IBM’s greatest invention is the IBMer. We believe that progress is made through progressive thinking, progressive leadership, progressive policy and progressive action. IBMers believe that the application of intelligence, reason and science can improve business, society and the human condition. Restlessly reinventing since 1911, we are the largest technology and consulting employer in the world, with more than 380,000 IBMers serving clients in 170 countries.
Security Services Incident ManagerNumer ref.: 132930
Security Incident Manager will be overall responsible for accountability and contribution for the design, improve and execution of the Incident process and procedures;
Validating classification of an incident as an Incident against Incident Criteria;
Determining the scope of the Incident;
Managing/Performing all internal notification, executive alerts, and escalation activities through service recovery of an Incident according to Incident Notification Timeframe;
Assembling an Incident Team consisting of technical support people (other levels of support, across domains/competencies as required), management, and key stakeholders to develop, execute, monitor, and track an integrated resolution plan through service recovery of the Incident;
Making service restoration/recovery decisions, engaging the management team as required;
Ensuring that the progress of the Incident recovery and all relevant times are documented in the associated Incident Record(s);
Initiating and facilitating the Incident bridge;
Obtaining and providing status on Incident recovery progress;
Ensuring that the customer is contacted to confirm that the incident has been resolved to the customer’s satisfaction.
• Hunting for suspicious anomalous activity based on data alerts or data outputs from SIEM and several other IT security tools
• Drives containment strategy during data loss or breach events
• Triage and resolve advanced vector attacks such as botnets and advanced persistent threats (APTs)
• Recommend incident containment and remediation actions to the resolver groups
• Check for incident remediation actions completeness on a regular basis, and perform occasional vulnerability assessment and penetration tests to validate the effectiveness of such remediations
• Provide use case creation/tuning recommendations to SIEM administrators based on findings during investigations or threat information reviews
• Develop and deliver incident reporting for executives and managers
• Create and maintain daily activity
Preferred Technical and Professional Expertise:
• continuous improvement of processes and cooperation with other teams to improve alerts and rules in the incident monitoring systems
• handling presentations, trainings, etc
Are you craving to learn more? Prepared to solve some of the world’s most unique challenges? And ready to shape the future for millions of people? If so, then it’s time to join us, express your individuality, unleash your curiosity and discover new possibilities.
Every IBMer, and potential ones like yourself, has a voice, carves their own path, and uses their expertise to help co-create and add to our story. Together, we have the power to make meaningful change – to alter the fabric of our clients, of society and IBM itself, to create a truly positive impact and make the world work better for everyone.
It’s time to define your career.