**Introduction** A career in IBM Consulting is rooted by long-term relationships and close collaboration with clients across the globe.You'll work with visionaries across multiple industries to improve the hybrid cloud and AI journey for the most innovative and valuable companies in the world. Your ability to accelerate impact and make meaningful change for your clients is enabled by our strategic partner ecosystem and our robust technology platforms across the IBM portfolio, including Software and Red Hat. Curiosity and a constant quest for knowledge serve as the foundation to success in IBM Consulting. In your role, you'll be encouraged to challenge the norm, investigate ideas outside of your role, and come up with creative solutions resulting in groundbreaking impact for a wide network of clients. Our culture of evolution and empathy centers on long-term career growth and development opportunities in an environment **Your role and responsibilities** NDR Operations & Analysis Monitor NDR alerts, anomalies, and threat detections. Investigate suspicious network traffic patterns and escalate incidents as required. Perform root cause analysis and support incident response activities. Create reports and dashboards for threat visibility and management review. Collaborate with SOC and other security teams for triage and resolution. Administration & Tool Management configure, and integrate the NDR solution with SIEM, SOAR, EDR, and firewalls. Perform user access management, policy updates, and rule tuning. Maintain system health (patching, upgrades, backup/restore, performance optimization). Define and implement detection use cases and custom signatures. Troubleshoot solution performance and connectivity issues. Ensure logging, telemetry, and visibility across critical network segments. **Required technical and professional expertise** Hands-on experience with NDR tools (e.g., Vectra, Darktrace, Extra Hop, Cisco Secure NDR, Core light). Knowledge of network protocols (TCP/IP, DNS, HTTP, SSL/TLS) and common attack techniques. Familiarity with SOC operations: threat hunting, incident triage, and malware analysis. Strong knowledge of system administration (Linux/Windows) and networking fundamentals. Experience with integration of NDR with SIEM/SOAR platforms. **Preferred technical and professional experience** Good experience in cybersecurity or network security. Bachelor’s in Computer Science, Information Security, or related field (or equivalent experience). Security certifications preferred (e.g., CCNA Security, CEH, CompTIA Security+, CISSP Associate, or vendor-specific NDR certifications). IBM is committed to creating a diverse environment and is proud to be an equal-opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender, gender identity or expression, sexual orientation, national origin, caste, genetics, pregnancy, disability, neurodivergence, age, veteran status, or other characteristics. IBM is also committed to compliance with all fair employment practices regarding citizenship and immigration status.