Computer Forensic Analyst(职位编号:GTS-0535157)
国际商业机器中国有限公司(IBM)
- 公司行业:计算机软件
职位信息
- 发布日期:2012-11-13
- 工作地点:北京
- 招聘人数:若干
- 工作经验:五年以上
- 学历要求:本科
- 语言要求:英语熟练
普通话熟练 - 职位类别:数据库工程师/管理员 项目执行/协调人员
职位描述
Job description
Job Description
Specialize in supporting IT security incidents affecting IGA. Work with a team of incident responders to help locate, investigate, and remediate IT security incidents. Ability to communicate and work closely and effectively with an incident response team, executive management, and targeted end users. Command and control will be provided by GTS-SD SRM North America management team
Job Responsibilities:
Primary role will be to perform network and computer forensic analysis in support of IT security incidents
Strong background in systems forensics data capture and analysis using EnCase or FTK
Perform forensic examination tasks based on a Global process
Perform intermediate level Malware analysis as required
Provide assistance with global triage of systems of interest to an investigation
Provide secondary support to corporate, legal, and commercial teams
Understand chain of custody as it relates to computer forensics and potential litigation
Provide support to ongoing special projects such as regular system sampling for Malware analysis and URL/site analysis for potential phishing attempts for intelligence collection.
Provide backup support to the in country Security Incident Focal
Required Skills
Performing incident response and computer forensics services in a large global enterprise environment 2+ Years
High level of hands-on experience with hardware/software tools used incident response, computer forensics, network security assessments, and/or application security 2+ Years
Performing intermediate level malicious code analysis to determine associated network and file system data and the capability of the malware 2+ Years
Technical specialization experience in a large scale Windows environment. Unix, Linux, Databases, Routers/Firewalls, IPS, Mac OS a plus 2+ Years
Technical Report Writing which should include experience within the following writing areas: Executive Summary, Data Collection/Preservation, Data Analysis, Findings, Conclusions and Recommendations 2+ Years
Familiarity with local laws and requirements as it relates to incident response and forensic analysis in country and transmission of data across borders internally. 2+ Years
Additional Requirements:
Thorough understanding of network protocols, network devices, computer security devices, secure architecture, and system administration in support of computer forensics and network security operations
Basic familiarity with cryptography and encryption tools
Understanding of common software/systems vulnerabilities and cyber attack methods
Ability to develop, explain, and effectively document technical approaches to complex problems
Excellent planning and organizational skills
Ability to work independently and with teams
Ability to interact effectively with technical and non-technical audiences both written and verbally
Ability to recognize and appropriately handle confidential and sensitive information
Ability to teach and desire to learn from others
Must be able to pass/qualify any security clearances or checks as required
Fluent in English as well as languages of the region - both written and spoken
Preferred:
Experience in advanced reverse engineering of malware
Experience with enterprise level remote forensics solutions
CISSP, GCFA, GCIA, GCIH, CHFI, GREM certification
Required
Bachelor's Degree
At least 5 years experience in supporting IT security incidents affecting IGA
English: Fluent
Chinese simplified: Fluent
IBM is committed to creating a diverse environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status.
Job Description
Specialize in supporting IT security incidents affecting IGA. Work with a team of incident responders to help locate, investigate, and remediate IT security incidents. Ability to communicate and work closely and effectively with an incident response team, executive management, and targeted end users. Command and control will be provided by GTS-SD SRM North America management team
Job Responsibilities:
Primary role will be to perform network and computer forensic analysis in support of IT security incidents
Strong background in systems forensics data capture and analysis using EnCase or FTK
Perform forensic examination tasks based on a Global process
Perform intermediate level Malware analysis as required
Provide assistance with global triage of systems of interest to an investigation
Provide secondary support to corporate, legal, and commercial teams
Understand chain of custody as it relates to computer forensics and potential litigation
Provide support to ongoing special projects such as regular system sampling for Malware analysis and URL/site analysis for potential phishing attempts for intelligence collection.
Provide backup support to the in country Security Incident Focal
Required Skills
Performing incident response and computer forensics services in a large global enterprise environment 2+ Years
High level of hands-on experience with hardware/software tools used incident response, computer forensics, network security assessments, and/or application security 2+ Years
Performing intermediate level malicious code analysis to determine associated network and file system data and the capability of the malware 2+ Years
Technical specialization experience in a large scale Windows environment. Unix, Linux, Databases, Routers/Firewalls, IPS, Mac OS a plus 2+ Years
Technical Report Writing which should include experience within the following writing areas: Executive Summary, Data Collection/Preservation, Data Analysis, Findings, Conclusions and Recommendations 2+ Years
Familiarity with local laws and requirements as it relates to incident response and forensic analysis in country and transmission of data across borders internally. 2+ Years
Additional Requirements:
Thorough understanding of network protocols, network devices, computer security devices, secure architecture, and system administration in support of computer forensics and network security operations
Basic familiarity with cryptography and encryption tools
Understanding of common software/systems vulnerabilities and cyber attack methods
Ability to develop, explain, and effectively document technical approaches to complex problems
Excellent planning and organizational skills
Ability to work independently and with teams
Ability to interact effectively with technical and non-technical audiences both written and verbally
Ability to recognize and appropriately handle confidential and sensitive information
Ability to teach and desire to learn from others
Must be able to pass/qualify any security clearances or checks as required
Fluent in English as well as languages of the region - both written and spoken
Preferred:
Experience in advanced reverse engineering of malware
Experience with enterprise level remote forensics solutions
CISSP, GCFA, GCIA, GCIH, CHFI, GREM certification
Required
Bachelor's Degree
At least 5 years experience in supporting IT security incidents affecting IGA
English: Fluent
Chinese simplified: Fluent
IBM is committed to creating a diverse environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status.
公司介绍
For nearly 100 years, IBM has created products to handle information. Today, as the world's largest information technology company, it invents, develops and manufactures the most advanced information technologies computer systems, software, storage systems and microelectronics. But that's just for starters. After decades as the undisputed leader in the computer hardware business, IBM has transformed itself into an information technology services business. It is passionately committed to adding value for our clients from helping to keep grocery shelves stocked to simultaneously providing medical imagery to physicians an ocean apart. Its solutions, services and consulting offerings are revolutionizing the way people, organizations and enterprises operate including itself.
在过去的近一百年里,世界经济不断发展,现代科学日新月异,IBM 始终以超前的技术,出色的管理和独树一帜的产品领导着信息产业的发展,保证了世界范围内几乎所有行业用户对信息处理的全方位需求。众所周知,早在1969年,阿波罗宇宙飞船载着三名宇航员,肩负着人类的使命,首次登上了月球;1981年哥伦比亚号航天飞机又成功地飞上了天空。这两次历史性的太空飞行都凝聚着IBM无与伦比的智慧。IBM的事业就象宇宙飞船一样永远向着更高的目标不断奋进,造福人类。
在过去的近一百年里,世界经济不断发展,现代科学日新月异,IBM 始终以超前的技术,出色的管理和独树一帜的产品领导着信息产业的发展,保证了世界范围内几乎所有行业用户对信息处理的全方位需求。众所周知,早在1969年,阿波罗宇宙飞船载着三名宇航员,肩负着人类的使命,首次登上了月球;1981年哥伦比亚号航天飞机又成功地飞上了天空。这两次历史性的太空飞行都凝聚着IBM无与伦比的智慧。IBM的事业就象宇宙飞船一样永远向着更高的目标不断奋进,造福人类。