**Introduction** A career in IBM Consulting is built on long-term client relationships and close collaboration worldwide. You’ll work with leading companies across industries, helping them shape their hybrid cloud and AI journeys. With support from our strategic partners, robust IBM technology, and Red Hat, you’ll have the tools to drive meaningful change and accelerate client impact. At IBM Consulting, curiosity fuels success. You’ll be encouraged to challenge the norm, explore new ideas, and create innovative solutions that deliver real results. Our culture of growth and empathy focuses on your long-term career development while valuing your unique skills and experiences. **Your role and responsibilities** As a Technical Consultant: Threat Detection Response & Intelligence, you play a vital role in safeguarding an organization's digital infrastructure by identifying, analyzing, and mitigating cyber threats. This position involves using a variety of cybersecurity tools to monitor, prioritize, investigate, and respond to security incidents. Your primary responsibilities will include: * Perform advanced analysis of security events and logs across multiple data sources. * Correlate events, conduct deep log reviews, analyze alerts, and validate true positives vs. false positives. * Execute incident triage, classification, and prioritization based on risk and impact. * Conduct advanced root cause analysis (RCA) to identify how incidents originated and evolved. * Analyze IOCs and threat vectors, supporting detection and investigation activities. * Apply threat intelligence feeds to enhance analysis for specific clients and industries. * Identify and interpret signals of exploitation, vulnerabilities, and security gaps. * Collaborate with team members to tune and optimize SIEM/XDR platforms. * Manage technical communication and incident escalation in accordance with defined procedures. **Required technical and professional expertise** * Strong experience in advanced log and event analysis. * Proven ability to perform alert correlation, deep investigation, and incident validation. * Hands-on experience with incident triage, classification, and prioritization. * Strong analytical skills to perform root cause analysis. * Experience analyzing malicious behaviors, IOCs, and attack vectors. * Practical knowledge of threat intelligence consumption and application to detection. * Solid understanding of MITRE ATT&CK framework. * Ability to recognize exploitation techniques, vulnerabilities, and security control gaps. * Strong technical communication skills and experience handling incident escalation. * Team-oriented mindset with experience collaborating on SIEM/XDR tuning and optimization. * Intermediate English level (technical communication) **Preferred technical and professional experience** * Knowledge of Windows and Linux operating systems. * Experience with threat intelligence and threat hunting activities. * Knowledge of designing and improving security use cases and correlation logic. IBM is committed to creating a diverse environment and is proud to be an equal-opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender, gender identity or expression, sexual orientation, national origin, caste, genetics, pregnancy, disability, neurodivergence, age, veteran status, or other characteristics. IBM is also committed to compliance with all fair employment practices regarding citizenship and immigration status.