**Introduction** The Office of the CISO has the responsibility to safeguard not only IBM systems but those of clients we support around the globe. The IBM CISO office is comprised of teams that cover all aspects of security - from Vulnerabilty Management, Threat Detection, Security Operations, Product Security, Mail Security, System Inventory, Endpoint Detection, as well as Computer Security Incidence Response. CSIRT is responsible for maintaining and managing the IBM internal global incident response process for cybersecurity and data privacy cases across IBM. **Your role and responsibilities** IBM CSIRT is looking to hire a proven professional with background and experience in cybersecurity analysis. This team member will partner with a cybersecuirty responder to initiate, triage, contain/mitigate, analyze and resolve cyber and data concerns. Demostrated experience with analysis tools is required, as is a firm understanding of the latest technologies as well as security technologies, hosting environments and of course the mindset of threat actors that will enable this analyst to safeguard IBM and client systems. This team member will need to possess strong technical and analytical skills as well as exceptional organizational and communication skills. The role also requires interaction and collaboration with team members from the SOC, Threat Detection and others. **Required technical and professional expertise** At least 3 years of experience in Incident Response in a global corporate enterprise Strong understanding of Windows, Mac, and Linux operating systems Strong knowledge of common security tools, techniques, and procedures employed by cyber threat actors Demonstrated knowledge of commercial and open-source forensic tools, such as X-Ways, Axiom, Autopsy, ELK, SIFT, Plaso, etc Knowledge of analysis with EDR tooling, such as Crowdstrike or Microsoft Defender for Endpoint (MDE) Solid working knowledge of networking topology, technology and tools, such as firewalls, proxies, IDS/IPS, EDR Event analysis and correlation Excellent technical writing and presentation skills The ability to work independently and effectively, as well as in a group setting required. **Preferred technical and professional experience** Demonstrated computer forensic investigations experience Demonstrated knowledge of commercial and open-source forensic tools, such as X-Ways, Axiom, Autopsy, ELK, SIFT, Plaso, etc Demonstrated knowledge of analysis with EDR tooling, such as Crowdstrike or Microsoft Defender for Endpoint (MDE) Knowledge of incident response and analysis in cloud environments, such as IBM Cloud, AWS, or Azure Ability to successfully lead and facilitate information gathering meetings Experience managing small and large scale cyber security incidents IBM is committed to creating a diverse environment and is proud to be an equal-opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender, gender identity or expression, sexual orientation, national origin, caste, genetics, pregnancy, disability, neurodivergence, age, veteran status, or other characteristics. IBM is also committed to compliance with all fair employment practices regarding citizenship and immigration status.