IBM X-Force IRIS (EU) Incident Response Analyst in WARSZAWA, Poland

Job Description

IBM X-Force IRIS offers assistance and advice to our clients whenever they have an incident. We help our clients identify, contain and control the threats and enable them to return to business-as-usual as efficiently and effectively as possible.

We needs talented people with technical skills and experience. But we also need people who have a level of client engagement and liaison skill. People who are able to work within a team that is spread across almost every region of Europe and are willing to travel on short notice to help our clients when they need us most.

What we do...


• Incident Response Planning

• Table Top Exercises

• First Responder Training

• Incident Response Playbook Design, Assessment & Review


• Tactical Threat Monitoring

• Threat Hunting


• Incident Response Management

• Incident Response


• Digital Forensics (Log, host, memory, network and traffic)

• Threat Intelligence

Required Technical and Professional Expertise

Required Professional Skills & Experience

• IT security and investigations.

• Practical experience of NIST SP 800-61 or similar methodologies.

• Working within teams of investigators on large scale, diverse and complex investigations.

• Proficient in technical writing and verbal communication.

• Experience of contributing to IT Security projects. and a broad understanding of protecting and monitoring enterprise IT.

• Ability to recognise and deal appropriately with potentially confidential and sensitive information.

• Awareness of relevant legislation and familiarity with working within EU and international legislative and regulatory frameworks.

Preferred Tech and Prof Experience

Desirable Professional Skills & Experience

• Ability to collaborate on multiple ongoing priority incidents and projects.

• Presentation skills, able to articulate and present to a broad audience from technical experts to the board room.

• Detailed knowledge of current forensic and IR tools, techniques and procedures (TTPs) with an understanding of underlying principles such as 'Chain of Custody'.

• Awareness of current and emerging targeted threat intrusion scenarios.

• Working with SOC, digital forensic or incident response operations.

• Open source intelligence (OSINT) and research ethics and techniques.

• Risk and threat assessment techniques and taxonomies such as Kill Chain analysis, Diamond Model and STIX.

EO Statement

IBM is committed to creating a diverse environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status. IBM is also committed to compliance with all fair employment practices regarding citizenship and immigration status.