The IBM CISO Cybersecurity Forensic Analyst role is focused on investigating and responding to cybersecurity incidents across the Americas region. This position is part of the Cyber Security Incident Response Team (CSIRT), which works to safeguard IBM systems and those of its clients. The analyst will engage in digital forensics, threat analysis, and incident response, collaborating with various teams to ensure effective containment and remediation of security events. Candidates should possess strong technical skills and the ability to communicate complex findings clearly.

• 3-5 years of experience in Incident Response, SOC, and/or Digital Forensics in a global corporate environment.
• Strong digital forensics expertise across endpoints, systems, and network artifacts.
• Ability to collect, preserve, and analyze evidence while maintaining chain of custody.
• Understanding of attacker TTPs, with exposure to malware analysis or memory forensics preferred.
• Basic scripting/automation skills in languages such as Python or PowerShell are a plus.

• Conduct forensic investigations on endpoint, network, and cloud environments.
• Collect, preserve, and analyze digital evidence in accordance with established standards.
• Support incident response activities, including triage, containment, eradication, and recovery.
• Correlate forensic evidence with threat intelligence and detection signals.
• Document findings and produce clear, defensible reports for technical and non-technical stakeholders.

• IBM offers competitive compensation, healthcare coverage, retirement programs, paid parental leave, tuition assistance, wellness programs, flexible work options, and extensive learning and certification resources.