22 days old

Cyber Security Forensic Analyst - IBM CISO

Austin, TX 78701
  • Job Code

At IBM, work is more than a job - it's a calling: To build. To design. To code. To consult. To think along with clients and sell. To make markets. To invent. To collaborate. Not just to do something better, but to attempt things you've never thought possible. Are you ready to lead in this new era of technology and solve some of the world's most challenging problems? If so, lets talk.

Your Role and Responsibilities
JOB TITLE: Cyber Security Forensic Analyst (EnCE, CFCE, CCE, DFCP, GCIA, GCIH)

The IBM Global Information Security Organization (IBM CISO) is seeking a Cyber Security Forensic Analyst to work on the global Cyber Security Incident Response team (CSIRT). Cyber Security Incident Response team (CSIRT) core function is to provide continuous cybersecurity incident intake, triage, investigative response and data analysis services for the IBM Corporation and its clients as well as contributing to the ongoing improvement of IBMs overall IT security posture. This position requires a strong technical security professional, who will be responsible for conducting highly technical and confidential investigations. (e.g. data loss, advanced persistent threats, malware analysis etc)


The role will be responsible for conducting forensic investigations and analysis in support of cyber incidents that are reported into the CSIRT team. This role will require the ability to triage and conduct thorough examinations of all types of digital media within a heterogeneous environment, the ability to determine containment and/or remediation activities that may be required as well as identify potential threats. In this role, you will report and collaborate with the different areas of Business, as well as providing relevant lesson learned output that can be fed into the IBM threat landscape.


Conduct examination of digital media (hard drives, network traffic, mobile phones, etc.).
Capture / analyze network traffic for indications of compromise.
Review log-based data, both in raw form and utilizing SIEM or aggregation tools.
Employ best practices and forensically sound principals such as evidence handling and chain of custody.
Perform live network assessments using leading packet capture and analysis software tools.
Establish timelines and patterns of activity based on multiple data sources.
Identify, document and prepare reports on relevant findings.
Utilize varied forensic software such as FTK, Encase, IEF, etc.
Effectively communicate with clients to establish timelines, manage expectations, and report findings.


Ability to communicate complex information, concepts, or ideas in a confident and well-organized manner through verbal, written, and/or visual means.
Ability to accurately and completely source all data used in intelligence, assessment and/or planning products.
Ability to clearly articulate intelligence requirements into well-formulated research questions and data tracking variables for inquiry tracking purposes.
Expert-level knowledge of common attack vectors and penetration techniques.
Solid working knowledge of networking technology and tools, firewalls, proxies, IDS/IPS, encryption.
Demonstrated knowledge of forensic tools such as Encase, FTK, IEF, SIFT.
Experience with malware analysis (reverse engineering).
Ability to successfully facilitate information gathering meetings with client senior-level employees
Skilled at event analysis and correlation.
Experience managing large and small scale cyber security incidents.
An ability to understand and correlate strategic decisions/methodologies into their practical application at an operational level.

Your life at IBM
We come to work thrilled knowing it will never be the same day twice. At IBM, you have access to a unique combination of experiences that together build a powerful, rewarding career for you. These experiences consist of:
Opportunity to do work that impacts not just your team but often the very lives of millions of people. Youre not just joining a big company, at IBM youre joining a bigger cause.
Ability to discover the exact career you were meant to have by trying different roles, industries, technologies even locations, right within IBM. No other company gives you the career infinence (infinite experiences) like IBM
A company with a progressive and inclusive heritage based on leadership and a history of taking stands on things that matter

Required Technical and Professional Expertise
At least 5 years experience in IT Security Digital Forensics
At least 2 years experience in Incident Response in a global corporate enterprise
Demonstrated understanding of database structures and SQl
Experience with Linux operating systems

Preferred Technical and Professional Expertise
Strong understanding of networking protocols.
Experience in fast-paced investigations.
Experience with programming or scripting languages.
Familiar with Q-Rader SIEM tool is a plus
Demonstrated system administration skills.
Ability to coach and training junior level analysts in industry best practices and methodologies

About Business Unit
IBM Corporate Headquarters (CHQ) team represents a variety of functions such as marketing, finance, legal, operations, HR, and more, all working together to solve some of the world's most complex problems, help our clients achieve success and build collaborative work environments for IBMers.

Your Life @ IBM
What matters to you when youre looking for your next career challenge?

Maybe you want to get involved in work that really changes the world? What about somewhere with incredible and diverse career and development opportunities where you can truly discover your passion? Are you looking for a culture of openness, collaboration and trust where everyone has a voice? What about all of these? If so, then IBM could be your next career challenge. Join us, not to do something better, but to attempt things you never thought possible.

Impact. Inclusion. Infinite Experiences. Do your best work ever.

About IBM
IBMs greatest invention is the IBMer. We believe that progress is made through progressive thinking, progressive leadership, progressive policy and progressive action. IBMers believe that the application of intelligence, reason and science can improve business, society and the human condition. Restlessly reinventing since 1911, we are the largest technology and consulting employer in the world, with more than 380,000 IBMers serving clients in 170 countries.

Location Statement
For additional information about location requirements, please discuss with the recruiter following submission of your application.

Being You @ IBM
IBM is committed to creating a diverse environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status. IBM is also committed to compliance with all fair employment practices regarding citizenship and immigration status.



  • Computers Software and Hardware
Posted: 2019-12-26 Expires: 2020-01-25

Featured Jobs

Career News

Before you go...

Our free job seeker tools include alerts for new jobs, saving your favorites, optimized job matching, and more! Just enter your email below.

Share this job:

Cyber Security Forensic Analyst - IBM CISO

Austin, TX 78701

Join us to start saving your Favorite Jobs!

Sign In Create Account
Powered ByCareerCast