X-Force Threat Intelligence Consultant

Introduction
A career in IBM Consulting is built on long-term client relationships and close collaboration worldwide. You’ll work with leading companies across industries, helping them shape their hybrid cloud and AI journeys. Analysts will work closely with X-Force Incident Response teams to triage cyber threat activity and provide critical intelligence support. You will leverage and integrate X-Force's proprietary telemetry, open-source intelligence (OSINT), and industry-leading sources within IBM to develop comprehensive threat models and intelligence research for publication.
Your role and responsibilities
The Threat Intelligence Consultant will work directly with the client to ensure the security solutions are implemented or improved according to the client’s business requirements. Analysts will also collaborate with various internal IBM teams (e.g., Incident Response, Product Development, Sales) and external partners to address diverse intelligence requirements, foster collaboration, and promote IBM’s thought leadership in the cybersecurity space. The ideal candidate will have demonstrated strong skills in proactive threat research and hunting, possess a deep understanding of cybersecurity threats and best practices, with a preference for experience gained within large enterprise environments, government agencies, or security vendors.
Threat Landscape Awareness: Experience with developing and implementing cyber indicators to maintain awareness of evolving threat landscapes, ensuring organizations remain informed and prepared for potential cyber threats.
Threat Data Analysis: Experience in collecting, processing, analyzing, and sharing cyber threat/warning assessments to inform stakeholders of potential cyber threats.
Collection Strategy Execution: Experience with executing collections using well-defined strategies and within priorities set by collection management processes.
Cyber Indicator Development: Experience in developing and implementing cyber indicators to support threat awareness and collection strategies.
Threat Assessment Sharing: Experience with sharing cyber threat/warning assessments with stakeholders to ensure organizational preparedness for potential cyber threats.
Performs proactive threat hunting based on emerging IOCs or vulnerabilities derived from analysis of network/host activity or open-source intelligence.
Interprets incident response data such as malware analysis artifacts, digital forensic results, and log data.
Develops comprehensive threat actor profiles, including their motivations, tactics, techniques, and procedures (TTPs), and innovates detection techniques for their activity, often aligning with frameworks like MITRE ATT&CK.
Serves as a Subject Matter Expert (SME) on the threat landscape, including cyber-attack vectors, threat actors (e.g., nation-state, cybercriminal, hacktivist), malware families, and security trends impacting both public and private sectors.
Takes a proactive approach to continuous learning about the latest threats, threat actors, TTPs, and malware families.
Conducts and correlates threat research using OSINT, incident response engagement data, and proprietary tools.
Performs threat modeling and produces intelligence threat assessments.
Required education
Bachelor's Degree
Preferred education
Master's Degree
Required technical and professional expertise
5+ years of experience conducting security research, producing threat assessments, and tracking threat actor groups and clustering threat activity.
3+ years of experience communicating security threats to both technical and non-technical audiences verbally and in writing via training, conferences, or client engagements.
Experience identifying, analyzing, and documenting common malware infection chains and their associated Indicators of Compromise (IOCs).
Experience setting up and using Virtual Machines for security research and analysis.
Experience modeling threat actor activity in The Vertex Project designed by Synapse.
Proficiency in utilizing and integrating data from a range of threat intelligence platforms and tools (e.g., Virus Total, Microsoft Threat Defender, Domain Tools, Shodan, Censys, Maltego) and aligning findings to established threat models like MITRE ATT&CK.
Experience with Security Information and Event Management (SIEM) systems and log analysis for threat detection and correlation.
Experience working with incident response teams to provide timely and actionable threat intelligence.

Communication & Collaboration:

Possesses strong verbal and written communication skills to deliver strategic, tactical, and operational intelligence to audiences with varying degrees of technical knowledge.
Reviews technical literature prepared by other staff members for content, coverage, and clarity.

