1. Home
  2. L2 SecOps - Threat Triage & Response Ops

Offers “IBM”

Expires soon
IBM

L2 SecOps - Threat Triage & Response Ops

  • Taguig, PHILLIPINES
Apply Now

Job description

Introduction
Information and Data are some of the most important organizational assets in today’s businesses. As a Security Consultant, you will be a key advisor for IBM’s clients, analyzing business requirements to design and implement the best security solutions for their needs. You will apply your technical skills to find the balance between enabling and securing the client's organization with the cognitive solutions that are making IBM the fastest growing enterprise security business in the world.

Your Role and Responsibilities
The L2 SecOps Analyst, Triage and Response role is part of the SOC.
·  Accept escalations from Monitoring and provide initial investigation of security incidents.
·  Application of contextual data (criticality, device grouping, existing vulnerabilities)
·  Provide communication and escalation throughout the incident per the Security Incident Management guidelines.
·  Communicates directly with data asset owners and business response plan owners during high severity incident
·  Provides feedback to Threat Monitoring team.
·  Perform analysis of log files for security incidents
·  Takes an active part in the containment of incidents, even after they are escalated.

Required Technical and Professional Expertise

·  Knowledge of network security zones, firewall, IDS
·  Ability to contextualize data from multiple SIEM tools
·  Knowledge of log formats for syslog, http logs, DB logs and how to gather forensics for traceability back to event, kledge of packet capture and analysis
·  Experience with log management or security information management tools
·  Ability to make information security risk determinations

Preferred Technical and Professional Expertise

·  Security Essentials – SEC401 (GSEC certification) or equivalent
·  Advanced Security Essentials – SEC501 (optional GCED certification)
·  Advanced digital forensics and Incident Response - FOR 508 (Optional GCFA certification)
·  Hacker Techniques, Exploits & Incident Handling – SEC504 (optional GCIH certification

Make every future a success.
  • Job directory
  • Business directory
    •