**Introduction** The IBM Office of the CISO is entrusted with safeguarding not only IBM’s internal systems but also those of our clients around the world. Our organization is composed of specialized teams that span the full spectrum of cybersecurity, including Vulnerability Management, Threat Detection, Security Operations, Product Security, Mail Security, System Inventory, Endpoint Detection, and Computer Security Incident Response (CSIRT). CSIRT plays a critical role in managing IBM’s global incident response process for cybersecurity and data privacy cases. This team is responsible for identifying, analyzing, and resolving incidents across IBM’s internal environments, ensuring swift and coordinated action to protect our assets and those of our clients. **Your role and responsibilities** Join IBM’s Cybersecurity Incident Response Team (CSIRT) IBM CSIRT is seeking a skilled and experienced cybersecurity analyst to join our dynamic team. This role is critical in supporting incident response efforts and safeguarding IBM and client environments from evolving cyber threats. Key Responsibilities: * Collaborate closely with cybersecurity responders to initiate, triage, contain, mitigate, analyze, and resolve cyber and data-related incidents. * Utilize advanced analysis tools to investigate threats and assess impact. * Apply deep knowledge of security technologies, hosting environments, and emerging technologies to support incident resolution. * Think like a threat actor to anticipate tactics and strengthen defenses. * Work cross-functionally with teams including the Security Operations Center (SOC), Threat Detection, and other internal stakeholders. Required Qualifications: * Proven experience in cybersecurity analysis and incident response. * Proficiency with industry-standard analysis and investigation tools. * Strong understanding of threat landscapes, attacker methodologies, and security technologies. * Excellent technical, analytical, organizational, and communication skills. * Ability to work effectively in high-pressure situations and collaborate across teams. Join us in protecting IBM and our clients from today’s most sophisticated cyber threats. **Required technical and professional expertise** * Minimum of 3 years of hands-on experience in Incident Response within a global corporate enterprise environment. * Strong technical expertise across Windows, macOS, and Linux operating systems. * Deep understanding of common security tools, techniques, and procedures used by cyber threat actors. * Demonstrated proficiency with both commercial and open-source forensic tools such as X-Ways, Axiom, Autopsy, ELK, SIFT, and Plaso. * Experience conducting analysis using Endpoint Detection and Response (EDR) platforms, including CrowdStrike and Microsoft Defender for Endpoint (MDE). * Solid working knowledge of networking concepts, technologies, and tools—such as firewalls, proxies, IDS/IPS, and EDR systems. * Proven ability to perform event analysis and correlation across diverse data sources. * Excellent technical writing and presentation skills, with the ability to clearly communicate complex findings to both technical and non-technical audiences. * Strong ability to work independently, manage multiple priorities, and collaborate effectively in team settings. **Preferred technical and professional experience** Technical Skills and Experience: * Demonstrated expertise in using both commercial and open-source forensic tools, including but not limited to: X-Ways, Axiom, Autopsy, ELK Stack, SIFT, Plaso, and similar platforms for digital investigation and evidence analysis. * Proven experience conducting threat analysis and investigations using Endpoint Detection and Response (EDR) solutions such as: CrowdStrike Falcon and Microsoft Defender for Endpoint (MDE). * Data analysis IBM is committed to creating a diverse environment and is proud to be an equal-opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender, gender identity or expression, sexual orientation, national origin, caste, genetics, pregnancy, disability, neurodivergence, age, veteran status, or other characteristics. IBM is also committed to compliance with all fair employment practices regarding citizenship and immigration status.