X-Force Senior Incident Response Consultant North America

IBM • New York, United States, US • 2w ago

Introduction

A career in IBM Consulting X-Force Incident Response is built on long-term client relationships and close collaboration worldwide. You’ll work with leading companies across industries, helping them shape their hybrid cloud and AI journeys.

With support from our strategic partners, robust IBM technology, and Red Hat, you’ll have the tools to drive meaningful change and accelerate client impact. At IBM Consulting X-Force IR, curiosity fuels success. You’ll be encouraged to challenge the norm, explore new ideas, and create innovative solutions that deliver real results.

Our culture of growth and empathy focuses on your long-term career development while valuing your unique skills and experiences.

Your Role And Responsibilities

As a Senior Incident Response Consultant for IBM Security X-Force Incident Response practice, specializing in Digital Forensics & Incident Response, you will lead incident response efforts to contain and mitigate data breaches, providing strategic direction to clients on prioritizing response actions. You will also help lead and collaborate with a team of elite responders and forensic analysts, ensuring effective collaboration and knowledge sharing.

Your Primary Responsibilities Will Include

Lead Incident Response Efforts: Provide strategic and technical direction to clients on prioritizing response actions, ensuring effective containment and mitigation of data breaches. This involves collaborating with clients to understand their specific needs and developing tailored response plans.
Foster a culture of collaboration and knowledge sharing to drive effective incident response.
Ensure Regulatory Compliance: Stay up to date with various data privacy and regulatory standards, advising clients on compliance and best practices to minimize risk.
Deliver Technical Recommendations: Provide technical recommendations to security and IT staff, helping organizations prepare, detect, and respond to security breaches.
The role includes participation in an on-call rotation to support incident response engagements outside of standard business hours.
On-call responsibilities are shared across the team and managed to support sustainable working practices.

This role can be performed from anywhere in the U.S.

Preferred Education

Bachelor's Degree

Required Technical And Professional Expertise

Incident response expertise, including containment, mitigation, and forensic analysis.
Technical proficiency with Endpoint Detection & Response (EDR) tools.
Hands‑on experience with hardware/software tools for incident response, digital. forensics, network security assessments, and application security.
Forensic analysis of Windows and Unix systems.
Log analysis using local logs and SIEM/log aggregation tools.
Familiarity with Active Directory, Exchange, and O365 logs.
Ability to analyze and reverse protocols and data in network environments.
Familiarity with cloud platforms such as IBM Cloud, AWS, Azure, and GCP.
Knowledge of regulatory and data privacy standards (ISO 27001/2, PCI DSS, NIST 800-53, 800-171, etc.).
Low-level operating system knowledge, including automation and administrative tasks.
Scripting or programming experience (Python, PowerShell preferred).
Ability to work with data on a scale using tools such as Splunk or ELK.
Expertise with shell tools such as Grep, Sed, and Awk.
Experience with virtualization and cloud technologies (IBM Cloud, AWS, GCP, Azure).
Experience in writing cohesive reports for technical and non-technical audiences.

Preferred Technical And Professional Experience

Advanced Threat Hunting: methodologies and techniques to identify potential security incidents
Experience using EDR tools to hunt for threats and implement corrective measures
In-depth understanding of data privacy standards (GDPR, HIPAA, CCPA)
Familiarity with security frameworks such as NIST CSF and MITRE ATT&CK
Diverse understanding of cybersecurity vulnerabilities, common attack vectors, and mitigations
Experience developing strategic-level incident response plans.
Experience in developing tactical-focused playbooks, also to manage tasks and coordinate workstreams during incident response investigations.
Advising clients on compliance and best practices related to data privacy
Task and workstream coordination during IR engagements (leadership/organizational skill).

Apply