threat response Analyst - l3Ibm
Workplace: MetroManila, Quezon, Manila
Salary: Agreement
Work form: Full time
Posting Date: 09/11/2025
Deadline: 18/01/2021
Introduction
Information and Data are some of the most important organizational assets in today's businesses. As a Security Consultant, you will be a key advisor for IBM's clients, analyzing business requirements to design and implement the best security solutions for their needs. You will apply your technical skills to find the balance between enabling and securing the client's organization with the cognitive solutions that are making IBM the fastest growing enterprise security business in the world.
Your Role and Responsibilities
We have an excellent opportunity for a Threat Response Analyst to support strategic clients across the region to drive strategy around various security consulting initiatives. This is an opportunity to work with IBM security services team that is operating on the cutting−edge of information security.
Why IBM Security Services?
IBM Security has 10,000 clients in 133 countries, 6,000 researchers, developers, and SMEs focused on security, 3,700 security−related patents, and 36 IBM Security locations across the globe.
High−growth areas are security analytics/SIEM (10%); Threat Intelligence (10%+); Mobile Security (18%); and Cloud Security (50%)
IBM Security QRadar is again a leader in Gartner's 2015 Magic Quadrant for SIEM.
Key Responsibilities:
The SOC Threat Response Analyst role is part of the SOC. Candidates in this role will be responsible for conducting incident response operations according to documented procedures and industry best practices. Candidates in this role must have excellent communication skills; able to interact with executive levels throughout the company. Must have extensive experience in multiple security areas such as SIEM, IDS, APT, and WAF. Candidates will be required to participate in multiple intelligence communities and be able to disseminate pertinent information throughout the SOC. Ideal candidates should have extensive experience in Linux and Windows operating systems, deep knowledge of networking and attack methods such as SQLi and pivoting. Enthusiasm and interest in Information Security must be displayed.
Job Requirements:
Provide incident investigation as per Security Incident Management Process/Guidelines
Drives containment strategy during data loss or breach events
Triage and resolve advanced vector attacks such as botnets and advanced persistent threats (APTs)
Malware outbreak incident handling and remediation
Co−ordinate with IT, security operations and other teams for remediation and trigger forensics process as appropriate
Perform Root cause analysis (RCA) for the incidents and update the knowledge management
Works directly with data asset owners and business response plan owners during high severity incidents
Tuning of IDS, proxy policy, in−line malware tools based on threat feeds, trust and reputation data, incidents, or vulnerabilities and exploits of downstream systems
Provide tuning recommendations to administrators based on findings during investigations or threat information reviews
Required Technical and Professional Expertise
Strong Analytical and Problem-Solving Skills
Knowledge of network security zones, Firewall configurations, IDS policies Knowledge of systems communications from Layer 1 to 7
Experience with Systems Administration, Middleware, and Application Administration Experience with Network and Network Security tools administration
Knowledge of log formats and ability to aggregate and parse log data for syslog, http logs, DB logs for investigation purposes
In−depth experience with log search tools and SIEM tools such as Splunk, Arcsight, Mcafee usage of regular expressions and natural language queries
In−depth knowledge of packet capture and analysis
Experience with Security Assessment tools (NMAP, Nessus, Metasploit, Netcat)
Ability to make create a containment strategy and execute
Preferred Technical and Professional Expertise
Intrusion Detection In Depth − SEC503 (GCIA certification) or equivalent
Hacker Techniques, Exploits & Incident Handling − SEC504 (optional GCIH certification) or equivalent
GIAC Continuous Monitoring (optional GMON certification) or equivalent
Advanced digital forensics and Incident Response − FOR 508 (Optional GCFA certification) or equivalent
Computer Forensic Investigation such as Windows Forensic Analysis FOR408 − (Optional GCFE certification)
Perimeter Protection In Depth − SEC502 (optional GCFW certification) Advanced Security Essentials − SEC501 (optional GCED certification)
About Business Unit
IBM's Cloud and Cognitive software business is committed to bringing the power of IBM's Cloud and Watson/AI technologies to life for our clients and ecosystem partners around the world. IBM provides you with the most comprehensive and consistent approach to development, security and operations across hybrid environments-with complete software solutions for business and IT operations, development, data science, security, and management. Our experts and software capabilities help organizations develop applications once and deploy them anywhere, integrate security across the breadth of their IT estate, and automate operations with management visibility. With IBM, you also have access to new skills and methods, governance and management approaches, and a deep ecosystem of industry experts and partners.
Your Life @ IBM
What matters to you when you're looking for your next career challenge?
Maybe you want to get involved in work that really changes the world? What about somewhere with incredible and diverse career and development opportunities - where you can truly discover your passion? Are you looking for a culture of openness, collaboration and trust - where everyone has a voice? What about all of these? If so, then IBM could be your next career challenge. Join us, not to do something better, but to attempt things you never thought possible.
Impact. Inclusion. Infinite Experiences. Do your best work ever.
About IBM
IBM's greatest invention is the IBMer. We believe that progress is made through progressive thinking, progressive leadership, progressive policy and progressive action. IBMers believe that the application of intelligence, reason and science can improve business, society and the human condition. Restlessly reinventing since 1911, we are the largest technology and consulting employer in the world, with more than 380,000 IBMers serving clients in 170 countries.
Location Statement
For additional information about location requirements, please discuss with the recruiter following submission of your application.
Being You @ IBM
IBM is committed to creating a diverse environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, pregnancy, disability, age, veteran status, or other characteristics. IBM is also committed to compliance with all fair employment practices regarding citizenship and immigration status.
