Principal Consultant, Cyber Incident Response

IBM • US New York

Company

IBM

Location

US New York

Type

Full Time

Job Description

Introduction
Information and Data are some of the most important organizational assets in today’s businesses. As a Security Consultant you will be a key advisor for IBM’s clients analyzing business requirements to design and implement the best security solutions for their needs. You will apply your technical skills to find the balance between enabling and securing the client’s organization with the cognitive solutions that are making IBM the fastest growing enterprise security business in the world.

Your Role and Responsibilities
As an Incident Response Consultant at IBM X-Force Incident Response you will be responsible for managing and coordinating major cyber incidents across our clients’ enterprise environments. During a major cyber incident IR Consultants are responsible to ensure all relevant stakeholders are kept informed engagement objectives are met or exceeded and coordinate and lead junior consultants in the response effort. An Incident Response Consultant can communicate effectively with client executives technical teams counsel and other stakeholders to deliver excellence in responding to and resolving incidents. You are expected to be both a technical expert but also able to communicate the salient points of interest to a diverse body of stakeholders many of whom will not have a technical background.

Required Technical and Professional Expertise
Knowledge
  • Knowledge of processes for collecting packaging transporting and storing electronic evidence while maintaining chain of custody.
  • Knowledge of cyber attack stages (e.g. reconnaissance scanning enumeration gaining access escalation of privileges maintaining access network exploitation covering tracks).
  • Knowledge of cloud service models (e.g. IaaS PaaS and SaaS) and how those models can limit digital forensics and incident response.
  • Knowledge of malware analysis concepts and methodologies.
  • Knowledge of adversarial tactics techniques and procedures.
  • Knowledge of system and application security threats and vulnerabilities (e.g. buffer overflow mobile code cross-site scripting SQL injection race conditions covert channel replay return-oriented attacks malicious code).
  • Relevant industry certifications (e.g. GCFE GCFA CISSP etc.)

Skills

  • Skill in identifying capturing containing and reporting malware.
  • Skill in recognizing and categorizing types of vulnerabilities and associated attacks.
  • Skill in using endpoint detection and response (EDR) tools (e.g. Crowdstrike Cortex Carbon Black) to detect and respond to security incidents at scale.
  • Skill in using log management and event correlation tools (e.g. Splunk ELK QRadar).
  • Skill in analyzing memory dumps to extract information.
  • Skill in using forensic tool suites (e.g. X-Ways EnCase Sleuthkit FTK).
  • Skill in recognizing and interpreting malicious activity within network evidence sources.
  • Skill in conducting forensic analyses across multiple operating system platforms (e.g. Windows Linux macOS).
  • Skill in preparing written reports and oral presentations for technical executive and legal audiences.

Experience

  • Four (4) years of experience conducting incident response investigations.
  • Six (6) years of IT and/or information security experience.
  • Considerable experience leading incident response investigations from triage/kickoff through to post-incident remediation.


Preferred Technical and Professional Expertise

  • Federal government Secret or above security clearance.
  • Six (6) years of experience conducting incident response investigations.
  • Prior experience in a client-facing Incident Response consultancy role.
  • Prior experience in Incident Commander/Engagement Lead/Team Lead roles that required the ability to convey complex technical matters to non-security audiences (e.g. client executives and legal teams)
Apply Now

Date Posted

09/10/2024

Views

0

Back to Job Listings ❤️Add To Job List Company Info View Company Reviews
Positive
Subjectivity Score: 0.8

Similar Jobs

Senior Engineering Manager, Micros Foundations - Atlassian

Views in the last 30 days - 0

Atlassian is seeking a Senior Engineering Manager to lead a team of Backend Software Engineers The role involves guiding technical decisions prioritiz...

View Details

Enterprise Customer Success Manager - Rokt

Views in the last 30 days - 0

mParticle by Rokt a leading customer data platform is seeking an Enterprise Customer Success Manager The role involves serving as a trusted consultant...

View Details

Senior Professional Services Consultant - Cloudflare

Views in the last 30 days - 0

The role of a Professional Services Consultant for Application Security and Performance at Cloudflare involves providing advisory and handson keyboard...

View Details

Software Architecture Engineering and Cloud Computing Engineer - The Aerospace Corporation

Views in the last 30 days - 0

The Aerospace Corporation is seeking a Senior Project Engineer with expertise in software architecture engineering and cloud computing The role involv...

View Details

Principal / Lead Software Engineer- RUST (Algorithmic and Mathematics) - m/w/d - HERE Technologies

Views in the last 30 days - 0

HERE Technologies is seeking a Principal Software Engineer to lead the development of extended services for their VRP solver Tour Planning The role in...

View Details

Principal Product Marketing Manager - Rokt

Views in the last 30 days - 0

mParticle by Rokt a leading customer data platform is seeking a Principal Product Marketing Manager The role involves driving market leadership creati...

View Details