Job Description

Locations

• AMSTERDAM, NL, India (Remote)

Salary

Skills Required

• Critical thinkingintermediate
• Problem solvingintermediate
• Information securityintermediate
• Data securityintermediate
• Written communicationintermediate
• Verbal communicationintermediate
• Interpersonal skillsintermediate
• Organization skillsintermediate
• Incident Responseintermediate
• Fast-paced investigationsintermediate
• Programming or scripting languagesintermediate
• IBM QRadar SIEMintermediate
• Windows Defender ATPintermediate
• EDR platformsintermediate
• Firewall (FW)intermediate
• Intrusion Detection Systems (IDS)intermediate
• Intrusion Prevention Systems (IPS)intermediate
• Antivirus (AV)intermediate
• Endpoint Detection and Response (EDR)intermediate
• Network loggingintermediate
• Forensicsintermediate
• Security information and event management toolsintermediate
• Security analytics platformsintermediate
• Log search technologiesintermediate
• Host based forensicsintermediate
• Threat intelligenceintermediate

Required Qualifications

• At least 2 years’ experience in Incident Response in a global corporate enterprise (experience)
• Critical thinking and problem solving skills (experience)
• Passion for information security and data security (experience)
• Strong written/verbal communication skills (experience)
• Strong interpersonal and organization skills (experience)

Preferred Qualifications

• Experience in fast-paced investigations (experience)
• Experience with programming or scripting languages (experience)
• Familiarity with IBM QRadar SIEM, Windows Defender ATP and EDR platforms (experience)

Responsibilities

• Analyze detections and alerts and respond to security threats from Firewall (FW), Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS), Antivirus (AV), Endpoint Detection and Response (EDR) and other security threat data sources.
• Conduct Security Monitoring activities to provide Security in Depth visibility into potential known and unknown threats that may pose risk to the IBM environment.
• Document actions in cases to effectively communicate information to internal stakeholders as well has for historical retrieval.
• Resolve problems independently and understand escalation procedures.
• Participate in security incidents and act as the technical Subject Matter Expert during significant security incidents.
• Conduct operations surrounding cyber security incident response technologies including network logging and forensics, security information and event management tools, security analytics platforms, log search technologies, and host based forensics as applicable.
• Act as an internal information security consultant to the business and technology units, advising on risks, threats and control practices related to Rapid Response.
• Assist in development and knowledge sharing within the team.
• Assist in security console tuning.
• Assist in establishing Global Security Monitoring discipline to support enterprise
• Identify and share threat intelligence that impacts IBM and their customers or products

Benefits

• general: Opportunity to learn and develop career
• general: Encouragement to be courageous and experiment
• general: Continuous trust and support in an inclusive environment
• general: Growth-minded culture with openness to feedback and learning
• general: Collaboration with colleagues for exceptional customer outcomes
• general: Equal-opportunity employment
• general: Commitment to fair employment practices

Tags & Categories