A career in IBM Consulting is rooted by long-term relationships and close collaboration with clients across the globe.
You'll work with visionaries across multiple industries to improve the hybrid cloud and AI journey for the most innovative and valuable companies in the world. Your ability to accelerate impact and make meaningful change for your clients is enabled by our strategic partner ecosystem and our robust technology platforms across the IBM portfolio; including Software and Red Hat.
Curiosity and a constant quest for knowledge serve as the foundation to success in IBM Consulting. In your role you'll be encouraged to challenge the norm investigate ideas outside of your role and come up with creative solutions resulting in ground breaking impact for a wide network of clients. Our culture of evolution and empathy centers on long-term career growth and development opportunities in an environment that embraces your unique skills and experience
In this role you'll work in one of our IBM Consulting Client Innovation Centers (Delivery Centers) where we deliver deep technical and industry expertise to a wide range of public and private sector clients around the world. Our delivery centers offer our clients locally based skills and technical expertise to drive innovation and adoption of new technology.
· Good Communication Skills
· Good grasp of basic security principles like confidentiality authentication access control and privacy security vulnerabilities physical security issues protocol design flaws malicious code implementation flaws configuration weaknesses user errors user indifference.
· Work well under pressure handling multiple tasks.
· Having 6+ Years of experience in Incident response and Threat intelligence
· Monitor security alerts and notifications from various sources including security information and event management (SIEM) systems intrusion detection systems (IDS) and endpoint protection solutions.
· Perform real-time analysis of security alerts and determine the severity and impact of potential security incidents.
· Lead and coordinate the response to security incidents including identification containment eradication and recovery.
· Conduct root cause analysis to determine the origin and impact of incidents and develop recommendations to prevent future occurrences.
· Document and report incidents including the creation of detailed incident reports and timelines.
· Having good knowledge in Investigation Technologies such as EDR XDR Email Security VA Sandboxing Threat Intelligence Deception DFIR and SOAR.
· Experience with SIEM IDS/IPS endpoint protection and forensic tools.
· Participate in the continuous improvement of incident response playbooks and standard operating procedures (SOPs).
· Perform digital forensics investigations on compromised systems to collect and analyze evidence.
· Stay updated on the latest cyber threats vulnerabilities and attack vectors.
· Analyze and interpret threat intelligence to identify potential risks and improve incident detection and response capabilities.
· Collaborate with threat intelligence teams and external partners to share information and enhance situational awareness.
Incident Responder to assist our 24/7 Incident Management Team.
Required Professional and Technical Expertise:
· SIEM Tools: Qradar Securonix ArcSight Splunk Sentinel One (any of one).
· Security Tools: Smokescreen TIP Wireshark EDR XDR Antivirus Virus Total.
· Language (Optional): Python PowerShell Shell Scripting JS VB
Certification: CEH CompTIA Security+ AZ-200 AZ-900 SIEM Fundamentals CERT-Certified Computer Security Incident Handler (CERT-CSIH)