At IBM, work is more than a job - it's a calling: To build. To design. To code. To consult. To think along with clients and sell. To make markets. To invent. To collaborate. Not just to do something better, but to attempt things you've never thought possible. Are you ready to lead in this new era of technology and solve some of the world's most challenging problems? If so, lets talk.
Your Role and Responsibilities
The Computer Security Incident Response Team (CSIRT) manages security incidents, leads investigations, and remediates threats to systems and data. The cybersecurity specialist works in Incident Response and Digital Forensics.
As an Incident Response Coordinator, you handle security incidents from intake through triage, protection and remediation. You communicate effectively with business and technical teams across the company, including executive management, as well as corporate functions. You conduct meetings with stakeholders to facilitate the exchange of information, agree on and track the completion of actions, and document the findings and lessons learned.
As Incident Response Analyst, you conduct the technical analysis for security incidents (for example, unauthorized access, malware/ransomware, data loss, advanced persistent threats). You apply forensically sound methods for evidence handling and managing the chain of custody. You combine data from multiple sources, including system images, event logs, digital media and threat intelligence, to investigate threats, establish incident timelines, and document the findings in detailed, evidence based technical reports.
Working with global teams across the company, you ensure that security incidents are handled in a timely and professional manner and contribute to the ongoing improvement of IBM’s overall IT security posture.
Required Technical and Professional Expertise
Experience with incident management and understanding of security incident management standards and best practices.
Strong oral and written communications skills in English, additional languages are a plus.
Strong interpersonal and organizational skills.
Knowledge of common security threats, attack vectors and penetration techniques.
Experience with running and investigating systems using multiple platforms, including Linux, Windows, MacOS, Android, iOS.
Experience with forensic tools such as Encase, FTK, Magnet IEF, SIFT, X-ways, Magnet Axiom and live data capture tools.
Experience with event analysis and correlation, and malware analysis.
Knowledge of networking technologies, including firewalls, proxies, IDS/IPS, and network protocols.
Knowledge of Unix shell and common scripting languages for data manipulation
Preferred Technical and Professional Expertise
At least two years’ experience in Incident Response and/or Digital Forensics in a global enterprise.
At least one Information Security Professional Certification (e.g. CISSP, GIAC, EnCE, CFCE, CCE, DFCP, GCIA, GCIH).
Familiarity with IBM QRadar SIEM, Windows Defender ATP and EDR platforms is a plus
About Business Unit
IBM Corporate Headquarters (CHQ) team represents a variety of functions such as marketing, finance, legal, operations, HR, and more, all working together to solve some of the world's most complex problems, help our clients achieve success and build collaborative work environments for IBMers.
Your Life @ IBM
What matters to you when you’re looking for your next career challenge?
Maybe you want to get involved in work that really changes the world? What about somewhere with incredible and diverse career and development opportunities – where you can truly discover your passion? Are you looking for a culture of openness, collaboration and trust – where everyone has a voice? What about all of these? If so, then IBM could be your next career challenge. Join us, not to do something better, but to attempt things you never thought possible.
Impact. Inclusion. Infinite Experiences. Do your best work ever.
IBM’s greatest invention is the IBMer. We believe that progress is made through progressive thinking, progressive leadership, progressive policy and progressive action. IBMers believe that the application of intelligence, reason and science can improve business, society and the human condition. Restlessly reinventing since 1911, we are the largest technology and consulting employer in the world, with more than 380,000 IBMers serving clients in 170 countries.
For additional information about location requirements, please discuss with the recruiter following submission of your application.
Being You @ IBM
IBM is committed to creating a diverse environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, pregnancy, disability, age, veteran status, or other characteristics. IBM is also committed to compliance with all fair employment practices regarding citizenship and immigration status.