|Date Posted||February 7, 2018|
The position requires a strong, technically skilled Information Security professional. The role entails developing and executing all components of computer security incident intake, triage, investigation, and response to emerging threats and confirmed or suspected cyber events within the IBM landscape having the potential to impact IBM and/or IBM clients. The role requires a combination of strong working technical, managerial, and analytical knowledge of cyber incident triage, containment, investigation and reporting methodologies. The role is highly visible and requires regular interaction to business executives, collaboration with IBM’s cyber support; such as Corp Comms, Legal, etc., and comprehensive, thorough root cause analysis, metrics, and security control improvement reporting.
Essential Duties and Responsibilities:
• Demonstrated understanding of information security control domains and end-to-end life-cycle cyber security incident response inclusive of digital forensics
• Working knowledge of common attack vectors and penetration techniques.
• Ability to establish, maintain and execute all components of an incident response plan, from incident intake through root cause analysis, technical remediation analysis, and reporting
• Ability to effectively triage reported cyber security events including events based on sparse symptom detail
• Ability to quickly assess ownership or requirement to transfer response execution according to incident particulars and organizational domains of responsibility.
• Ability to execute cyber security incident response technologies, including but not limited to network, system and application log review, and demonstrated foundational digital forensics
• Ability to clearly and effectively communicate, both orally and in writing, at all levels throughout the duration of a cyber security incident.
• Ability to provide end-to-end respond adhering to global legal, regulatory and organizational requirements
• Ability to identify source, types and applicable concerns/laws as it relates to all elements of data privacy; (Confidential, PI, SPI, PHI)
• Ability to adhere to regulatory reporting requirements and practices
• Ability to have a working applied knowledge of the scope and authority of oversight agencies (e.g Data Protection Authorities, Privacy Commissioners, Federal Trade Commission, etc
• Ability to define, document, and communicate root cause analysis and security control (people, process, technology) recommendations to minimize future incident occurrence
• Ability to maintain, advance, and report meaningful incident metrics