Soft Skills:

Critical Thinking & Problem-Solving: Ability to analyze complex data, identify patterns, and draw insightful conclusions, especially under pressure.
Attention to Detail: Meticulous approach to data analysis and reporting, ensuring accuracy and completeness.
Collaboration & Teamwork: Strong ability to work effectively with diverse technical and non-technical teams.
Adaptability & Continuous Learning: Eagerness to stay updated with evolving threats, technologies, and methodologies.
Preferred technical and professional experience
Experience with automating repetitive tasks and familiarity with scripting languages (e.g., Python, PowerShell) for data manipulation, analysis, and tool development.
Experience with creating YARA and/or Snort/Suricata rules.
Experience analyzing threat activity in either nation-state or cybercriminal ecosystems.
Familiarity with static and dynamic malware analysis tools (e.g., Ghidra, IDA Pro, Cuckoo Sandbox, Process Monitor, Wireshark) and techniques.
Familiarity with cloud security concepts and common attack vectors in cloud environments.

ABOUT BUSINESS UNIT:

IBM Consulting is IBM’s consulting and global professional services business, with market leading capabilities in business and technology transformation. With deep expertise in many industries, we offer strategy, experience, technology, and operations services to many of the most innovative and valuable companies in the world. Our people are focused on accelerating our clients’ businesses through the power of collaboration. We believe in the power of technology responsibly used to help people, partners and the planet.
YOUR LIFE @ IBM
In a world where technology never stands still, we understand that, dedication to our clients success, innovation that matters, and trust and personal responsibility in all our relationships, lives in what we do as IBMers as we strive to be the catalyst that makes the world work better.
Being an IBMer means you’ll be able to learn and develop yourself and your career, you’ll be encouraged to be courageous and experiment everyday, all whilst having continuous trust and support in an environment where everyone can thrive whatever their personal or professional background.
Our IBMers are growth minded, always staying curious, open to feedback and learning new information and skills to constantly transform themselves and our company. They are trusted to provide on-going feedback to help other IBMers grow, as well as collaborate with colleagues keeping in mind a team focused approach to include different perspectives to drive exceptional outcomes for our customers. The courage our IBMers have to make critical decisions everyday is essential to IBM becoming the catalyst for progress, always embracing challenges with resources they have to hand, a can-do attitude and always striving for an outcome focused approach within everything that they do.
Are you ready to be an IBMer?
ABOUT IBM
IBM’s greatest invention is the IBMer. We believe that through the application of intelligence, reason and science, we can improve business, society and the human condition, bringing the power of an open hybrid cloud and AI strategy to life for our clients and partners around the world.
Restlessly reinventing since 1911, we are not only one of the largest corporate organizations in the world, we’re also one of the biggest technology and consulting employers, with many of the Fortune 500 companies relying on the IBM Cloud to run their business.
At IBM, we pride ourselves on being an early adopter of artificial intelligence, quantum computing and blockchain. Now it’s time for you to join us on our journey to being a responsible technology innovator and a force for good in the world.
IBM is proud to be an equal-opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender, gender identity or expression, sexual orientation, national origin, genetics, pregnancy, disability, neurodivergence, age, or other characteristics protected by the applicable law. IBM is also committed to compliance with all fair employment practices regarding citizenship and immigration status.

OTHER RELEVANT JOB DETAILS:

IBM wants you to bring your whole self to work and for you this might mean the ability to work flexibly. If you are interested in a flexible working pattern, please talk to our recruitment team to find out if this is possible in the current working environment.
Job Title

X-Force Threat Intelligence Consultant:

Job ID
105348
City / Township / Village
BRUSSELS
State / Province
Brussels-Capital Region
Country
Belgium
Work arrangement
Hybrid
Area of work
Consulting
Employment type
Regular
Position type
Professional
Travel required
Some travel may be required based on business demand
Company
(0016) International Business Machines of Belgium BV/SRL
Shift
General (daytime)
Is this role a commissionable/sales incentive based position?
No
Application Info
Be aware: Recruitment Scams
Privacy statement
Learn more about IBM
English
Contact IBM
Privacy
Terms of use
Accessibility