company logo

Incident Response Coordinator/Analyst – IBM CISO


Introduction At IBM, work is more than a job - it's a calling: To build. To design. To code. To consult. To think along with clients and sell. To make markets. To invent. To collaborate. Not just to

At IBM, work is more than a job – it’s a calling: To build. To design. To code. To consult. To think along with clients and sell. To make markets. To invent. To collaborate. Not just to do something better, but to attempt things you’ve never thought possible. Are you ready to lead in this new era of technology and solve some of the world’s most challenging problems? If so, lets talk.

Your Role and Responsibilities
The Computer Security Incident Response Team (CSIRT) manages security incidents, leads investigations, and remediates threats to systems and data. The cybersecurity specialist works in Incident Response and Digital Forensics.

As an Incident Response Coordinator, you handle security incidents from intake through triage, protection and remediation. You communicate effectively with business and technical teams across the company, including executive management, as well as corporate functions. You conduct meetings with stakeholders to facilitate the exchange of information, agree on and track the completion of actions, and document the findings and lessons learned.

As Incident Response Analyst, you conduct the technical analysis for security incidents (for example, unauthorized access, malware/ransomware, data loss, advanced persistent threats). You apply forensically sound methods for evidence handling and managing the chain of custody. You combine data from multiple sources, including system images, event logs, digital media and threat intelligence, to investigate threats, establish incident timelines, and document the findings in detailed, evidence based technical reports.

Working with global teams across the company, you ensure that security incidents are handled in a timely and professional manner and contribute to the ongoing improvement of IBM’s overall IT security posture.

Required Technical and Professional Expertise

  • Experience with incident management and understanding of security incident management standards and best practices.
  • Strong oral and written communications skills in English, additional languages are a plus.
  • Strong interpersonal and organizational skills.
  • Knowledge of common security threats, attack vectors and penetration techniques.
  • Experience with running and investigating systems using multiple platforms, including Linux, Windows, MacOS, Android, iOS.
  • Experience with forensic tools such as Encase, FTK, Magnet IEF, SIFT, X-ways, Magnet Axiom and live data capture tools.
  • Experience with event analysis and correlation, and malware analysis.
  • Knowledge of networking technologies, including firewalls, proxies, IDS/IPS, and network protocols.
  • Knowledge of Unix shell and common scripting languages for data manipulation

Preferred Technical and Professional Expertise
At least two years’ experience in Incident Response and/or Digital Forensics in a global enterprise.

  • At least one Information Security Professional Certification (e.g. CISSP, GIAC, EnCE, CFCE, CCE, DFCP, GCIA, GCIH).
  • Familiarity with IBM QRadar SIEM, Windows Defender ATP and EDR platforms is a plus

About Business UnitIBM Systems helps IT leaders think differently about their infrastructure. IBM servers and storage are no longer inanimate – they can understand, reason, and learn so our clients can innovate while avoiding IT issues. Our systems power the world’s most important industries and our clients are the architects of the future. Join us to help build our leading-edge technology portfolio designed for cognitive business and optimized for cloud computing.

Your Life @ IBMAre you craving to learn more? Prepared to solve some of the world’s most unique challenges? And ready to shape the future for millions of people? If so, then it’s time to join us, express your individuality, unleash your curiosity and discover new possibilities.

Every IBMer, and potential ones like yourself, has a voice, carves their own path, and uses their expertise to help co-create and add to our story. Together, we have the power to make meaningful change – to alter the fabric of our clients, of society and IBM itself, to create a truly positive impact and make the world work better for everyone.

It’s time to define your career.

About IBMIBM’s greatest invention is the IBMer. We believe that through the application of intelligence, reason and science, we can improve business, society and the human condition, bringing the power of an open hybrid cloud and AI strategy to life for our clients and partners around the world.Restlessly reinventing since 1911, we are not only one of the largest corporate organizations in the world, we’re also one of the biggest technology and consulting employers, with many of the Fortune 50 companies relying on the IBM Cloud to run their business. At IBM, we pride ourselves on being an early adopter of artificial intelligence, quantum computing and blockchain. Now it’s time for you to join us on our journey to being a responsible technology innovator and a force for good in the world.

Location StatementIBM wants you to bring your whole self to work and for you this might mean the ability to work flexibly. If you are interested in a flexible working pattern, please talk to our recruitment team to find out if this is possible in the current working environment.

Being You @ IBMIBM is committed to creating a diverse environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, pregnancy, disability, age, veteran status, or other characteristics. IBM is also committed to compliance with all fair employment practices regarding citizenship and immigration status.