Incident Response Consultant-Digital Forensics & Incident Response
IBM
Incident Response Consultant-Digital Forensics & Incident Response
Job Description
Incident Response Consultant-Digital Forensics & Incident Response
📋 Job Overview
The Incident Response Consultant role at IBM involves working with global clients to enhance their hybrid cloud and AI strategies. Key responsibilities include monitoring security alerts, leading incident response efforts, and conducting digital forensics investigations. The role requires a strong foundation in security principles and experience in incident response and threat intelligence.
📍 Location: Mumbai, IN
💼 Career Level: Professional
🎯 Key Responsibilities
- Monitor security alerts and notifications from various sources, including security information and event management (SIEM) systems, intrusion detection systems (IDS), and endpoint protection solutions
- Perform real-time analysis of security alerts and determine the severity and impact of potential security incidents
- Lead and coordinate the response to security incidents, including identification, containment, eradication, and recovery
- Conduct root cause analysis to determine the origin and impact of incidents and develop recommendations to prevent future occurrences
- Document and report incidents, including the creation of detailed incident reports and timelines
- Participate in the continuous improvement of incident response playbooks and standard operating procedures (SOPs)
- Perform digital forensics investigations on compromised systems to collect and analyze evidence
- Stay updated on the latest cyber threats, vulnerabilities, and attack vectors
- Analyze and interpret threat intelligence to identify potential risks and improve incident detection and response capabilities
- Collaborate with threat intelligence teams and external partners to share information and enhance situational awareness
✅ Required Qualifications
- 6+ years of experience in Incident response and Threat intelligence
- Good grasp of basic security principles like confidentiality, authentication, access control and privacy, security vulnerabilities, physical security issues, protocol design flaws, malicious code, implementation flaws, configuration weaknesses, user errors, user indifference
⭐ Preferred Qualifications
- Certifications: CEH, CompTIA Security+, AZ-200, AZ-900, SIEM Fundamentals, CERT-Certified Computer Security Incident Handler (CERT-CSIH)
- Knowledge in Investigation Technologies such as EDR, XDR, Email Security, VA, Sandboxing, Threat Intelligence, Deception, DFIR and SOAR
- Experience with SIEM, IDS/IPS, endpoint protection, and forensic tools
- Language skills: Python, PowerShell, Shell Scripting, JS, VB
🛠️ Required Skills
- SIEM Tools: Qradar, Securonix, ArcSight, Splunk, Sentinel One
- Security Tools: Smokescreen, TIP, Wireshark, EDR, XDR, Antivirus, Virus Total
- Programming Languages: Python, PowerShell, Shell Scripting, JS, VB
- Ability to work well under pressure handling multiple tasks
🎁 Benefits & Perks
- Long-term career growth and development opportunities
- Environment that embraces unique skills and experience
- Encouragement to challenge the norm and investigate ideas outside of role
- Culture of evolution and empathy
- Opportunity to learn and develop oneself and career
- Encouragement to be courageous and experiment every day
- Continuous trust and support in an inclusive environment
- Opportunity to join IBM on their journey to being a responsible technology innovator and a force for good in the world
Locations
- Mumbai, IN, India
Salary
Estimated Salary Rangemedium confidence
2,500,000 - 4,200,000 INR / yearly
Source: ai estimated
* This is an estimated range based on market data and may vary based on experience and qualifications.