IBM
Information and Data are some of the most important organizational assets in today's businesses. As a Security Consultant, you will be a key advisor for IBM's clients, analyzing business requirements to design and implement the best security solutions for their needs. You will apply your technical skills to find the balance between enabling and securing the client's organization with the cognitive solutions that are making IBM the fastest growing enterprise security business in the world.
Your Role and Responsibilities
We have an excellent opportunity for a Threat Response Analyst to support strategic clients across the region to drive strategy around various security consulting initiatives. This is an opportunity to work with IBM security services team that is operating on the cutting−edge of information security.
Why IBM Security Services?
IBM Security has 10,000 clients in 133 countries, 6,000 researchers, developers, and SMEs focused on security, 3,700 security−related patents, and 36 IBM Security locations across the globe.
High−growth areas are security analytics/SIEM (10%); Threat Intelligence (10%+); Mobile Security (18%); and Cloud Security (50%)
IBM Security QRadar is again a leader in Gartner's 2015 Magic Quadrant for SIEM.
Key Responsibilities:
The SOC Threat Response Analyst role is part of the SOC. Candidates in this role will be responsible for conducting incident response operations according to documented procedures and industry best practices. Candidates in this role must have excellent communication skills; able to interact with executive levels throughout the company. Must have extensive experience in multiple security areas such as SIEM, IDS, APT, and WAF. Candidates will be required to participate in multiple intelligence communities and be able to disseminate pertinent information throughout the SOC. Ideal candidates should have extensive experience in Linux and Windows operating systems, deep knowledge of networking and attack methods such as SQLi and pivoting. Enthusiasm and interest in Information Security must be displayed.
Job Requirements:
Provide incident investigation as per Security Incident Management Process/Guidelines
Drives containment strategy during data loss or breach events
Triage and resolve advanced vector attacks such as botnets and advanced persistent threats (APTs)
Malware outbreak incident handling and remediation
Co−ordinate with IT, security operations and other teams for remediation and trigger forensics process as appropriate
Perform Root cause analysis (RCA) for the incidents and update the knowledge management
Works directly with data asset owners and business response plan owners during high severity incidents
Tuning of IDS, proxy policy, in−line malware tools based on threat feeds, trust and reputation data, incidents, or vulnerabilities and exploits of downstream systems
Provide tuning recommendations to administrators based on findings during investigations or threat information reviews
Required Technical and Professional Expertise
Strong Analytical and Problem-Solving Skills
Knowledge of network security zones, Firewall configurations, IDS policies Knowledge of systems communications from Layer 1 to 7
Experience with Systems Administration, Middleware, and Application Administration Experience with Network and Network Security tools administration
Knowledge of log formats and ability to aggregate and parse log data for syslog, http logs, DB logs for investigation purposes
In−depth experience with log search tools and SIEM tools such as Splunk, Arcsight, Mcafee usage of regular expressions and natural language queries
In−depth knowledge of packet capture and analysis
Experience with Security Assessment tools (NMAP, Nessus, Metasploit, Netcat)
Ability to make create a containment strategy and execute
Preferred Technical and Professional Expertise
Intrusion Detection In Depth − SEC503 (GCIA certification) or equivalent
Hacker Techniques, Exploits & Incident Handling − SEC504 (optional GCIH certification) or equivalent
GIAC Continuous Monitoring (optional GMON certification) or equivalent
Advanced digital forensics and Incident Response − FOR 508 (Optional GCFA certification) or equivalent
Computer Forensic Investigation such as Windows Forensic Analysis FOR408 − (Optional GCFE certification)
Perimeter Protection In Depth − SEC502 (optional GCFW certification) Advanced Security Essentials − SEC501 (optional GCED certification)
About Business Unit
IBM's Cloud and Cognitive software business is committed to bringing the power of IBM's Cloud and Watson/AI technologies to life for our clients and ecosystem partners around the world. IBM provides you with the most comprehensive and consistent approach to development, security and operations across hybrid environments-with complete software solutions for business and IT operations, development, data science, security, and management. Our experts and software capabilities help organizations develop applications once and deploy them anywhere, integrate security across the breadth of their IT estate, and automate operations with management visibility. With IBM, you also have access to new skills and methods, governance and management approaches, and a deep ecosystem of industry experts and partners.
Your Life @ IBM
What matters to you when you're looking for your next career challenge?
Maybe you want to get involved in work that really changes the world? What about somewhere with incredible and diverse career and development opportunities - where you can truly discover your passion? Are you looking for a culture of openness, collaboration and trust - where everyone has a voice? What about all of these? If so, then IBM could be your next career challenge. Join us, not to do something better, but to attempt things you never thought possible.
Impact. Inclusion. Infinite Experiences. Do your best work ever.
About IBM
IBM's greatest invention is the IBMer. We believe that progress is made through progressive thinking, progressive leadership, progressive policy and progressive action. IBMers believe that the application of intelligence, reason and science can improve business, society and the human condition. Restlessly reinventing since 1911, we are the largest technology and consulting employer in the world, with more than 380,000 IBMers serving clients in 170 countries.
Location Statement
For additional information about location requirements, please discuss with the recruiter following submission of your application.
Being You @ IBM
IBM is committed to creating a diverse environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, pregnancy, disability, age, veteran status, or other characteristics. IBM is also committed to compliance with all fair employment practices regarding citizenship and immigration status.
IBM
Other Info
Manila City, Metro Manila Quezon City, Metro Manila
Permanent
Full-time
Permanent
Full-time
Submit profile
Ibm
About the company
Ibm jobs
Metro Manila
Position threat response Analyst - l3 recruited by the company Ibm at MetroManila, Quezon, Quezon, Manila, Joboko automatically collects the salary of , finds more jobs on Threat Response Analyst - L3 or Ibm company in the links above
About the company
Ibm jobs
Metro Manila