Principal Incident Response Consultant - IBM : Job Details

Principal Incident Response Consultant IBM Corporation, Armonk, New York and various unanticipated client sites throughout the US (Up to 100% telecommuting permitted): Examine available client internal policies, and procedures to determine patterns and gaps at both a strategic and tactical levels. Recommend course of action to support strengthening the client's incident response program and cyber security posture. Plan, scope, deliver technical/executive level tabletop exercises, with a focus on either tactical or strategic incident response processes. Identify cyber security related vulnerabilities, common attack vectors and mitigations. Develop strategic level incident response plans and tactical-focused playbooks. Analyze both Windows and Mobile systems for evidence of compromise. Perform log analysis locally and via SIEM/log aggregation tool. Hunt threat actors in large enterprise networks and cloud environments while configuring Endpoint Detection and Response (EDR) tools. Interpret the behavior, security risks and controls of common network protocols based on an understanding of common applications used in Windows and Linux enterprise environment. Advise senior/executive level clients on strategic and tactical processes of Incident Response. Apply attacker methodologies, attack lifecycle, Cyber Kill Chain, in assessment and development of work products. Manage business and technical security engagements while leveraging the applicable methodologies, data privacy laws and regulations frameworks. Deliver consulting services and work products based on an understanding of network protocols, network devices, computer security devices, secure architecture and system administration in support of computer forensics and network security operations. Assess and develop enterprise-wide policies and procedures for IT risk mitigation and incident response. Assist non-Incident Response internal professionals and executives on internal and client calls as Incident Response delivery lead and services offerings subject matter expert (SME). Utilize: Cybersecurity Incident Response Process, Cybersecurity Risk Assessments, OpenText Encase Forensic, Forensic Analysis Tools, Endpoint Detection & Response (EDR) tools. Required: Master's degree or equivalent (employer will accept a Bachelor's degree plus five (5) years of progressive experience in lieu of a Master's degree) and one (1) year of experience as a Security Consultant or related. One (1) year of experience must include utilizing Cybersecurity Incident Response Process, Cybersecurity Risk Assessments, OpenText Encase Forensic, Forensic Analysis Tools, Endpoint Detection & Response (EDR) tools. $202009 to $225000 per year. Please send resumes to [email protected]. Applicants must reference SN141 in the subject line. JobiqoTJN. Category: Technology, Keywords: Incident Response Analyst