IBM
Introduction
The Office of the CISO has the responsibility to safeguard not only IBM systems but those of clients we support around the globe. The IBM CISO office is comprised of teams that cover all aspects of security - from Vulnerabilty Management, Threat Detection, Security Operations, Product Security, Mail Security, System Inventory, Endpoint Detection, as well as Computer Security Incidence Response. CSIRT is responsible for maintaining and managing the IBM internal global incident response process for cybersecurity and data privacy cases across IBM.
Your role and responsibilities
IBM CSIRT is looking to hire a proven professional with background and experience in cybersecurity analysis. This team member will partner with a cybersecuirty responder to initiate, triage, contain/mitigate, analyze and resolve cyber and data concerns. Demostrated experience with analysis tools is required, as is a firm understanding of the latest technologies as well as security technologies, hosting environments and of course the mindset of threat actors that will enable this analyst to safeguard IBM and client systems. This team member will need to possess strong technical and analytical skills as well as exceptional organizational and communication skills. The role also requires interaction and collaboration with team members from the SOC, Threat Detection and others.
Required technical and professional expertise
At least 3 years of experience in Incident Response in a global corporate enterprise
Strong understanding of Windows, Mac, and Linux operating systems
Strong knowledge of common security tools, techniques, and procedures employed by cyber threat actors
Demonstrated knowledge of commercial and open-source forensic tools, such as X-Ways, Axiom, Autopsy, ELK, SIFT, Plaso, etc
Knowledge of analysis with EDR tooling, such as Crowdstrike or Microsoft Defender for Endpoint (MDE)
Solid working knowledge of networking topology, technology and tools, such as firewalls, proxies, IDS/IPS, EDR
Event analysis and correlation
Excellent technical writing and presentation skills
The ability to work independently and effectively, as well as in a group setting required.
Preferred technical and professional experience
Demonstrated computer forensic investigations experience
Demonstrated knowledge of commercial and open-source forensic tools, such as X-Ways, Axiom, Autopsy, ELK, SIFT, Plaso, etc
Demonstrated knowledge of analysis with EDR tooling, such as Crowdstrike or Microsoft Defender for Endpoint (MDE)
Knowledge of incident response and analysis in cloud environments, such as IBM Cloud, AWS, or Azure
Ability to successfully lead and facilitate information gathering meetings
Experience managing small and large scale cyber security incidents
IBM is committed to creating a diverse environment and is proud to be an equal-opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender, gender identity or expression, sexual orientation, national origin, caste, genetics, pregnancy, disability, neurodivergence, age, veteran status, or other characteristics. IBM is also committed to compliance with all fair employment practices regarding citizenship and immigration status.
The Office of the CISO has the responsibility to safeguard not only IBM systems but those of clients we support around the globe. The IBM CISO office is comprised of teams that cover all aspects of security - from Vulnerabilty Management, Threat Detection, Security Operations, Product Security, Mail Security, System Inventory, Endpoint Detection, as well as Computer Security Incidence Response. CSIRT is responsible for maintaining and managing the IBM internal global incident response process for cybersecurity and data privacy cases across IBM.
Your role and responsibilities
IBM CSIRT is looking to hire a proven professional with background and experience in cybersecurity analysis. This team member will partner with a cybersecuirty responder to initiate, triage, contain/mitigate, analyze and resolve cyber and data concerns. Demostrated experience with analysis tools is required, as is a firm understanding of the latest technologies as well as security technologies, hosting environments and of course the mindset of threat actors that will enable this analyst to safeguard IBM and client systems. This team member will need to possess strong technical and analytical skills as well as exceptional organizational and communication skills. The role also requires interaction and collaboration with team members from the SOC, Threat Detection and others.
Required technical and professional expertise
At least 3 years of experience in Incident Response in a global corporate enterprise
Strong understanding of Windows, Mac, and Linux operating systems
Strong knowledge of common security tools, techniques, and procedures employed by cyber threat actors
Demonstrated knowledge of commercial and open-source forensic tools, such as X-Ways, Axiom, Autopsy, ELK, SIFT, Plaso, etc
Knowledge of analysis with EDR tooling, such as Crowdstrike or Microsoft Defender for Endpoint (MDE)
Solid working knowledge of networking topology, technology and tools, such as firewalls, proxies, IDS/IPS, EDR
Event analysis and correlation
Excellent technical writing and presentation skills
The ability to work independently and effectively, as well as in a group setting required.
Preferred technical and professional experience
Demonstrated computer forensic investigations experience
Demonstrated knowledge of commercial and open-source forensic tools, such as X-Ways, Axiom, Autopsy, ELK, SIFT, Plaso, etc
Demonstrated knowledge of analysis with EDR tooling, such as Crowdstrike or Microsoft Defender for Endpoint (MDE)
Knowledge of incident response and analysis in cloud environments, such as IBM Cloud, AWS, or Azure
Ability to successfully lead and facilitate information gathering meetings
Experience managing small and large scale cyber security incidents
IBM is committed to creating a diverse environment and is proud to be an equal-opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender, gender identity or expression, sexual orientation, national origin, caste, genetics, pregnancy, disability, neurodivergence, age, veteran status, or other characteristics. IBM is also committed to compliance with all fair employment practices regarding citizenship and immigration status.