Principal Incident Response Consultant – (f/m/x)
-
- Consulting
- Professional
Principal Incident Response Consultant – (f/m/x)
-
- Consulting
- Professional
As a Senior Incident Response Consultant at IBM X-Force Incident Response, you will be responsible for handling and coordinating cyber incidents across our clients’ enterprise environments. During a cyber incident, Senior IR Consultants are responsible to ensure engagement objectives are met or exceeded, and coordinate and lead junior consultants in the response effort. A Senior Incident Response Consultant can communicate effectively with analysts, technical teams, and other stakeholders to deliver excellence in responding to and resolving incidents. You are expected to be both a technical expert but also able to orchestrate the analysis tasks of interest to a diverse body of stakeholders, many of whom will not have a strong technical background.
Your Role and Responsibilities
The consultant has strong knowledge of:
- processes for collecting, packaging, transporting, and storing electronic evidence while maintaining chain of custody.
- cyber attack stages (e.g., reconnaissance, scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks).
- cloud service models (e.g., IaaS, PaaS and SaaS) and how those models can limit digital forensics and incident response.
- malware analysis concepts and methodologies.
- adversarial tactics, techniques, and procedures.
- system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, SQL injection, race conditions, covert channel, replay, return-oriented attacks, malicious code).
Required Technical and Professional Expertise
Hands-on experience in Incident Management roles that required the ability to convey complex technical matters with analysis tasks and other relevant teams (Threat Intelligence, Malware Analysis, etc.).
Considerable expertise leading incident response investigations, from triage/kickoff through to post-incident remediation.
Highly skilled in:
- identifying, capturing, containing, and reporting malware.
- recognizing and categorizing types of vulnerabilities and associated attacks.
- using endpoint detection and response (EDR) tools (e.g., Crowdstrike, Cortex, Carbon Black) to detect and respond to security incidents at scale.
- using log management and event correlation tools (e.g., Splunk, ELK, QRadar).
- analyzing memory dumps to extract information.
- using forensic tool suites (e.g., X-Ways, EnCase, Sleuthkit, FTK).
- recognizing and interpreting malicious activity within network evidence sources.
- conducting forensic analyses across multiple operating system platforms (e.g., Windows, Linux, macOS).
- preparing written reports and oral presentations for technical, executive, and legal audiences.
Prior experience in a client-facing Incident Response consultancy role.
Fluent in English and Arabic.
Preferred Technical and Professional Expertise
- Relevant industry certifications (e.g., GCFE, GCFA, CISSP, etc.)
Quer saber como é ser um IBMista?
About IBM
IBM’s greatest invention is the IBMer. We believe that through the application of intelligence, reason and science, we can improve business, society and the human condition, bringing the power of an open hybrid cloud and AI strategy to life for our clients and partners around the world.
Restlessly reinventing since 1911, we are not only one of the largest corporate organizations in the world, we’re also one of the biggest technology and consulting employers, with many of the Fortune 50 companies relying on the IBM Cloud to run their business.
At IBM, we pride ourselves on being an early adopter of artificial intelligence, quantum computing and blockchain. Now it’s time for you to join us on our journey to being a responsible technology innovator and a force for good in the world.
Detalhes importantes do cargo
Não encontrou uma oportunidade para este momento?
Não se preocupe. Junte-se à nossa Rede de Talentos e receba notícias sobre as últimas oportunidades.