Cyber Security Response (CSIRT) Analyst
Who We Are
Kyndryl is a market leader that thinks and acts like a start-up. We design, build, manage, and modernize the mission-critical technology systems that the world depends on every day. So why work at Kyndryl? We are always moving forward – always pushing ourselves to go further in our efforts to build a more equitable, inclusive world for our employees, our customers, and our communities.
Are you passionate about protecting companies from cyber threats? Do you want to be part of a team that safeguards the digital assets of a cutting-edge organization? Look no further – Kyndryl is seeking a Cybersecurity Specialist to join our team of talented Security Intelligence Analysts.
The Kyndryl CSIRT (Cybersecurity Incident Response Team) is looking for a Security Intelligence Analyst to join an advanced team that drives proactive identification of threats within the organization, provide rapid response, monitors user activity, network events, and signals from security tools to identify events that merit attention, prioritization, and investigation.
•Analyze network and host activity associated with both successful and unsuccessful intrusions by advanced attackers.
•Perform network traffic analysis utilizing raw packet data, net flow, IDS, and custom sensor output.
•Lead enterprise incident response efforts
•Leverage understanding of tactics, techniques and procedures associated with advanced threats to create and add custom signatures that mitigate highly dynamic threats to the enterprise.
•Employ advanced forensic tools and techniques for attack reconstruction and intelligence gathering.
•Proactively research emerging cyber threats. Apply analytical understanding of attacker methodologies and tactics, system vulnerabilities, and key indicators of attacks and exploits.
•Contribute to threat intelligence reports and briefings that provide situational awareness of cyber threats impacting the company's global network infrastructure, to every level of the organization.
•Participate in threat hunt operations using known adversary tactics, techniques, and procedures, as well as indicators of attack, in order to detect advanced threats to the enterprise.
•Collaborate using information and knowledge sharing networks and professional relationships to achieve common goals.
•Provide on-call support for incident response efforts outside of core hours as needed.
This is a unique opportunity to work with cutting-edge technology, be part of a dynamic team, and make a significant impact in the world of cybersecurity. If you're up for the challenge, apply now to join Kyndryl cybersecurity team!
Who You Are
Required Skills and Experience:
•4+ years of experience in a Cybersecurity field
•Expertise in conventional network\host-based intrusion analysis, digital forensics, or malware analysis.
•Experience performing "deep dive" analysis and correlation of log data from multiple sources including PCAP and forensic artifacts.
•Proficient with leading and contributing to incident response activities.
•Understanding of Operating Systems and Network Protocols.
•Proficiency with Microsoft Windows administrative tools, and the Unix/Linux command line.
•Proficiency with Security Operations Center experience including experience with security automation platforms (XSOAR, Tines, TheHive)
•Proficiency with Splunk (preferred) or other SIEM-type platform
•Excellent technical writing and presentation skills.
Preferred Skills and Experience:
•Valid and current certification or equivalent experience in one of the following: CISSP / CompTIA Security+ / Certified Cloud Security Professional / GIAC Security Essentials
•Understanding of behavioral based threat models, including ATT&CK, Cyber Kill Chain, Diamond Model, etc.
•An understanding of advanced cyber threats targeting enterprises, along with the tools, tactics, and procedures used by those threats.
•Experience applying threat and data modeling, advanced data correlation, and statistical analysis to develop alerts, notable events, investigative dashboards, and metrics driven reports.
•Experience as Threat Researcher and/or Intelligence Analyst.
Diversity is a whole lot more than what we look like or where we come from, it’s how we think and who we are. We welcome people of all cultures, backgrounds, and experiences. But we’re not doing it single-handily: Our Kyndryl Inclusion Networks are only one of many ways we create a workplace where all Kyndryls can find and provide support and advice. This dedication to welcoming everyone into our company means that Kyndryl gives you – and everyone next to you – the ability to bring your whole self to work, individually and collectively, and support the activation of our equitable culture. That’s the Kyndryl Way.
What You Can Expect
With state-of-the-art resources and Fortune 100 clients, every day is an opportunity to innovate, build new capabilities, new relationships, new processes, and new value. Our employee learning hub gives you access to the best learning in the industry to receive certifications and accreditations, including Microsoft University, AWS Cloud Center of Excellence, Udemy, and the Harvard Business Review. Through our company-wide volunteering and giving platform, you can donate, start fundraisers, volunteer, and search over 2 million non-profit organizations. At Kyndryl, we invest heavily in you! We want you to succeed so that together, we will all succeed.