Exploit Analyst (Security Analyst - Purple Team)

Job description

At IBM, creating innovative IT solutions for global companies is only the beginning. Our clients need to ensure that their world-class systems not only meet business requirements, but are secure and reliable. That's where you come in.

Exploit analyst and purple team is responsible as a team member of technical specialists to develop and run an ongoing program of simulated cyber-attacks based on prioritized threats. Exploit analyst will review penetration testing reports and identify risk and security gaps within the environment and develop remediation plans to strengthen the security posture of the environment.

The remit of the position is to provide assurance on cyber detection and response capability and during high profile Cyber incidents, to support Investigations and Incident management to aid the speedy resolution and mitigation of the cyber risk for the business and monitored domains.

Responsibilities
·  Review and analyze penetration test results and develop controls and alerting methods for effective security monitoring for findings, gaps and vulnerabilities.
·  Content development for SIEM and security tool sets.
·  Assist in incident response activities such as host triage and retrieval, malware analysis, remote system analysis, end-user interviews, and remediation efforts.
·  Compile detailed investigation and analysis reports for internal SOC consumption and delivery to management and executives.
·  Analyze malicious campaigns and evaluate effectiveness of security technologies.
·  Develop advanced queries and alerts to detect adversary actions.
·  Assist in the design, evaluation, and implementation of new security technologies.
·  Provide expert analytic investigative support of large scale and complex security incidents.
·  Implement Root Cause Analysis of security incidents for further enhancement of alert catalog.
·  Continuously improve processes for use across multiple detection sets for more efficient Security Operations.
·  Review alerts generated by detection infrastructure for false positive alerts and modify alerting configurations as needed.
·  Develop dashboards and reports to identify potential threats, suspicious/anomalous activity, malware, etc.
Auto req ID

288491BR
Required Education

High School Diploma/GED
Role ( Job Role )

Security Specialist
State / Province

TEXAS
Primary job category

Technical Specialist
Company

(0147) International Business Machines Corporation
Contract type

Regular
Employment Type

Full-Time
ERBP

Yes
Is this role a commissionable/sales incentive based position?

No
Travel Required

No Travel
IBM Business Group

CLOUD
Preferred Education

Bachelor's Degree
City / Township / Village

DALLAS
Being You @ IBM

IBM is committed to creating a diverse environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status. IBM is also committed to compliance with all fair employment practices regarding citizenship and immigration status.
Required Technical and Professional Expertise

• Experience with risk management, vulnerability management, threat analysis, security auditing, security monitoring, incident response and other information security practices preferred
• Strong analytical and investigation skills & active threat hunting and adversary tracking.
• Convert intelligence into actionable mitigation and technical control recommendations.
• Working knowledge of security architectures, devices and threat intelligence consumption and management.
• Working knowledge of root causes of malware infections and proactive mitigation.
• Working knowledge of lateral movement, footholds, and data exfiltration techniques.
• Excellent written and oral communication skills with the ability to effectively communicate with information technology professionals as well as senior management and executives, assessors, and consultants

Country/Region

United States
Preferred Technical and Professional Experience

·  Knowledge of the underlying logic that security alerts are built upon and apply them when analyzing raw logs and creating new dashboards and alerts.
·  Recognize complex problems, analyze situations and provide suggested/implemented resolution(s)
·  Engineering or System administration experience.
·  Experience and knowledge of packet flow, TCP/UDP traffic, firewall technologies, IDS technologies, proxy technologies, and antivirus, spam and spyware solutions.
·  Provide leadership and guidance to the team and act as a resource to the team members.
·  Experience with one or more scripting languages (e.g., Python, JavaScript, Perl)
·  Perform memory analysis and malware analysis
·  Experience with computer exploitation methodologies
Secondary Job Category

Technical Solutions Support Specialist
Eligibility Requirements

• 5+ years of relevant cyber security experience in IT Security, Incident Response or network security with strong knowledge working in a Security Operations Center.
Position Type

Professional
Early Professional Track

Not Applicable - Professional Hire
Location Statement

IBM will not be providing visa sponsorship for this position now or in the future. Therefore, in order to be considered for this position, you must have the ability to work without a need for current or future visa sponsorship.
Introduction

At IBM, work is more than a job - it's a calling: To build. To design. To code. To consult. To think along with clients and sell. To make markets. To invent. To collaborate. Not just to do something better, but to attempt things you've never thought possible. Are you ready to lead in this new era of technology and solve some of the world's most challenging problems? If so, lets talk.
Your Life @ IBM

What matters to you when you're looking for your next career challenge?

Maybe you want to get involved in work that really changes the world? What about somewhere with incredible and diverse career and development opportunities – where you can truly discover your passion? Are you looking for a culture of openness, collaboration and trust – where everyone has a voice? What about all of these? If so, then IBM could be your next career challenge. Join us, not to do something better, but to attempt things you never thought possible.

Impact. Inclusion. Infinite Experiences. Do your best work ever.
About Business Unit

Digitization is accelerating the ongoing evolution of business, and clouds - public, private, and hybrid - enable companies to extend their existing infrastructure and integrate across systems. IBM Cloud provides the security, control, and visibility that our clients have come to expect. We are working to provide the right tools and environment to combine all of our client's data, no matter where it resides, to respond to changing market dynamics.
About IBM

IBM's greatest invention is the IBMer. We believe that progress is made through progressive thinking, progressive leadership, progressive policy and progressive action. IBMers believe that the application of intelligence, reason and science can improve business, society and the human condition. Restlessly reinventing since 1911, we are the largest technology and consulting employer in the world, with more than 380,000 IBMers serving clients in 170 countries.