Saltar al contenido
Introducción

In this role, you'll work in one of our IBM Consulting Client Innovation Centers (Delivery Centers), where we deliver deep technical and industry expertise to a wide range of public and private sector clients around the world. Our delivery centers offer our clients locally based skills and technical expertise to drive innovation and adoption of new technology.

Su función y responsabilidades

As a Senior Threat Response Analyst you will be responsible for conducting advanced incident investigations, responding to critical security threats, and driving containment and remediation efforts. The ideal candidate has hands-on experience with multiple security technologies, including SIEM, IDS, APT, and WAF, forensic analysis, and is adept at handling sophisticated cyber threats such as botnets and advanced persistent threats (APTs).


Your Role and Responsibilities:

Incident Response and Digital Forensic

  • Provide incident investigation as per Security Incident Management Process / Guidelines.
  • Drive containment strategy during incidents escalated by the triage team.
  • Investigate and resolve advanced vector attacks such as botnets and advanced persistent threats (APTs).
  • For critical incidents, be part of CSIRT activities and execute the incident handling process.
  • Coordinate with IT, security operations, and other teams for remediation and trigger forensic processes as appropriate.
  • Perform Root Cause Analysis (RCA) for security incidents and update knowledge management.
  • Work directly with data asset owners and business response plan owners during high-severity incidents.


Client Management

  • Engage with clients during debrief meetings to address questions, gather feedback, and align on security objectives.
  • Provide tuning recommendations for IDS, proxy policies, and in-line malware tools based on threat feeds, trust and reputation data, incidents, or vulnerabilities and exploits of downstream systems.
  • Provide tuning recommendations to administrators based on findings from investigations or threat information reviews.
  • Prepare and deliver comprehensive weekly and monthly Threat Incident debrief reports for clients, including insights on security trends, incidents, system performance, and recommendations.
Educación requerida
Licenciatura
Experiencia profesional y técnica requerida

Security Domain Experience:

  • More than five years of experience in SOC, Incident Response, or Threat Hunting roles.
  • Hands-on experience with SIEM platforms such as IBM QRadar, Splunk, ArcSight, Microsoft Sentinel, or LogRhythm.
  • Strong knowledge of network security, log analysis, malware analysis, and forensic investigation techniques.
  • Knowledge of Digital Forensics, including disk imaging, memory forensics, log analysis, and evidence handling best practices.
  • Familiarity with cyber threat intelligence frameworks like MITRE ATT&CK, NIST, and CIS.
  • Expertise in network and endpoint security monitoring tools (IDS, firewalls, EDR, proxy, email security solutions).
  • Proficiency in log analysis, regular expressions (regex), and scripting languages like Python or PowerShell.
  • Ability to create custom threat detection rules, SIEM dashboards, and correlation policies.
  • Knowledge of packet capture and traffic analysis tools (Wireshark, Zeek, TCPDump).
  • Familiarity with incident response methodologies and forensic investigation procedures.

 

Soft Skills:

  • Strong analytical and problem-solving abilities with keen attention to detail.
  • Excellent communication and collaboration skills, with the ability to interact effectively with stakeholders at all levels.
  • Capable of managing multiple priorities in a fast-paced, dynamic environment.
Experiencia técnica y profesional preferida

Preferred Certifications

  • GIAC Certified Incident Handler (GCIH)
  • GIAC Certified Forensic Analyst (GCFA) or GIAC Certified Forensic Examiner (GCFE) (Preferred for Digital Forensics)
  • Certified Ethical Hacker (CEH)
  • Certified SOC Analyst (CSA)
  •  Security+ / CISSP / CISM
  • SIEM-Specific Certifications (IBM QRadar, Splunk, etc.)

Acerca de la Unidad de Negocios

IBM Consulting es la unidad de negocio encargada de la consultoría y servicios profesionales globales de IBM, con capacidades líderes en el mercado en transformación empresarial y tecnológica. Con una gran experiencia en diversas industrias, ofreciendo servicios de estrategia, experiencia, tecnología y operaciones a muchas de las empresas más innovadoras y valiosas del mundo. IBMers en Cosnulting se enfocan en acelerar los negocios de nuestros clientes a través del poder de la colaboración. Creemos en el poder de la tecnología utilizada de manera responsable para ayudar a las personas, los socios y el planeta.

SU VIDA @ IBM

In a world where technology never stands still, we understand that, dedication to our clients success, innovation that matters, and trust and personal responsibility in all our relationships, lives in what we do as IBMers as we strive to be the catalyst that makes the world work better.

Being an IBMer means you’ll be able to learn and develop yourself and your career, you’ll be encouraged to be courageous and experiment everyday, all whilst having continuous trust and support in an environment where everyone can thrive whatever their personal or professional background.

 

Our IBMers are growth minded, always staying curious, open to feedback and learning new information and skills to constantly transform themselves and our company. They are trusted to provide on-going feedback to help other IBMers grow, as well as collaborate with colleagues keeping in mind a team focused approach to include different perspectives to drive exceptional outcomes for our customers. The courage our IBMers have to make critical decisions everyday is essential to IBM becoming the catalyst for progress, always embracing challenges with resources they have to hand, a can-do attitude and always striving for an outcome focused approach within everything that they do.

 

Are you ready to be an IBMer?

Acerca de IBM

IBM’s greatest invention is the IBMer. We believe that through the application of intelligence, reason and science, we can improve business, society and the human condition, bringing the power of an open hybrid cloud and AI strategy to life for our clients and partners around the world.

 

Restlessly reinventing since 1911, we are not only one of the largest corporate organizations in the world, we’re also one of the biggest technology and consulting employers, with many of the Fortune 50 companies relying on the IBM Cloud to run their business. 

 

At IBM, we pride ourselves on being an early adopter of artificial intelligence, quantum computing and blockchain. Now it’s time for you to join us on our journey to being a responsible technology innovator and a force for good in the world.

IBM is proud to be an equal-opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender, gender identity or expression, sexual orientation, national origin, caste, genetics, pregnancy, disability, neurodivergence, age, veteran status, or other characteristics. IBM is also committed to compliance with all fair employment practices regarding citizenship and immigration status.

Otros detalles relevantes del empleo

For additional information about location requirements, please discuss with the recruiter following submission of your application.