Computer Forensic Analyst China Beijing
| ||||||||||||||||||||||||||||
| Job description | ||||||||||||||||||||||||||||
| Job Description Specialize in supporting IT security incidents affecting IGA. Work with a team of incident responders to help locate, investigate, and remediate IT security incidents. Ability to communicate and work closely and effectively with an incident response team, executive management, and targeted end users. Command and control will be provided by GTS-SD SRM North America management team Job Responsibilities: • Primary role will be to perform network and computer forensic analysis in support of IT security incidents • Strong background in systems forensics data capture and analysis using EnCase or FTK • Perform forensic examination tasks based on a Global process • Perform intermediate level Malware analysis as required • Provide assistance with global triage of systems of interest to an investigation • Provide secondary support to corporate, legal, and commercial teams • Understand chain of custody as it relates to computer forensics and potential litigation • Provide support to ongoing special projects such as regular system sampling for Malware analysis and URL/site analysis for potential phishing attempts for intelligence collection. • Provide backup support to the in country Security Incident Focal Required Skills • Performing incident response and computer forensics services in a large global enterprise environment 2+ Years • High level of hands-on experience with hardware/software tools used incident response, computer forensics, network security assessments, and/or application security 2+ Years • Performing intermediate level malicious code analysis to determine associated network and file system data and the capability of the malware 2+ Years • Technical specialization experience in a large scale Windows environment. Unix, Linux, Databases, Routers/Firewalls, IPS, Mac OS a plus 2+ Years • Technical Report Writing which should include experience within the following writing areas: Executive Summary, Data Collection/Preservation, Data Analysis, Findings, Conclusions and Recommendations 2+ Years • Familiarity with local laws and requirements as it relates to incident response and forensic analysis in country and transmission of data across borders internally. 2+ Years Additional Requirements: • Thorough understanding of network protocols, network devices, computer security devices, secure architecture, and system administration in support of computer forensics and network security operations • Basic familiarity with cryptography and encryption tools • Understanding of common software/systems vulnerabilities and cyber attack methods • Ability to develop, explain, and effectively document technical approaches to complex problems • Excellent planning and organizational skills • Ability to work independently and with teams • Ability to interact effectively with technical and non-technical audiences both written and verbally • Ability to recognize and appropriately handle confidential and sensitive information • Ability to teach and desire to learn from others • Must be able to pass/qualify any security clearances or checks as required • Fluent in English as well as languages of the region – both written and spoken Preferred: • Experience in advanced reverse engineering of malware • Experience with enterprise level remote forensics solutions • CISSP, GCFA, GCIA, GCIH, CHFI, GREM certification | ||||||||||||||||||||||||||||
| ||||||||||||||||||||||||||||
| IBM is committed to creating a diverse environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status. https://jobs3.netmedia1.com/cp/faces/job_summary?job_id=S_D-0536355 |
Post a Comment