**Introduction** In this role, you'll work in one of our IBM Consulting Client Innovation Centers (Delivery Centers), where we deliver deep technical and industry expertise to a wide range of public and private sector clients around the world. Our delivery centers offer our clients locally based skills and technical expertise to drive innovation and adoption of new technology. **Your role and responsibilities** * Create scripts to orchestrate various process and automate day to day repeated task and playbooks, expertise in python, openAPI, machine learning and AI frameworks ( TensorFlow/Pytorch). Should have played a technical role in the areas of Security Operations, Threat Intelligence, Cyber Incident Response, or Penetration Testing/Red Team. * Advanced experience using analysis tools (e.g. file/network/OS monitoring tools and/or debuggers). * Advanced knowledge of operating system internals and security mechanisms. Experience analyzing attacker techniques that leverage email and cloud-service tactics **Required technical and professional expertise** * Skilled working with extremely large data sets, using tools and scripting languages such as: Excel, SQL, Python, Splunk, KQL, and PowerBI. Excellent interpersonal skills, with the ability to articulate business need for detection improvements. * Good presentation skills that would be used while showcasing the reports for the hunts. The Following Additional Experiences Are Favorable. Experience with reverse engineering, digital forensics (DFIR) or incident response, or machine learning models. * Experience with system administration in a large enterprise environment including Windows and Linux servers and workstations, network administration, cloud administration **Preferred technical and professional experience** * Experience with offensive security including tools such as Metasploit, exploit development, Open-Source Intelligence Gathering (OSINT), and designing ways to breach enterprise networks. * Experience with advanced persistent threats and human adversary compromises. * Additional advanced technical degrees or cyber security-based certifications such as CISSP, OSCP, CEH, or GIAC certifications