Senior Threat Response Analyst (L3)
IBM
Date: 12 hours ago
City: Taguig
Contract type: Full time

Introduction
In this role, you'll work in one of our IBM Consulting Client Innovation Centers (Delivery Centers), where we deliver deep technical and industry expertise to a wide range of public and private sector clients around the world. Our delivery centers offer our clients locally based skills and technical expertise to drive innovation and adoption of new technology.
Your Role And Responsibilities
As a Senior Threat Response Analyst you will be responsible for conducting advanced incident investigations, responding to critical security threats, and driving containment and remediation efforts. The ideal candidate has hands-on experience with multiple security technologies, including SIEM, IDS, APT, and WAF, forensic analysis, and is adept at handling sophisticated cyber threats such as botnets and advanced persistent threats (APTs).
Your Role And Responsibilities
Incident Response and Digital Forensic
Security Domain Experience:
Preferred technical and professional experience
In this role, you'll work in one of our IBM Consulting Client Innovation Centers (Delivery Centers), where we deliver deep technical and industry expertise to a wide range of public and private sector clients around the world. Our delivery centers offer our clients locally based skills and technical expertise to drive innovation and adoption of new technology.
Your Role And Responsibilities
As a Senior Threat Response Analyst you will be responsible for conducting advanced incident investigations, responding to critical security threats, and driving containment and remediation efforts. The ideal candidate has hands-on experience with multiple security technologies, including SIEM, IDS, APT, and WAF, forensic analysis, and is adept at handling sophisticated cyber threats such as botnets and advanced persistent threats (APTs).
Your Role And Responsibilities
Incident Response and Digital Forensic
- Provide incident investigation as per Security Incident Management Process / Guidelines.
- Drive containment strategy during incidents escalated by the triage team.
- Investigate and resolve advanced vector attacks such as botnets and advanced persistent threats (APTs).
- For critical incidents, be part of CSIRT activities and execute the incident handling process.
- Coordinate with IT, security operations, and other teams for remediation and trigger forensic processes as appropriate.
- Perform Root Cause Analysis (RCA) for security incidents and update knowledge management.
- Work directly with data asset owners and business response plan owners during high-severity incidents.
- Engage with clients during debrief meetings to address questions, gather feedback, and align on security objectives.
- Provide tuning recommendations for IDS, proxy policies, and in-line malware tools based on threat feeds, trust and reputation data, incidents, or vulnerabilities and exploits of downstream systems.
- Provide tuning recommendations to administrators based on findings from investigations or threat information reviews.
- Prepare and deliver comprehensive weekly and monthly Threat Incident debrief reports for clients, including insights on security trends, incidents, system performance, and recommendations.
Security Domain Experience:
- More than five years of experience in SOC, Incident Response, or Threat Hunting roles.
- Hands-on experience with SIEM platforms such as IBM QRadar, Splunk, ArcSight, Microsoft Sentinel, or LogRhythm.
- Strong knowledge of network security, log analysis, malware analysis, and forensic investigation techniques.
- Knowledge of Digital Forensics, including disk imaging, memory forensics, log analysis, and evidence handling best practices.
- Familiarity with cyber threat intelligence frameworks like MITRE ATT&CK, NIST, and CIS.
- Expertise in network and endpoint security monitoring tools (IDS, firewalls, EDR, proxy, email security solutions).
- Proficiency in log analysis, regular expressions (regex), and scripting languages like Python or PowerShell.
- Ability to create custom threat detection rules, SIEM dashboards, and correlation policies.
- Knowledge of packet capture and traffic analysis tools (Wireshark, Zeek, TCPDump).
- Familiarity with incident response methodologies and forensic investigation procedures.
- Strong analytical and problem-solving abilities with keen attention to detail.
- Excellent communication and collaboration skills, with the ability to interact effectively with stakeholders at all levels.
- Capable of managing multiple priorities in a fast-paced, dynamic environment.
Preferred technical and professional experience
- GIAC Certified Incident Handler (GCIH)
- GIAC Certified Forensic Analyst (GCFA) or GIAC Certified Forensic Examiner (GCFE) (Preferred for Digital Forensics)
- Certified Ethical Hacker (CEH)
- Certified SOC Analyst (CSA)
- Security+ / CISSP / CISM
- SIEM-Specific Certifications (IBM QRadar, Splunk, etc.)
How to apply
To apply for this job you need to authorize on our website. If you don't have an account yet, please register.
Post a resumeSimilar jobs
SAP ABAP/BW Software Engineer
Procter & Gamble,
Taguig
13 hours ago
Job LocationMANILA NET PARK OFFICEJob DescriptionAs a Junior SAP Software Engineer, you will join our dynamic development team to support the design, development, and implementation of SAP solutions. This role is ideal for recent graduates or individuals with some professional experience in SAP environments (1-5 years). You will work under the guidance of senior engineers and contribute to various projects...

Accounts Receivable Specialist | Hybrid
HR TechX Corp.,
Taguig
2 days ago
We are seeking a detail-oriented and proactive Accounts Receivable Specialist to manage and maintain the companys incoming payments and ensure accurate and timely invoicing and collections. This role will play a critical part in the financial operations of the company, supporting cash flow management and customer relationship functions.Qualifications:2-3 years of experience as an Accounts Receivable SpecialistOpen to work with either...

Team Leader - US
HelloConnect,
Taguig
2 days ago
About UsHelloConnectHelloConnect is a subsidiary of HelloFresh, founded to address years of challenges faced in its own customer care. Leveraging our extensive experience in developing customer care tailored to the immediate needs of HelloFresh, our solutions are hyper-focused on serving high-growth companies. Located in Manila, Philippines, we are now making this service available to other companies to benefit from our...
