Search by job, company or skills

I

L3 Threat Response Analyst

IBM
Taguig, Philippines
5-7 Years
Save
new job description bg glownew job description bg glownew job description bg svg
  • Posted an hour ago
  • Be among the first 10 applicants
Early Applicant

Job Description

Introduction

A career in IBM Consulting is built on long-term client relationships and close collaboration worldwide. You'll work with leading companies across industries, helping them shape their hybrid cloud and AI journeys. With support from our strategic partners, robust IBM technology, and Red Hat, you'll have the tools to drive meaningful change and accelerate client impact. At IBM Consulting, curiosity fuels success. You'll be encouraged to challenge the norm, explore new ideas, and create innovative solutions that deliver real results. Our culture of growth and empathy focuses on your long-term career development while valuing your unique skills and experiences.

Your Role And Responsibilities

As a Senior Threat Response Analyst you will be responsible for conducting advanced incident investigations, responding to critical security threats, and driving containment and remediation efforts. The ideal candidate has hands-on experience with multiple security technologies, including SIEM, IDS, APT, and WAF, forensic analysis, and is adept at handling sophisticated cyber threats such as botnets and advanced persistent threats (APTs).

Your Role And Responsibilities

Incident Response and Digital Forensic

  • Provide incident investigation as per Security Incident Management Process / Guidelines.
  • Drive containment strategy during incidents escalated by the triage team.
  • Investigate and resolve advanced vector attacks such as botnets and advanced persistent threats (APTs).
  • For critical incidents, be part of CSIRT activities and execute the incident handling process.
  • Coordinate with IT, security operations, and other teams for remediation and trigger forensic processes as appropriate.
  • Perform Root Cause Analysis (RCA) for security incidents and update knowledge management.
  • Work directly with data asset owners and business response plan owners during high-severity incidents.

Client Management

  • Engage with clients during debrief meetings to address questions, gather feedback, and align on security objectives.
  • Provide tuning recommendations for IDS, proxy policies, and in-line malware tools based on threat feeds, trust and reputation data, incidents, or vulnerabilities and exploits of downstream systems.
  • Provide tuning recommendations to administrators based on findings from investigations or threat information reviews.
  • Prepare and deliver comprehensive weekly and monthly Threat Incident debrief reports for clients, including insights on security trends, incidents, system performance, and recommendations.

Preferred Education

Bachelor's Degree

Required Technical And Professional Expertise

Security Domain Experience:

  • More than five years of experience in SOC, Incident Response, or Threat Hunting roles.
  • Hands-on experience with SIEM platforms such as IBM QRadar, Splunk, ArcSight, Microsoft Sentinel, or LogRhythm.
  • Strong knowledge of network security, log analysis, malware analysis, and forensic investigation techniques.
  • Knowledge of Digital Forensics, including disk imaging, memory forensics, log analysis, and evidence handling best practices.
  • Familiarity with cyber threat intelligence frameworks like MITRE ATT&CK, NIST, and CIS.
  • Expertise in network and endpoint security monitoring tools (IDS, firewalls, EDR, proxy, email security solutions).
  • Proficiency in log analysis, regular expressions (regex), and scripting languages like Python or PowerShell.
  • Ability to create custom threat detection rules, SIEM dashboards, and correlation policies.
  • Knowledge of packet capture and traffic analysis tools (Wireshark, Zeek, TCPDump).
  • Familiarity with incident response methodologies and forensic investigation procedures.

Soft Skills

  • Strong analytical and problem-solving abilities with keen attention to detail.
  • Excellent communication and collaboration skills, with the ability to interact effectively with stakeholders at all levels.
  • Capable of managing multiple priorities in a fast-paced, dynamic environment.

Preferred Certifications

Preferred technical and professional experience

  • GIAC Certified Incident Handler (GCIH)
  • GIAC Certified Forensic Analyst (GCFA) or GIAC Certified Forensic Examiner (GCFE) (Preferred for Digital Forensics)
  • Certified Ethical Hacker (CEH)
  • Certified SOC Analyst (CSA)
  • Security+ / CISSP / CISM
  • SIEM-Specific Certifications (IBM QRadar, Splunk, etc.)

More Info

Job Type:
Permanent Job
Industry:
Other
Function:
Cybersecurity
Employment Type:
Full time

About Company

IBM

Job ID: 147092591

Jobs by Skill - IT
Jobs by Skill - Non IT
Jobs By Industry
International Jobs
Last Updated: 08-05-2026 04:11:45 PM
Homejobs in TaguigL3 Threat Response Analyst

Similar Jobs

Network Engineer Tier 2

Css Corp

Consulting_Cyber Detection & Response Service Delivery Specialist

Ernst & Young

Incident Response Specialist – Global Cyber Security Operations

create synergies inc.

Senior IT Consultant Security Operations Center - CTBC

Continental

Mid Systems Engineer at Urgent

Ncs
N