Job title: Cyber Security Forensic Analyst – Austin, Texas
Job description: Title Cyber Security Forensic Analyst Duration 1 Year + Location Austin, Texas Job Description The SOC’s mission is to provide 24 x 7 coverage. The analysts work in rotating shifts to facilitate this 24 x 7 coverage. We can discuss the shift schedules with the potential candidates further. Job Description IBM is seeking a Mid-Senior Level Cyber Security Analyst in Austin, TX to work on the 24×7 Cyber Security Rapid Response Team – Security Monitoring, Forensic and Threat Intelligence function. This position requires a motivated fast learner, who is able to work within the Rapid Response function to identify, analyze, and remediate potential threats to the environment. The candidate will require security industry knowledge that evolves with current and emerging threats, as well as an ongoing understanding of key business and technological processes. This position will report to the Threat and Response Lead of Information Security. This role will perform security monitoring, investigations and perform analysis of events in order to thwart internal and external threats to the environment. Additionally, will collaborate on an ongoing basis with the Cyber Security Rapid Response Incident Response Team and Managed Security Service providers to support detection, triage, incident analysis, containment, remediation and reporting of eventsincidents while coordinating, balancing business priorities, emerging and actual threats and best practices to ensure the confidentiality, integrity and availability of information assets. Location Preferred location is Austin, Tx. (Negotiable) Responsibilities Assist in establishing Global Security Monitoring discipline to support enterprise Analyze and respond to security threats from Firewall (FW), Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS), Antivirus (AV), Endpoint Detection and Response (EDR) and other security threat data sources. Respond in a timely manner (within documented SLA). Document actions in cases to effectively communicate information to internal stakeholders as well has for historical retrieval. Adhere to policies, procedures, and security practices Resolve problems independently and understand escalation procedures. Conduct Security Monitoring activities to provide Security in Depth visibility into potential known and unknown threats that may pose risk to the IBM environment. Participate in security incidents and act as the technical Subject Matter Expert during significant security incidents. Utilize analytics to identify potential threats to the environment. Detect, respond, mitigate, and report on cyber threatsincidents that may impact the environment. Collaborate with technical leads Engineering, Operations, Service Desk, Applications and BISOs on matters related to security monitoring across global footprint. Collaborate and serve as liaison to Managed andor Unmanaged Security Service providers. Conduct Operations surrounding cyber security incident response technologies including network logging and forensics, security information and event management tools, security analytics platforms, log search technologies, and host based forensics as applicable. Act as an internal information security consultant to the business and technology units, advising on risks, threats and control practices related to Rapid Response. Assist in development and knowledge sharing within the team. Assist in security console tuning Assist in security event oversight to ensure the team is delivering a quality product Identify and share threat intelligence that impacts IBM and their customers or products Perform threat hunts that target adversary TTPs Required Technical and Professional Expertise Minimum 3+ years of experience working within a SOC, Threat Hunt, or Threat Intel team Critical thinking and problem solving skills Passion for information security and data security Strong writtenverbal communication skills Strong interpersonal and organization skills Preferred Technical and Professional Expertise Practical experience with TCPIP networking Experience with Linux, Windows, iOS, and Network Operating Systems Experience with EDR and SIEM technologies. Working knowledge of Routing and Access Control Devices Industry related certifications Security+, CEH, GSEC, etc
Location: Austin, TX
Job date: Wed, 18 Nov 2020 23:31:28 GMT
Apply for the job now!