A career in IBM Consulting embraces long-term relationships and close collaboration with clients across the globe.
You'll work with visionaries across multiple industries to improve the hybrid cloud and AI journey for the most innovative and valuable companies in the world. Your ability to accelerate impact and make meaningful change for your clients is enabled by our strategic partner ecosystem and our robust technology platforms across the IBM portfolio; including IBM Software and Red Hat.
Curiosity and a constant quest for knowledge serve as the foundation to success in IBM Consulting. In your role, you'll be encouraged to challenge the norm, investigate ideas outside of your role, and come up with creative solutions resulting in ground breaking impact for a wide network of clients. Our culture of evolution and empathy centers on long-term career growth and development opportunities in an environment that embraces your unique skills and experience.

Required Technical and Professional Expertise
• Understand the different types of phishing attacks (spear-phishing, credential phishing, whaling, smishing, vishing) and the techniques used by attackers to trick users.
• General knowledge of cybersecurity, including best practices for protecting emails, accounts, and sensitive data.
• Ability to identify patterns and signs of phishing campaigns by analyzing the emails, messages, URLs, and domains used.
• Ability to analyze suspicious emails (email headers, content, links, and attachments) for signs of phishing, such as malicious links, fake sender addresses, or spoofing techniques.
• Ability to detect "spoofing" attacks or spoofed domains that pretend to be legitimate entities.
• Ability to identify patterns of deception and manipulation in the content of emails or messages intended to convince users to hand over confidential information or download malware.
• Ability to coordinate immediate response to a phishing incident, ensuring affected users receive support, and a containment plan is in place to minimize impact.
• Ability to handle incidents where user accounts have been compromised, including resetting credentials, temporarily locking accounts, and safely regaining access
• Ability to contain the spread of phishing attacks through actions such as blocking malicious domains, removing phishing emails from inboxes, and implementing filtering rules on mail servers.
• Experience in managing the recovery of data or accounts affected by successful phishing attacks, ensuring they are safely restored without reinfection.
• Knowledge of implementing email authentication standards to prevent domain spoofing and mitigate phishing attacks.
• Ability to investigate malicious attachments distributed via phishing emails.
• Knowledge of how to collect and preserve electronic evidence in a phishing incident, ensuring data integrity for future investigations or legal proceedings.
• Ability to document each phishing incident, including its analysis, response, and lessons learned.
• Experience in proactively monitoring phishing threats in real-time, using security monitoring tools such as SIEMs (QRadar).
• Knowledge in automating responses to phishing incidents through the use of SOAR (Security Orchestration, Automation, and Response) solutions, reducing response time and the impact of the attack.
• Ability to work with threat intelligence data to identify patterns and new phishing campaigns that may target the organization.

Preferred Technical and Professional Expertise
• Ability to perform forensic analysis of emails and systems compromised in phishing incidents, including collecting email headers, analyzing network traffic, and extracting indicators of compromise.
• Ability to identify trends in phishing attacks and propose improvements in security policies and employee training.
• English language.