally inclusive in how you work with others.

Required Skills and Experience

• 8 to 10 years of security analyst experience, preferably in a managed services environment in XSIAM Engineer
• In-depth expertise in Palo Alto Networks Cortex XSIAM (XSOAR) platform.
• Proficient in scripting languages (e.g., Python, JavaScript) for creating automated workflows and integrations.
• Strong understanding of security technologies such as SIEM, SOAR, EDR, XDR and threat intelligence platforms.
• Hands-on experience with Cortex XSIAM integrations (e.g., RESTful APIs, webhooks, etc.).
• Experience with developing and tuning playbooks, tasks, and workflows within the Cortex XSIAM platform.
• Knowledge of security best practices and frameworks such as MITRE ATT&CK, NIST, ISO 27001, etc.

Preferred Skills and Experience

• Cortex XSOAR certification (e.g., Palo Alto Networks Cortex XSOAR Certified Automation Engineer).
• Security Operations and Incident Response certifications (e.g., GIAC, SOC Analyst).

Being You

Diversity is a whole lot more than what we look like or where we come from, it’s how we think and who we are. We welcome people of all cultures, backgrounds, and experiences. But we’re not doing it single-handily: Our Kyndryl Inclusion Networks are only one of many ways we create a workplace where all Kyndryls can find and provide support and advice. This dedication to welcoming everyone into our company means that Kyndryl gives you – and everyone next to you – the ability to bring your whole self to work, individually and collectively, and support the activation of our equitable culture. That’s the Kyndryl Way.

What You Can Expect

With state-of-the-art resources and Fortune 100 clients, every day is an opportunity to innovate, build new capabilities, new relationships, new processes, and new value. Kyndryl cares about your well-being and prides itself on offering benefits that give you choice, reflect the diversity of our employees and support you and your family through the moments that matter – wherever you are in your life journey. Our employee learning programs give you access to the best learning in the industry to receive certifications, including Microsoft, Google, Amazon, Skillsoft, and many more. Through our company-wide volunteering and giving platform, you can donate, start fundraisers, volunteer, and search over 2 million non-profit organizations.  At Kyndryl, we invest heavily in you, we want you to succeed so that together, we will all succeed.

Get Referred!

If you know someone that works at Kyndryl, when asked ‘How Did You Hear About Us’ during the application process, select ‘Employee Referral’ and enter your contact's Kyndryl email address.