Security Consultant - Incident Responder
IBM
Security Consultant - Incident Responder
Job Description
Security Consultant - Incident Responder
📋 Job Overview
As a Security Consultant - Incident Responder at IBM, you will work in our Client Innovation Centers to deliver technical expertise in incident response and threat intelligence. You will monitor security alerts, perform real-time analysis, lead incident response efforts, and conduct digital forensics to enhance our clients' security posture across various industries.
📍 Location: Mumbai, IN
💼 Career Level: Professional
🎯 Key Responsibilities
- Monitor security alerts and notifications from various sources, including security information and event management (SIEM) systems, intrusion detection systems (IDS), and endpoint protection solutions
- Perform real-time analysis of security alerts and determine the severity and impact of potential security incidents
- Lead and coordinate the response to security incidents, including identification, containment, eradication, and recovery
- Conduct root cause analysis to determine the origin and impact of incidents and develop recommendations to prevent future occurrences
- Document and report incidents, including the creation of detailed incident reports and timelines
- Participate in the continuous improvement of incident response playbooks and standard operating procedures (SOPs)
- Perform digital forensics investigations on compromised systems to collect and analyze evidence
- Stay updated on the latest cyber threats, vulnerabilities, and attack vectors
- Analyze and interpret threat intelligence to identify potential risks and improve incident detection and response capabilities
- Collaborate with threat intelligence teams and external partners to share information and enhance situational awareness
✅ Required Qualifications
- 6+ Years of experience in Incident response and Threat intelligence
- Good grasp of basic security principles like confidentiality, authentication, access control and privacy, security vulnerabilities, physical security issues, protocol design flaws, malicious code, implementation flaws, configuration weaknesses, user errors, user indifference
- Certification: CEH, CompTIA Security+, AZ-200, AZ-900, SIEM Fundamentals, CERT-Certified Computer Security Incident Handler (CERT-CSIH)
⭐ Preferred Qualifications
- Language (Optional): Python, PowerShell, Shell Scripting, JS, VB
🛠️ Required Skills
- SIEM Tools: Qradar, Securonix, ArcSight, Splunk, Sentinel One
- Security Tools: Smokescreen, TIP, Wireshark, EDR, XDR, Antivirus, Virus Total
- Investigation Technologies: EDR, XDR, Email Security, VA, Sandboxing, Threat Intelligence, Deception, DFIR, SOAR
- Experience with SIEM, IDS/IPS, endpoint protection, and forensic tools
- Work well under pressure handling multiple tasks
Locations
- Mumbai, IN, India
Salary
Estimated Salary Rangemedium confidence
2,500,000 - 4,200,000 INR / yearly
Source: ai estimated
* This is an estimated range based on market data and may vary based on experience and qualifications.
Skills Required
- SIEM Tools: Qradar, Securonix, ArcSight, Splunk, Sentinel Oneintermediate
- Security Tools: Smokescreen, TIP, Wireshark, EDR, XDR, Antivirus, Virus Totalintermediate
- Investigation Technologies: EDR, XDR, Email Security, VA, Sandboxing, Threat Intelligence, Deception, DFIR, SOARintermediate
- Experience with SIEM, IDS/IPS, endpoint protection, and forensic toolsintermediate
- Work well under pressure handling multiple tasksintermediate
Required Qualifications
- 6+ Years of experience in Incident response and Threat intelligence (experience)
- Good grasp of basic security principles like confidentiality, authentication, access control and privacy, security vulnerabilities, physical security issues, protocol design flaws, malicious code, implementation flaws, configuration weaknesses, user errors, user indifference (experience)
- Certification: CEH, CompTIA Security+, AZ-200, AZ-900, SIEM Fundamentals, CERT-Certified Computer Security Incident Handler (CERT-CSIH) (experience)
Preferred Qualifications
- Language (Optional): Python, PowerShell, Shell Scripting, JS, VB (experience)
Responsibilities
- Monitor security alerts and notifications from various sources, including security information and event management (SIEM) systems, intrusion detection systems (IDS), and endpoint protection solutions
- Perform real-time analysis of security alerts and determine the severity and impact of potential security incidents
- Lead and coordinate the response to security incidents, including identification, containment, eradication, and recovery
- Conduct root cause analysis to determine the origin and impact of incidents and develop recommendations to prevent future occurrences
- Document and report incidents, including the creation of detailed incident reports and timelines
- Participate in the continuous improvement of incident response playbooks and standard operating procedures (SOPs)
- Perform digital forensics investigations on compromised systems to collect and analyze evidence
- Stay updated on the latest cyber threats, vulnerabilities, and attack vectors
- Analyze and interpret threat intelligence to identify potential risks and improve incident detection and response capabilities
- Collaborate with threat intelligence teams and external partners to share information and enhance situational awareness
Tags & Categories
Security Consultant - Incident Responder
IBM
Security Consultant - Incident Responder
Job Description
Security Consultant - Incident Responder
📋 Job Overview
As a Security Consultant - Incident Responder at IBM, you will work in our Client Innovation Centers to deliver technical expertise in incident response and threat intelligence. You will monitor security alerts, perform real-time analysis, lead incident response efforts, and conduct digital forensics to enhance our clients' security posture across various industries.
