Senior Cybersecurity Consultant

Introduction
At IBM work is more than a job – it’s a calling: To build. To design. To code. To consult. To think along with clients and sell. To make markets. To invent. To collaborate. Not just to do something better but to attempt things you’ve never thought possible. Are you ready to lead in this new era of technology and solve some of the world’s most challenging problems? If so lets talk.

Your Role and Responsibilities
As a Cybersecurity Consultant you’ll provide consulting services to analyze and resolve security incidents and to work with the client to achieve an overall superior security posture. Your responsibilities may encompass:

• Responsible for conducting incident response operations according to documented procedures and industry best practices.
• Will be required to participate in multiple intelligence communities and be able to disseminate pertinent information throughout the SOC.
• Helps client IT and business executives understand Security issues risks exposures and vulnerabilities using interviews workshops and assessments.
• Define business drivers and develop associated endpoint strategy programs incident response plans and remediation recommendations and roadmaps.

Required Technical and Professional Expertise

• Knowledge of network security zones Firewall configurations IDS policies and systems communications from Layer 1 to 7
• Experience with Network and Network Security tools administration Systems Administration (Linux and Windows) Middleware and Application Administration
• Knowledge in networking and attack methods such as SQLi and pivoting packet capture and analysis
• Experience in multiple security areas such as SIEM EDR XDR ASM IDS APT and WAF and Security Assessment tools (NMAP Nessus)
• Experience with log search tools such as HP Arcsight Splunk usage of regular expressions and natural language queries and knowledge of log formats and ability to aggregate and parse log data for syslog http logs DB logs for investigation purposes.
• Experience on creation of containment strategy and execute.

Preferred Technical and Professional Expertise

• Experience or exposure on the following skills is a plus:

1. Computer Forensic Investigation such as Windows Forensic Analysis FOR408 – (Optional GCFE certification) or
2. Perimeter Protection in Depth – SEC502 (optional GCFW certification) or
3. Advanced Security Essentials – SEC501 (optional GCED certification) or
4. Intrusion Detection in Depth – SEC503 (GCIA certification) or equivalent or
5. Hacker Techniques Exploits & Incident Handling – SEC504 (optional GCIH certification) or
6. GIAC Continuous Monitoring (optional GMON certification) or
7. Advanced digital forensics and Incident Response – FOR 508 (Optional GCFA certification) or equivalent