X-Force IRIS (EU) Incident Response Analyst

Job description

IBM X-Force IRIS offers assistance and advice to our clients whenever they have an incident. We help our clients identify, contain and control the threats and enable them to return to business-as-usual as efficiently and effectively as possible.

We needs talented people with technical skills and experience. But we also need people who have a level of client engagement and liaison skill. People who are able to work within a team that is spread across almost every region of Europe and are willing to travel on short notice to help our clients when they need us most.

What we do...

PREPARE
• Incident Response Planning
• Table Top Exercises
• First Responder Training
• Incident Response Playbook Design, Assessment & Review

DETECT
• Tactical Threat Monitoring
• Threat Hunting
RESPOND
• Incident Response Management
• Incident Response

ANALYSE
• Digital Forensics (Log, host, memory, network and traffic)
• Threat Intelligence
Auto req ID

133097BR
Required Education

Bachelor's Degree
Role ( Job Role )

Security Professional
State / Province

MAZOWIECKIE
Primary job category

Enterprise Operations
Company

(0109) IBM Polska Sp. zo.o.
Contract type

Regular
Employment Type

Full-Time
ERBP

Yes
Is this role a commissionable/sales incentive based position?

No
Travel Required

Up to 25% or 2 days a week (home on weekends- based on project requirements)
IBM Business Group

Security
Preferred Education

Master's Degree
City / Township / Village

WARSZAWA
EO Statement

IBM is committed to creating a diverse environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status. IBM is also committed to compliance with all fair employment practices regarding citizenship and immigration status.
Required Technical and Professional Expertise

Required Professional Skills & Experience

• IT security and investigations.
• Practical experience of NIST SP 800-61 or similar methodologies.
• Working within teams of investigators on large scale, diverse and complex investigations.
• Proficient in technical writing and verbal communication.
• Experience of contributing to IT Security projects. and a broad understanding of protecting and monitoring enterprise IT.
• Ability to recognise and deal appropriately with potentially confidential and sensitive information.
• Awareness of relevant legislation and familiarity with working within EU and international legislative and regulatory frameworks.
Country/Region

Poland
Preferred Technical and Professional Experience

Desirable Professional Skills & Experience

• Ability to collaborate on multiple ongoing priority incidents and projects.
• Presentation skills, able to articulate and present to a broad audience from technical experts to the board room.
• Detailed knowledge of current forensic and IR tools, techniques and procedures (TTPs) with an understanding of underlying principles such as 'Chain of Custody'.
• Awareness of current and emerging targeted threat intrusion scenarios.
• Working with SOC, digital forensic or incident response operations.
• Open source intelligence (OSINT) and research ethics and techniques.
• Risk and threat assessment techniques and taxonomies such as Kill Chain analysis, Diamond Model and STIX.
Secondary Job Category

Other Enterprise Operations
Eligibility Requirements

n/a
Position Type

Professional
Early Professional Track

Not Applicable - Professional Hire