Skills Required
- SIEM Tools: Qradar, Securonix, ArcSight, Splunk, Sentinel Oneintermediate
- Security Tools: Smokescreen, TIP, Wireshark, EDR, XDR, Antivirus, Virus Totalintermediate
- Programming Languages: Python, PowerShell, Shell Scripting, JS, VBintermediate
- Ability to work well under pressure handling multiple tasksintermediate
Required Qualifications
- 6+ years of experience in Incident response and Threat intelligence (experience)
- Good grasp of basic security principles like confidentiality, authentication, access control and privacy, security vulnerabilities, physical security issues, protocol design flaws, malicious code, implementation flaws, configuration weaknesses, user errors, user indifference (experience)
Preferred Qualifications
- Certifications: CEH, CompTIA Security+, AZ-200, AZ-900, SIEM Fundamentals, CERT-Certified Computer Security Incident Handler (CERT-CSIH) (experience)
- Knowledge in Investigation Technologies such as EDR, XDR, Email Security, VA, Sandboxing, Threat Intelligence, Deception, DFIR and SOAR (experience)
- Experience with SIEM, IDS/IPS, endpoint protection, and forensic tools (experience)
- Language skills: Python, PowerShell, Shell Scripting, JS, VB (experience)
Responsibilities
- Monitor security alerts and notifications from various sources, including security information and event management (SIEM) systems, intrusion detection systems (IDS), and endpoint protection solutions
- Perform real-time analysis of security alerts and determine the severity and impact of potential security incidents
- Lead and coordinate the response to security incidents, including identification, containment, eradication, and recovery
- Conduct root cause analysis to determine the origin and impact of incidents and develop recommendations to prevent future occurrences
- Document and report incidents, including the creation of detailed incident reports and timelines
- Participate in the continuous improvement of incident response playbooks and standard operating procedures (SOPs)
- Perform digital forensics investigations on compromised systems to collect and analyze evidence
- Stay updated on the latest cyber threats, vulnerabilities, and attack vectors
- Analyze and interpret threat intelligence to identify potential risks and improve incident detection and response capabilities
- Collaborate with threat intelligence teams and external partners to share information and enhance situational awareness
Benefits
- general: Long-term career growth and development opportunities
- general: Environment that embraces unique skills and experience
- general: Encouragement to challenge the norm and investigate ideas outside of role
- general: Culture of evolution and empathy
- general: Opportunity to learn and develop oneself and career
- general: Encouragement to be courageous and experiment every day
- general: Continuous trust and support in an inclusive environment
- general: Opportunity to join IBM on their journey to being a responsible technology innovator and a force for good in the world
Tags & Categories
Incident Response Consultant-Digital Forensics & Incident Response
IBM
Incident Response Consultant-Digital Forensics & Incident Response
Job Description
Incident Response Consultant-Digital Forensics & Incident Response
📋 Job Overview
The Incident Response Consultant role at IBM involves working with global clients to enhance their hybrid cloud and AI strategies. Key responsibilities include monitoring security alerts, leading incident response efforts, and conducting digital forensics investigations. The role requires a strong foundation in security principles and experience in incident response and threat intelligence.
📍 Location: Mumbai, IN
💼 Career Level: Professional
🎯 Key Responsibilities
- Monitor security alerts and notifications from various sources, including security information and event management (SIEM) systems, intrusion detection systems (IDS), and endpoint protection solutions
- Perform real-time analysis of security alerts and determine the severity and impact of potential security incidents
- Lead and coordinate the response to security incidents, including identification, containment, eradication, and recovery
- Conduct root cause analysis to determine the origin and impact of incidents and develop recommendations to prevent future occurrences
- Document and report incidents, including the creation of detailed incident reports and timelines
- Participate in the continuous improvement of incident response playbooks and standard operating procedures (SOPs)
- Perform digital forensics investigations on compromised systems to collect and analyze evidence
- Stay updated on the latest cyber threats, vulnerabilities, and attack vectors
- Analyze and interpret threat intelligence to identify potential risks and improve incident detection and response capabilities
- Collaborate with threat intelligence teams and external partners to share information and enhance situational awareness
