Skip to main content

CSIRT Analyst

Apply now
Locations Austin, Texas, Rochester, New York, Sterling Forest, New York, Atlanta, Georgia, Southbury, Connecticut, Dallas, Texas, Hazelwood, Missouri, Boulder, Colorado, Chicago, Illinois, Lexington, Kentucky, Washington, DC, Columbus, Ohio, Smyrna, Georgia, Buffalo, New York, Iselin, New Jersey, Poughkeepsie, New York, Rochester, Minnesota, Research Triangle Park, North Carolina, Bentonville, Arkansas, Columbia, Missouri, Irving, Texas, Lewisville, Texas, New York, New York, Richardson, Texas, Midland, Michigan, Honolulu, Hawaii, Phoenix, Arizona
Job ID 595318BR
Date posted 09/21/2022
Primary Job Area Architect

Why Kyndryl

Our world has never been more alive with opportunities and, at Kyndryl, we’re ready to seize them. We design, build, manage and modernize the mission-critical technology systems that the world depends on every day. Kyndryl is at the heart of progress — dedicated to helping companies and people grow strong. Our people are actively discovering, co-creating, and strengthening. We push ourselves and each other to seek better, to go further, and we carry this energy to our customers. At Kyndryl, we want you to keep growing, and we’ll provide plenty of opportunities to make that happen.

Please be aware that we have the Kyndryl candidate zone hosted by IBM for a certain period. If you have applied for an IBM role previously, you will be able to log into the candidate zone using your previous IBM log in details. When in the candidate zone, you will be able to see your previous applications for both IBM and Kyndryl.

For further information on privacy, please visit www.kyndryl.com/privacy.

Your Role and Responsibilities

The Kyndryl CISO Defense Tower is looking for a CSIRT Incident Coordinator to join an advanced threat detection and response team that drives proactive identification of threats within the organization, provide rapid response, monitors user activity, network events, and signals from security tools to identify events that merit attention, prioritization, and investigation. In this role, a security incident coordinator receives, coordinates, and manages security incidents for the organization. Responsible for the actions of other IR team members, disseminating information as necessary and facilitating the engagement of other security resources as needed. Team member will provide status updates to management as needed. Team member has cyber security experience, hands-on technical skills on Windows, Linux and Network security, along with experience in identifying live intrusions and triage security events in real-time. Project management, and 24x7 operational support experience is required.

Qualifications:
• Knowledge of security and information technology
• Operational support skills
• Project management skills
• Experience with Organizational Communications
• Excellent technical writing and presentation skills.
• Strong ability to track and manage multiple issues simultaneously.
• Working experience with SIEM solutions (QRadar, Splunk, Elastic Security)
• Strong Microsoft Excel skills (to include Pivot tables, vlookup, Conditional Formatting)
• Prior experience in an Information Technology or Information Security Department, with incident response experience in an enterprise setting.
• Capture / analyze network traffic for indications of compromise.
• Review log-based data, both in raw form and utilizing SIEM or aggregation tools.
• Perform live network assessments using leading packet capture and analysis software tools.


If you are hired into a Colorado work location, the anticipated compensation range for the position $107,000 to $204,000 is based on a full-time schedule. Your ultimate compensation may vary depending on your job-related skills and experience. For part time roles, the compensation will be adjusted appropriately.

General employment benefits are automatically listed in the “Other things to know” field of the req; no action required for bullet 2.

Required Technical and Professional Expertise

• At least 5 years of experience in IT Security Digital Forensics
• At least 5 years of experience in Incident Response in a global corporate enterprise
• Demonstrated computer forensic investigations experience.
• Excellent technical writing and presentation skills.
• Expert-level knowledge of common attack vectors and penetration techniques.
• Solid working knowledge of networking technology and tools, firewalls, proxies, IDS/IPS and encryption.
• Demonstrated knowledge of forensic tools (Encase, FTK, Axiom Magnet, Black Bag, SIFT, Kali)
• Experience with malware analysis (reverse engineering).
• Experience managing large and small-scale cyber security incidents.
• Demonstrated understanding of database structures and SQL.
• Conduct examination of digital media (hard drives, network traffic, images, etc.).
• Capture / analyze network traffic for indications of compromise.
• Review log-based data, both in raw form and utilizing SIEM or aggregation tools.
• Perform live network assessments using leading packet capture and analysis software tools.
• Establish timelines and patterns of activity based on multiple data sources.
• Identify, document and prepare reports on relevant findings.
• Strong understanding of networking protocols
• Experience with programming or scripting languages (Python, Ruby, Powershell)
• Demonstrated system administration skills.

