IBM Cyber Security Incident Responder – CISO in St Louis, Missouri
At IBM, work is more than a job - it's a calling: To build. To design. To code. To consult. To think along with clients and sell. To make markets. To invent. To collaborate. Not just to do something better, but to attempt things you've never thought possible. Are you ready to lead in this new era of technology and solve some of the world's most challenging problems? If so, lets talk.
Your Role and Responsibilities
Preferred locations Austin, TX or anywhere in the US
The IBM Global Information Security Organization (IBM CISO) is seeking a Cyber Security Incident Response professional to work on the global Cyber Security Incident Response team (CSIRT). Cyber Security Incident Response team (CSIRT) core function is to provide continuous cybersecurity incident intake, triage, investigative response and data analysis services for the IBM Corporation and its clients as well as contributing to the ongoing improvement of IBM’s overall IT security posture
In this role, you will develop and execute all components of computer security incident intake, triage, investigation, and response to emerging threats and confirmed or suspected cyber events within the IBM landscape having the potential to impact IBM and/or IBM clients. You will have high visibility as this role requires regular interaction with business executives, collaboration with IBM’s cyber support; such as Corp Comms, Legal, etc., and comprehensive, thorough root cause analysis, metrics, and security control improvement reporting.
Establish, maintain and execute all components of an incident response plan, from incident intake through root cause analysis, technical remediation analysis, and reporting
Perform analysis of log files from a variety of sources (e.g., individual host logs, network traffic logs, firewall logs, and intrusion detection system [IDS] logs) to identify possible threats to network security.
Execute cyber defense incident triage, to include determining scope, urgency, and potential impact, identifying the specific vulnerability, and making recommendations that enable expeditious remediation
Perform initial, forensically sound collection of images and inspect to discern possible mitigation/remediation on enterprise systems.
Perform real-time cyber defense incident handling (e.g., forensic collections, intrusion correlation and tracking, threat analysis, and direct system remediation) tasks to support deployable Incident Response Teams (IRTs)
- Accurately documenting an incident from beginning to end as well as evidence handling.
YOUR ABILITIES & SKILLS
Design incident response for cloud service models
Apply techniques for detecting host and network-based intrusions using intrusion detection technologies
Identifying, capturing, containing, and reporting malware
Securing network communications
Recognizing and categorizing types of vulnerabilities and associated attacks.
Protecting a network against malware. (e.g., NIPS, anti-malware, restrict/prevent external devices, spam filters).
Performing damage assessment.
Assist in the production of a root cause analysis.
Properly handle evidence related to an incident.
Required Technical and Professional Expertise
At least 4 years’ experience in IT Security Digital Forensics or Operations
At least 2 years’ experience in Incident Response in a global corporate enterprise
Experience in fast-paced investigations.
Experience with programming or scripting languages.
Ability to present highly technical information to non-technical audiences.
Preferred Technical and Professional Expertise
At least one Information Security Professional Certification (e.g. CISSP, GIAC, EnCE, CFCE, CCE, DFCP, GCIA, GCIH)
Familiar with Q-Rader SIEM tool is a plus
About Business Unit
IBM Systems helps IT leaders think differently about their infrastructure. IBM servers and storage are no longer inanimate - they can understand, reason, and learn so our clients can innovate while avoiding IT issues. Our systems power the world’s most important industries and our clients are the architects of the future. Join us to help build our leading-edge technology portfolio designed for cognitive business and optimized for cloud computing.
Your Life @ IBM
What matters to you when you’re looking for your next career challenge?
Maybe you want to get involved in work that really changes the world? What about somewhere with incredible and diverse career and development opportunities – where you can truly discover your passion? Are you looking for a culture of openness, collaboration and trust – where everyone has a voice? What about all of these? If so, then IBM could be your next career challenge. Join us, not to do something better, but to attempt things you never thought possible.
Impact. Inclusion. Infinite Experiences. Do your best work ever.
IBM’s greatest invention is the IBMer. We believe that progress is made through progressive thinking, progressive leadership, progressive policy and progressive action. IBMers believe that the application of intelligence, reason and science can improve business, society and the human condition. Restlessly reinventing since 1911, we are the largest technology and consulting employer in the world, with more than 380,000 IBMers serving clients in 170 countries.
For additional information about location requirements, please discuss with the recruiter following submission of your application.
IBM intends this job to be performed entirely outside of Colorado.
Being You @ IBM
IBM is committed to creating a diverse environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, pregnancy, disability, age, veteran status, or other characteristics. IBM is also committed to compliance with all fair employment practices regarding citizenship and immigration status.