📍 Location: Mumbai, IN
💼 Career Level: Professional
🎯 Key Responsibilities
- Monitor security alerts and notifications from various sources, including security information and event management (SIEM) systems, intrusion detection systems (IDS), and endpoint protection solutions
- Perform real-time analysis of security alerts and determine the severity and impact of potential security incidents
- Lead and coordinate the response to security incidents, including identification, containment, eradication, and recovery
- Conduct root cause analysis to determine the origin and impact of incidents and develop recommendations to prevent future occurrences
- Document and report incidents, including the creation of detailed incident reports and timelines
- Participate in the continuous improvement of incident response playbooks and standard operating procedures (SOPs)
- Perform digital forensics investigations on compromised systems to collect and analyze evidence
- Stay updated on the latest cyber threats, vulnerabilities, and attack vectors
- Analyze and interpret threat intelligence to identify potential risks and improve incident detection and response capabilities
- Collaborate with threat intelligence teams and external partners to share information and enhance situational awareness
✅ Required Qualifications
- 6+ Years of experience in Incident response and Threat intelligence
- Good grasp of basic security principles like confidentiality, authentication, access control and privacy, security vulnerabilities, physical security issues, protocol design flaws, malicious code, implementation flaws, configuration weaknesses, user errors, user indifference
- Certification: CEH, CompTIA Security+, AZ-200, AZ-900, SIEM Fundamentals, CERT-Certified Computer Security Incident Handler (CERT-CSIH)
⭐ Preferred Qualifications
- Language (Optional): Python, PowerShell, Shell Scripting, JS, VB
🛠️ Required Skills
- SIEM Tools: Qradar, Securonix, ArcSight, Splunk, Sentinel One
- Security Tools: Smokescreen, TIP, Wireshark, EDR, XDR, Antivirus, Virus Total
- Investigation Technologies: EDR, XDR, Email Security, VA, Sandboxing, Threat Intelligence, Deception, DFIR, SOAR
- Experience with SIEM, IDS/IPS, endpoint protection, and forensic tools
- Work well under pressure handling multiple tasks
Locations
- Mumbai, IN, India
Salary
Estimated Salary Rangemedium confidence
2,500,000 - 4,200,000 INR / yearly
Source: ai estimated
* This is an estimated range based on market data and may vary based on experience and qualifications.
Skills Required
- SIEM Tools: Qradar, Securonix, ArcSight, Splunk, Sentinel Oneintermediate
- Security Tools: Smokescreen, TIP, Wireshark, EDR, XDR, Antivirus, Virus Totalintermediate
- Investigation Technologies: EDR, XDR, Email Security, VA, Sandboxing, Threat Intelligence, Deception, DFIR, SOARintermediate
- Experience with SIEM, IDS/IPS, endpoint protection, and forensic toolsintermediate
- Work well under pressure handling multiple tasksintermediate
Required Qualifications
- 6+ Years of experience in Incident response and Threat intelligence (experience)
- Good grasp of basic security principles like confidentiality, authentication, access control and privacy, security vulnerabilities, physical security issues, protocol design flaws, malicious code, implementation flaws, configuration weaknesses, user errors, user indifference (experience)
- Certification: CEH, CompTIA Security+, AZ-200, AZ-900, SIEM Fundamentals, CERT-Certified Computer Security Incident Handler (CERT-CSIH) (experience)
Preferred Qualifications
- Language (Optional): Python, PowerShell, Shell Scripting, JS, VB (experience)
Responsibilities
- Monitor security alerts and notifications from various sources, including security information and event management (SIEM) systems, intrusion detection systems (IDS), and endpoint protection solutions
- Perform real-time analysis of security alerts and determine the severity and impact of potential security incidents
- Lead and coordinate the response to security incidents, including identification, containment, eradication, and recovery
- Conduct root cause analysis to determine the origin and impact of incidents and develop recommendations to prevent future occurrences
- Document and report incidents, including the creation of detailed incident reports and timelines
- Participate in the continuous improvement of incident response playbooks and standard operating procedures (SOPs)
- Perform digital forensics investigations on compromised systems to collect and analyze evidence
- Stay updated on the latest cyber threats, vulnerabilities, and attack vectors
- Analyze and interpret threat intelligence to identify potential risks and improve incident detection and response capabilities
- Collaborate with threat intelligence teams and external partners to share information and enhance situational awareness
Tags & Categories