MULTIPLE CITIES, MULTIPLE, Philippines
19 hours ago
X-Force Incident Response APAC OT Lead
The X-Force Incident Response team (XFIR) helps IBM customers globally with their Digital Forensics and Incident Response needs, whether that’s before, during, or after an incident. Proactive projects include running tabletop exercises or helping to improve IR documentation, whereas reactive engagements might involve expert level forensic analysis to quantify Intellectual Property theft, or leading IR activities on one of the biggest data breaches in the world.

Many of the existing members of the team are DFIR all-rounders that are as comfortable chewing through log files at the command line during threat hunting as presenting an executive summary of an incident to board members. The successful candidate for this role will also bring a specialisation in DFIR within OT/ICS/SCADA environments, and will have a background in supporting these environments, either internally or as a consultant. Cases will include everything from false alarms to nation state attacks against critical infrastructure. Efficient and methodical collaboration is key in projects of this scale, as is excellent written and spoken English.

You will also have demonstrated skills in various elements of Incident Response, conducting computer intrusion investigations, and have a strong foundation in cyber security policy, operations and best practices. This might include proficiency with leading EDR tools, familiarity with forensic analysis tools such as X-Ways or EnCase, or forensic triage expertise using Velociraptor or UAC. Furthermore, familiarity with Windows and Linux operating systems and enterprise technology such as Active Directory / LDAP / Entra ID, on-premises and cloud-based email, and network devices such as firewalls, proxies, IPS/IDS, SIEMs, etc. is preferred.

As part of the OT Security-focused responsibilities, you will support several OT Security proactive services such as cybersecurity gap assessments, consulting with clients on OT Security Resiliency roadmap development, and keeping yourself, colleagues, and clients apprised of technical practices, standards, and threat trends impacting ICS cybersecurity.

As an experienced consultant, you’ll understand that the nature of the work sometimes involves late nights, early starts, weekends, or travel at short notice. In return, XFIR provides time off in lieu, weekend on-call allowance and the ability to manage your own time wherever possible. We don’t offer opaque bonus schemes but can offer a base salary designed attract the best people for the job.

The selected candidate will be assigned as the X-Force Incident Response lead OT lead for the APAC region.
Confirm your E-mail: Send Email