**Introduction**
As an IBM Cloud Senior Cyber Incident Response Coordinator, you will coordinate with IBM CSIRT, the Security Operations Center (SOC), and other security teams to investigate and recover from cyber related threats / incidents.
You will oversee the Root Cause Analysis process and ensure preventative actions are in place with the responsible parties.
You will enforce security policies / service frameworks and be the 'eyes and ears' for the Cloud CISO's office.
You will work with a small team of other Senior Cyber Incident Response Coordinators to perform these duties.
**Your Role and Responsibilities**
- Oversee cyber incidents on behalf of the IBM Cloud CISO's office in coordination with IBM CSIRT, Legal, and other various security teams within IBM.
- Provide final approvals for the Root Cause Analysis performed post-incident and ensure preventative actions are in place with the responsible parties.
- Act as a point of contact regarding security investigations performed by other business units within IBM utilizing the IBM Cloud Platform.
- Work an on-call rotation to perform various duties relating to cyber incidents during non-standard business hours.
- Investigate and enforce security policy violations and provide guidance as needed.
- Work closely with the corporate SOC team responsible for first line monitoring and incident response of IBM Cloud assets.
- Coordinate with the corporate threat hunting team on tactical and strategic threat hunts affecting IBM Cloud.
- Create and/or maintain processes, procedures, runbooks, and workflows utilized in the various job duties.
- Contribute to security related projects (gap analysis, rule tuning, vulnerability burndown, etc).
**Required Technical and Professional Expertise**
- At least 3 years of experience in relevant information security or incident response roles.
- Bachelor's Degree in addition to an industry recognized security certification such as, but not limited to: Security+, CySA+, CASP+, Pentest+, CEH, GCIA, GCIH, CISSP, CCSP, OSCP.
- Ability to understand and convey highly technical cyber incidents to non-technical personnel.
- Ability to manage a cyber incident through the entire incident response lifecycle.
**Preferred Technical and Professional Expertise**
- IBM Cloud or other comparable Cloud Service Provider certification.
- Experience with QRadar SIEM, QRadar SOAR (Resilient), Cortex XSOAR (Demisto) or other comparable SIEM/SOAR tools.
- Experience with EDR tools (CrowdStrike, Carbon Black, Microsoft Defender ATP, etc).
- Experience with Splunk, Kibana, Palo Alto, Kentik, JIRA, Confluence, Amplitude, or PagerDuty.
- Experience with virtualization and container technologies.
- Experience with programming, scripting, and automating repetitive tasks.
- Fundamental system administration skills for Windows and Linux.
**About Business Unit**
Digitization is accelerating the ongoing evolution of business, and clouds - public, private, and hybrid - enable companies to extend their existing infrastructure and integrate across systems.
IBM Cloud provides the security, control, and visibility that our clients have come to expect.
We are working to provide the right tools and environment to combine all of our client's data, no matter where it resides, to respond to changing market dynamics.
In a world where technology never stands still, we understand that, dedication to our clients success, innovation that matters, and trust and personal responsibility in all our relationships, lives in what we do as IBMers as we strive to be the catalyst that makes the world work better.
Being an IBMer means you'll be able to learn and develop yourself and your career, you'll be encouraged to be courageous and experiment everyday, all whilst having continuous trust and support in an environment where everyone can thrive whatever their personal or professional background.
Our IBMers are growth minded, always staying curious, open to feedback and learning new information and skills to constantly transform themselves and our company.
They are trusted to provide on-going feedback to help other IBMers grow, as well as collaborate with colleagues keeping in mind a team focused approach to include different perspectives to drive exceptional outcomes for our customers.
The courage our IBMers have to make critical decisions everyday is essential to IBM becoming the catalyst for progress, always embracing challenges with resources they have to hand, a can-do attitude and always striving for an outcome focused approach within everything that they do.
Are you ready to be an IBMer?
This job requires you to provide your COVID-19 vaccination status with supporting documentation, where legally permissible.
**About IBM**
Restlessly reinventing since 1911, we are not only one of the largest corporate organizations in the world, we're also one of the biggest technology and consulting employers, with many of the Fortune 50 companies relying on the