IBM CSIRT Incident Response Analyst 

United States, Texas, Austin 

613586108

Your Role and Responsibilities :The role will be responsible for conducting forensic investigations and analysis in support of cyber incidents that are reported into the CSIRT team. This role will require the ability to triage and conduct thorough examinations of all types of digital media within a heterogeneous environment, the ability to determine containment and/or remediation activities that may be required, as well as to identify potential threats. Reporting and collaborating with the different areas of Business will be required, as well as providing relevant lesson learned output that can be fed into the IBM threat landscape.
Required Technical and Professional Expertise

• At least 2 years of experience in Incident Response in a global corporate enterprise
• Strong knowledge of common tools, techniques, and procedures employed by cyber threat actors
• Solid working knowledge of networking topology, technology and tools, such as firewalls, proxies, IDS/IPS
• Event analysis and correlation
• Excellent technical writing and presentation skill

Preferred Technical and Professional Expertise

• Demonstrated computer forensic investigations experience
• Strong understanding of Windows, Mac, and Linux operating systems
• Demonstrated knowledge of commercial and open-source forensic tools, such as X-Ways, Encase, SIFT, Plaso, etc.
• Ability to successfully lead and facilitate information gathering meetings
• Experience managing small and large scale cyber security incidents