Principal Incident Response Consultant - German Speaker

Introduction
As a Principal Incident Response Consultant at IBM X-Force Incident Response you will be responsible for managing and coordinating major cyber incidents across our clients’ enterprise environments. During a major cyber incident Principal IR Consultants are responsible to ensure all relevant stakeholders are kept informed engagement objectives are met or exceeded and coordinate and lead junior consultants in the response effort. A Principal Incident Response Consultant can communicate effectively with client executives technical teams counsel and other stakeholders to deliver excellence in responding to and resolving incidents. You are expected to be both a technical expert but also able to communicate the salient points of interest to a diverse body of stakeholders many of whom will not have a technical background.

The selected candidate must be a resident of the European Union and speaks fluent German.

Salary starts from 5810 EUR / month gross considering the relevant experience and skills.

Your Role and Responsibilities
The consultant has strong knowledge of:

• processes for collecting packaging transporting and storing electronic evidence while maintaining chain of custody.
• cyber attack stages (e.g. reconnaissance scanning enumeration gaining access escalation of privileges maintaining access network exploitation covering tracks).
• cloud service models (e.g. IaaS PaaS and SaaS) and how those models can limit digital forensics and incident response.
• malware analysis concepts and methodologies.
• adversarial tactics techniques and procedures.
• system and application security threats and vulnerabilities (e.g. buffer overflow mobile code cross-site scripting SQL injection race conditions covert channel replay return-oriented attacks malicious code).

Required Technical and Professional Expertise

• Hands-on experience in Cyber Crisis Management (aka Incident Command) roles that required the ability to convey complex technical matters to non-security audiences (e.g. client executives and legal teams).
• Considerable expertise leading incident response investigations from triage/kickoff through to post-incident remediation.
• Highly skilled in
  • identifying capturing containing and reporting malware.
  • recognizing and categorizing types of vulnerabilities and associated attacks.
  • using endpoint detection and response (EDR) tools (e.g. Crowdstrike Cortex Carbon Black) to detect and respond to security incidents at scale.
  • using log management and event correlation tools (e.g. Splunk ELK QRadar).
  • analyzing memory dumps to extract information.
  • using forensic tool suites (e.g. X-Ways EnCase Sleuthkit FTK).
  • recognizing and interpreting malicious activity within network evidence sources.
  • conducting forensic analyses across multiple operating system platforms (e.g. Windows Linux macOS).
  • preparing written reports and oral presentations for technical executive and legal audiences.
  • Cyber Crisis Management (aka Incident Command) for large complex cyber security incidents across a global base of mostly large enterprise clients.

• Prior experience in a client-facing Incident Response consultancy role.
• Fluent in English and German .

Preferred Technical and Professional Expertise

• Relevant industry certifications (e.g. GCFE GCFA CISSP etc.)