TIER 2 - Analista Phishing

Introduction
Information and Data are some of the most important organizational assets in today’s businesses. As a Security Consultant you will be a key advisor for IBM’s clients analyzing business requirements to design and implement the best security solutions for their needs. You will apply your technical skills to find the balance between enabling and securing the client’s organization with the cognitive solutions that are making IBM the fastest growing enterprise security business in the world.

Your Role and Responsibilities
In this role you’ll work in one of our IBM Consulting Client Innovation Centers (Delivery Centers) where we deliver deep technical and industry expertise to a wide range of public and private sector clients around the world.​ Our delivery centers offer our clients locally based skills and technical expertise to drive innovation and adoption of new technology.
A career in IBM Consulting embraces long-term relationships and close collaboration with clients across the globe.
You’ll work with visionaries across multiple industries to improve the hybrid cloud and AI journey for the most innovative and valuable companies in the world. Your ability to accelerate impact and make meaningful change for your clients is enabled by our strategic partner ecosystem and our robust technology platforms across the IBM portfolio; including IBM Software and Red Hat.
Curiosity and a constant quest for knowledge serve as the foundation to success in IBM Consulting. In your role you’ll be encouraged to challenge the norm investigate ideas outside of your role and come up with creative solutions resulting in ground breaking impact for a wide network of clients. Our culture of evolution and empathy centers on long-term career growth and development opportunities in an environment that embraces your unique skills and experience.

Required Technical and Professional Expertise
• Understand the different types of phishing attacks (spear-phishing credential phishing whaling smishing vishing) and the techniques used by attackers to trick users.
• General knowledge of cybersecurity including best practices for protecting emails accounts and sensitive data.
• Ability to identify patterns and signs of phishing campaigns by analyzing the emails messages URLs and domains used.
• Ability to analyze suspicious emails (email headers content links and attachments) for signs of phishing such as malicious links fake sender addresses or spoofing techniques.
• Ability to detect “spoofing” attacks or spoofed domains that pretend to be legitimate entities.
• Ability to identify patterns of deception and manipulation in the content of emails or messages intended to convince users to hand over confidential information or download malware.
• Ability to coordinate immediate response to a phishing incident ensuring affected users receive support and a containment plan is in place to minimize impact.
• Ability to handle incidents where user accounts have been compromised including resetting credentials temporarily locking accounts and safely regaining access
• Ability to contain the spread of phishing attacks through actions such as blocking malicious domains removing phishing emails from inboxes and implementing filtering rules on mail servers.
• Experience in managing the recovery of data or accounts affected by successful phishing attacks ensuring they are safely restored without reinfection.
• Knowledge of implementing email authentication standards to prevent domain spoofing and mitigate phishing attacks.
• Ability to investigate malicious attachments distributed via phishing emails.
• Knowledge of how to collect and preserve electronic evidence in a phishing incident ensuring data integrity for future investigations or legal proceedings.
• Ability to document each phishing incident including its analysis response and lessons learned.
• Experience in proactively monitoring phishing threats in real-time using security monitoring tools such as SIEMs (QRadar).
• Knowledge in automating responses to phishing incidents through the use of SOAR (Security Orchestration Automation and Response) solutions reducing response time and the impact of the attack.
• Ability to work with threat intelligence data to identify patterns and new phishing campaigns that may target the organization.

Preferred Technical and Professional Expertise
• Ability to perform forensic analysis of emails and systems compromised in phishing incidents including collecting email headers analyzing network traffic and extracting indicators of compromise.
• Ability to identify trends in phishing attacks and propose improvements in security policies and employee training.
• English language.