Incident Responder

Introduction
A career in IBM Consulting is rooted by long-term relationships and close collaboration with clients across the globe.
You’ll work with visionaries across multiple industries to improve the hybrid cloud and AI journey for the most innovative and valuable companies in the world. Your ability to accelerate impact and make meaningful change for your clients is enabled by our strategic partner ecosystem and our robust technology platforms across the IBM portfolio, including Software and Red Hat.
Curiosity and a constant quest for knowledge serve as the foundation to success in IBM Consulting. In your role, you’ll be encouraged to challenge the norm, investigate ideas outside of your role, and come up with creative solutions resulting in groundbreaking impact for a wide network of clients. Our culture of evolution and empathy centers on long-term career growth and development opportunities in an environment that embraces your unique skills and experience

Your Role and Responsibilities

• Incident Responder to assist our 24/7 Incident Management Team.
• Good grasp of basic security principles like confidentiality, authentication, access control and privacy, security vulnerabilities, physical security issues, protocol design flaws, malicious code, implementation flaws, configuration weaknesses, user errors, user indifference.
• Work well under pressure handling multiple tasks.
• Having 2+ Years of experience in Incident response and Threat intelligence
• Monitor security alerts and notifications from various sources, including security information and event management (SIEM) systems, intrusion detection systems (IDS), and endpoint protection solutions.
• Perform real-time analysis of security alerts and determine the severity and impact of potential security incidents.
• Lead and coordinate the response to security incidents, including identification, containment, eradication, and recovery.
• Conduct root cause analysis to determine the origin and impact of incidents and develop recommendations to prevent future occurrences.
• Document and report incidents, including the creation of detailed incident reports and timelines.
• Having good knowledge in Investigation Technologies such as EDR, XDR, Email Security, VA, Sandboxing, Threat Intelligence, Deception, DFIR and SOAR.
• Experience with SIEM, IDS/IPS, endpoint protection, and forensic tools.
• Participate in the continuous improvement of incident response playbooks and standard operating procedures (SOPs).
• Perform digital forensics investigations on compromised systems to collect and analyze evidence.
• Stay updated on the latest cyber threats, vulnerabilities, and attack vectors.
• Analyze and interpret threat intelligence to identify potential risks and improve incident detection and response capabilities.
• Collaborate with threat intelligence teams and external partners to share information and enhance situational awareness.
• Good Communication Skills

Required Technical and Professional Expertise

• SIEM Tools: Qradar, Securonix, ArcSight, Splunk, Sentinel One (any of one).
• Security Tools: Smokescreen, TIP, Wireshark, EDR, XDR, Antivirus, Virus Total.
• Language (Optional): Python, PowerShell, Shell Scripting, JS, VB

Preferred Technical and Professional Expertise

• Bachelor’s degree relevant to Information Technology, Computer Science/Engineering (or equivalent).
• Certification: CEH, CompTIA Security+, AZ-200, AZ-900, SIEM Fundamentals, CERT-Certified Computer Security Incident Handler (CERT-CSIH)

Key Job Details
Role:Incident Responder Location:Mumbai, IN Category:Consulting Employment Type:Full-Time Travel Required:No Travel Contract Type:Regular Company:(0063) IBM India Private Limited Req ID:733237BR