IBM Incident Response Consultant - IBM Security in ATHENS, Greece
IBM X-Force IRIS (Incident Response and Intelligence Services) is growing. We are looking for talented people across Europe to work in our flagship Incident Response and Proactive Services team.
In IRIS, our mission is to offer assistance and advice to our clients whenever they have an incident. We help our clients identify, contain and control the threats and to enable them to return to business-as-usual as efficiently and effectively as possible .
When not responding to incidents, we actively help our clients prepare themselves by providing a number of proactive services. These proactive services are our second mission: we enable our clients to reduce the likelihood of an incident and the need to call the IRIS team for assistance . Our services are ever growing, but include such things as first responder training, on-site table-top exercises (TTXs) and threat hunting operations.
All of our team members are incident responders. We work both on-site and remotely to provide the IRIS services to our clients across Europe. We work closely with our client as 'trusted advisors' during what are usually difficult and complex periods for them.
X-Force IRIS needs talented people with technical skills and experience. But we also need people who have a level of client engagement and liaison skill. People who are able to work within a team that is spread across almost every region of Europe and are willing to travel on short notice to help our clients when they need us most.
X-Force IRIS is a global service, we are part of IBM Security Services which is part of the IBM Security Business Unit.
Required Technical and Professional Expertise
At least 5 years of experience in IT security and investigations.
Practical experience of NIST SP 800-61 or similar methodologies.
Working within teams of investigators on large scale, diverse and complex investigations.
Proficient in technical writing and verbal communication.
Experience of contributing to IT Security projects. and a broad understanding of protecting and monitoring enterprise IT.
Ability to recognise and deal appropriately with potentially confidential and sensitive information.
Awareness of relevant legislation and familiarity with working within EU and international legislative and regulatory frameworks.
Analytical techniques, critical thinking and problem-solving skills.
Effective interpersonal skills.
Spanish level (both oral and written) Fluent
English level (both oral and written) Fluent
Preferred Tech and Prof Experience
Microsoft Windows operating system internals including kernel, registry, file system, windows APIs and windows IPC mechanisms.
The Linux operating system and associated file systems.
Knowledge of common processor architectures such as x86, X64 and ARM.
Network protocols including TCP/IP, HTTP, SSL, DNS, and SMTP.
Common web and email-based attack techniques.
Technical threat intelligence and detection techniques. Understanding of the principles of Indicators of Compromise (IoCs) including cryptographic checksums, IDS/IPS/Firewall rule definitions, regular expressions and blacklisting.
IBM is committed to creating a diverse environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status. IBM is also committed to compliance with all fair employment practices regarding citizenship and immigration status.