Preferred Technical and Professional Experience

• Project +
• PMP
• Microsoft Office Specialist (MOS) Certification

Required Security Certifications (Any of the following)
• CEH (Certified Ethical Hacker)
• Security+
• CFE (GIAC Certified Forensics Examiner)
• GSEC (GIAC Security Essentials)
• SANS Security SEC401

Required Education

Associate's Degree/College Diploma

Preferred Education

Bachelor's Degree

Being You @ Kyndryl

Kyndryl is committed to creating a diverse environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, pregnancy, disability, age, veteran status, or other characteristics. Kyndryl is also committed to compliance with all fair employment practices regarding citizenship and immigration status.

Other things to know

Kyndryl offers a wide range of resources for eligible employees to thrive both inside and outside of work. In addition to a competitive benefits program consisting of medical and life insurance, retirement plans, and time off, eligible employees may also have access to: ·12 weeks of paid parental bonding leave. ·Well-being programs to support mental and physical health. ·Financial programs that empower you to plan, save, and manage your money. ·Discounts on retail products, services, and experiences. We consider qualified applicants with criminal histories, consistent with applicable law. Kyndryl will not be providing visa sponsorship for this position now or in the future. Therefore, in order to be considered for this position, you must have the ability to work without a need for current or future visa sponsorship.

Kyndryl's Vaccination Policy

Beginning January 18, 2022, all employees working onsite at a Kyndryl, customer or partner location must be fully vaccinated against COVID-19.  New hires meeting this criteria will be asked to submit proof of their vaccination status prior to the start of employment.  Those who believe they are eligible may apply for a medical or religious accommodation prior to the start of employment.

Primary Job Category

Architect

Role (Job Role)

Security Architect

Employment Type

Full-Time

Contract Type

Regular

Position Type

Professional

Travel Required

Some travel may be required based on business demand

Company

(Y078) Kyndryl, Inc.

Is this role a commissionable / sales incentive based position

No

Apply now

Jobs for you

  • Enterprise Architect - Cyber Recovery Texas, Austin, New York, Rochester, New York, Sterling Forest, Georgia, Atlanta, Connecticut, Southbury, Texas, Dallas, Missouri, Hazelwood, Colorado, Boulder, Illinois, Chicago, Kentucky, Lexington, DC, Washington, Ohio, Columbus, Georgia, Smyrna, New York, Buffalo, New Jersey, Iselin, New York, Poughkeepsie, Minnesota, Rochester, North Carolina, Research Triangle Park, Arkansas, Bentonville, Missouri, Columbia, Texas, Irving, Texas, Lewisville, New York, New York, Texas, Richardson, Michigan, Midland, Hawaii, Honolulu, Arizona, Phoenix
  • Principal Security Software Development/Engineer - Manager (REMOTE) Texas, Austin, New York, Rochester, New York, Sterling Forest, Georgia, Atlanta, Connecticut, Southbury, Texas, Dallas, Missouri, Hazelwood, Colorado, Boulder, Illinois, Chicago, Kentucky, Lexington, DC, Washington, Ohio, Columbus, Georgia, Smyrna, New York, Buffalo, New Jersey, Iselin, New York, Poughkeepsie, Minnesota, Rochester, North Carolina, Research Triangle Park, Arkansas, Bentonville, Missouri, Columbia, Texas, Irving, Texas, Lewisville, New York, New York, Texas, Richardson, Michigan, Midland, Hawaii, Honolulu, Arizona, Phoenix
  • Cloud Architect - Azure (Remote US) Texas, Austin, New York, Rochester, New York, Sterling Forest, Georgia, Atlanta, Connecticut, Southbury, Texas, Dallas, Missouri, Hazelwood, Colorado, Boulder, Illinois, Chicago, Kentucky, Lexington, DC, Washington, Ohio, Columbus, Georgia, Smyrna, New York, Buffalo, New Jersey, Iselin, New York, Poughkeepsie, Minnesota, Rochester, North Carolina, Research Triangle Park, Arkansas, Bentonville, Missouri, Columbia, Texas, Irving, Texas, Lewisville, New York, New York, Texas, Richardson, Michigan, Midland, Hawaii, Honolulu, Arizona, Phoenix

You haven’t saved any jobs yet, but when you find an opportunity that seems right for you, star it so you can return to it easily.

As you search for opportunities that fit your skills, any jobs you view will appear here.