✅ Required Qualifications
- 6+ years of experience in Incident response and Threat intelligence
- Good grasp of basic security principles like confidentiality, authentication, access control and privacy, security vulnerabilities, physical security issues, protocol design flaws, malicious code, implementation flaws, configuration weaknesses, user errors, user indifference
⭐ Preferred Qualifications
- Certifications: CEH, CompTIA Security+, AZ-200, AZ-900, SIEM Fundamentals, CERT-Certified Computer Security Incident Handler (CERT-CSIH)
- Knowledge in Investigation Technologies such as EDR, XDR, Email Security, VA, Sandboxing, Threat Intelligence, Deception, DFIR and SOAR
- Experience with SIEM, IDS/IPS, endpoint protection, and forensic tools
- Language skills: Python, PowerShell, Shell Scripting, JS, VB
🛠️ Required Skills
- SIEM Tools: Qradar, Securonix, ArcSight, Splunk, Sentinel One
- Security Tools: Smokescreen, TIP, Wireshark, EDR, XDR, Antivirus, Virus Total
- Programming Languages: Python, PowerShell, Shell Scripting, JS, VB
- Ability to work well under pressure handling multiple tasks
🎁 Benefits & Perks
- Long-term career growth and development opportunities
- Environment that embraces unique skills and experience
- Encouragement to challenge the norm and investigate ideas outside of role
- Culture of evolution and empathy
- Opportunity to learn and develop oneself and career
- Encouragement to be courageous and experiment every day
- Continuous trust and support in an inclusive environment
- Opportunity to join IBM on their journey to being a responsible technology innovator and a force for good in the world
Locations
- Mumbai, IN, India
Salary
Estimated Salary Rangemedium confidence
2,500,000 - 4,200,000 INR / yearly
Source: ai estimated
* This is an estimated range based on market data and may vary based on experience and qualifications.
Skills Required
- SIEM Tools: Qradar, Securonix, ArcSight, Splunk, Sentinel Oneintermediate
- Security Tools: Smokescreen, TIP, Wireshark, EDR, XDR, Antivirus, Virus Totalintermediate
- Programming Languages: Python, PowerShell, Shell Scripting, JS, VBintermediate
- Ability to work well under pressure handling multiple tasksintermediate
Required Qualifications
- 6+ years of experience in Incident response and Threat intelligence (experience)
- Good grasp of basic security principles like confidentiality, authentication, access control and privacy, security vulnerabilities, physical security issues, protocol design flaws, malicious code, implementation flaws, configuration weaknesses, user errors, user indifference (experience)
Preferred Qualifications
- Certifications: CEH, CompTIA Security+, AZ-200, AZ-900, SIEM Fundamentals, CERT-Certified Computer Security Incident Handler (CERT-CSIH) (experience)
- Knowledge in Investigation Technologies such as EDR, XDR, Email Security, VA, Sandboxing, Threat Intelligence, Deception, DFIR and SOAR (experience)
- Experience with SIEM, IDS/IPS, endpoint protection, and forensic tools (experience)
- Language skills: Python, PowerShell, Shell Scripting, JS, VB (experience)
Responsibilities
- Monitor security alerts and notifications from various sources, including security information and event management (SIEM) systems, intrusion detection systems (IDS), and endpoint protection solutions
- Perform real-time analysis of security alerts and determine the severity and impact of potential security incidents
- Lead and coordinate the response to security incidents, including identification, containment, eradication, and recovery
- Conduct root cause analysis to determine the origin and impact of incidents and develop recommendations to prevent future occurrences
- Document and report incidents, including the creation of detailed incident reports and timelines
- Participate in the continuous improvement of incident response playbooks and standard operating procedures (SOPs)
- Perform digital forensics investigations on compromised systems to collect and analyze evidence
- Stay updated on the latest cyber threats, vulnerabilities, and attack vectors
- Analyze and interpret threat intelligence to identify potential risks and improve incident detection and response capabilities
- Collaborate with threat intelligence teams and external partners to share information and enhance situational awareness
Benefits
- general: Long-term career growth and development opportunities
- general: Environment that embraces unique skills and experience
- general: Encouragement to challenge the norm and investigate ideas outside of role
- general: Culture of evolution and empathy
- general: Opportunity to learn and develop oneself and career
- general: Encouragement to be courageous and experiment every day
- general: Continuous trust and support in an inclusive environment
- general: Opportunity to join IBM on their journey to being a responsible technology innovator and a force for good in the world
Tags & Categories