Cyber Security Incident Responder - NR Consulting LLC
Boulder, CO
About the Job
Job Description:
YOUR ROLE
In this role, you will develop and execute all components of computer security incident intake, triage, investigation, and response to emerging threats and confirmed or suspected cyber events within the IBM landscape having the potential to impact IBM and/or IBM clients. You will have high visibility as this role requires regular interaction with business executives, collaboration with IBM's cyber support; such as Corp Comms, Legal, etc., and comprehensive, thorough root cause analysis, metrics, and security control improvement reporting.
YOUR RESPONSIBILITIES
Establish, maintain and execute all components of an incident response plan, from incident intake through root cause analysis, technical remediation analysis, and reporting
Perform analysis of log files from a variety of sources (e.g., individual host logs, network traffic logs, firewall logs, and intrusion detection system [IDS] logs) to identify possible threats to network security.
Execute cyber defense incident triage, to include determining scope, urgency, and potential impact, identifying the specific vulnerability, and making recommendations that enable expeditious remediation
Perform initial, forensically sound collection of images and inspect to discern possible mitigation/remediation on enterprise systems.
Perform real-time cyber defense incident handling (e.g., forensic collections, intrusion correlation and tracking, threat analysis, and direct system remediation) tasks to support deployable Incident Response Teams (IRTs)
Accurately documenting an incident from beginning to end as well as evidence handling.
YOUR ABILITIES & SKILLS
Design incident response for cloud service models
Apply techniques for detecting host and network-based intrusions using intrusion detection technologies
Identifying, capturing, containing, and reporting malware
Securing network communications
Recognizing and categorizing types of vulnerabilities and associated attacks.
Protecting a network against malware. (e.g., NIPS, anti-malware, restrict/prevent external devices, spam filters).
Performing damage assessment.
Assist in the production of a root cause analysis.
Properly handle evidence related to an incident.
Required Technical and Professional Expertise
At least 4 years' experience in IT Security Digital Forensics or Operations
At least 2 years' experience in Incident Response in a global corporate enterprise
Experience in fast-paced investigations.
Experience with programming or scripting languages.
Ability to present highly technical information to non-technical audiences.
YOUR ROLE
In this role, you will develop and execute all components of computer security incident intake, triage, investigation, and response to emerging threats and confirmed or suspected cyber events within the IBM landscape having the potential to impact IBM and/or IBM clients. You will have high visibility as this role requires regular interaction with business executives, collaboration with IBM's cyber support; such as Corp Comms, Legal, etc., and comprehensive, thorough root cause analysis, metrics, and security control improvement reporting.
YOUR RESPONSIBILITIES
Establish, maintain and execute all components of an incident response plan, from incident intake through root cause analysis, technical remediation analysis, and reporting
Perform analysis of log files from a variety of sources (e.g., individual host logs, network traffic logs, firewall logs, and intrusion detection system [IDS] logs) to identify possible threats to network security.
Execute cyber defense incident triage, to include determining scope, urgency, and potential impact, identifying the specific vulnerability, and making recommendations that enable expeditious remediation
Perform initial, forensically sound collection of images and inspect to discern possible mitigation/remediation on enterprise systems.
Perform real-time cyber defense incident handling (e.g., forensic collections, intrusion correlation and tracking, threat analysis, and direct system remediation) tasks to support deployable Incident Response Teams (IRTs)
Accurately documenting an incident from beginning to end as well as evidence handling.
YOUR ABILITIES & SKILLS
Design incident response for cloud service models
Apply techniques for detecting host and network-based intrusions using intrusion detection technologies
Identifying, capturing, containing, and reporting malware
Securing network communications
Recognizing and categorizing types of vulnerabilities and associated attacks.
Protecting a network against malware. (e.g., NIPS, anti-malware, restrict/prevent external devices, spam filters).
Performing damage assessment.
Assist in the production of a root cause analysis.
Properly handle evidence related to an incident.
Required Technical and Professional Expertise
At least 4 years' experience in IT Security Digital Forensics or Operations
At least 2 years' experience in Incident Response in a global corporate enterprise
Experience in fast-paced investigations.
Experience with programming or scripting languages.
Ability to present highly technical information to non-technical audiences.
Source : NR Consulting LLC