**Introduction** A career in IBM Consulting is built on long-term client relationships and close collaboration worldwide. You’ll work with leading companies across industries, helping them shape their hybrid cloud and AI journeys. With support from our strategic partners, robust IBM technology, and Red Hat, you’ll have the tools to drive meaningful change and accelerate client impact. At IBM Consulting, curiosity fuels success. You’ll be encouraged to challenge the norm, explore new ideas, and create innovative solutions that deliver real results. Our culture of growth and empathy focuses on your long-term career development while valuing your unique skills and experiences. **Your role and responsibilities** As a Technical Consultant in Threat Detection Content & Administration, you will manage and maintain security technology infrastructure, including SIEM, SOAR, EDR, AV, and Cloud security controls. You will develop and deploy use cases, rules, and security policy recommendations to ensure efficient infrastructure functionality. Your primary responsibilities will include: * Operate and administer Google SecOps (formerly Chronicle Security) and/or Palo Alto XSIAM platforms. * Design, configure, and maintain automation workflows, including playbooks, actions, automations, and rules. * Develop and maintain custom automation actions using Python. * Integrate security tools and data sources using REST APIs. * Analyze indicators of compromise (IOCs), investigate alerts, and support security incident investigations. * Collaborate with SOC and engineering teams to improve detection, response, and automation maturity across the SecOps ecosystem. **Required technical and professional expertise** * Hands-on experience operating Google SecOps (Chronicle) and/or Palo Alto XSIAM. * Solid understanding of security automation concepts (playbooks, rules, workflows). * Experience developing custom integrations or automations using Python. * Practical knowledge of REST API integrations between security platforms. * Strong understanding of SIEM, XDR/EDR, and how security controls operate within a SecOps ecosystem. * Experience with alert analysis, IOC handling, and incident investigation. * 2+ years of experience in similar SecOps, SOC Engineering, or Security Automation roles. * Intermediate English level (technical communication). **Preferred technical and professional experience** * Previous experience automating processes using traditional SOAR platforms, such as IBM SOAR, Splunk SOAR, Cortex XSOAR, or similar. * Knowledge of Bash, PowerShell, or CI/CD tools to support advanced automation use cases. * Understanding of security frameworks such as MITRE ATT&CK and NIST. * Experience designing security use cases or automation use cases. * Certifications related to Google Cloud Security or Palo Alto Networks are a strong plus. IBM is committed to creating a diverse environment and is proud to be an equal-opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender, gender identity or expression, sexual orientation, national origin, caste, genetics, pregnancy, disability, neurodivergence, age, veteran status, or other characteristics. IBM is also committed to compliance with all fair employment practices regarding citizenship and immigration status.