Level 2 Threat Triage Analyst
ibm
HAMPSHIRE, UK
8d ago

Level 2 Threat Triage Analyst

Job DescriptionThe Threat Triage Analyst role is part of the SIOC team. Candidates in this role will respond to events according to documented procedures and industry best practices.

Ideal candidates should be experienced in the areas of networking, client / server technologies, and log file analysis , with the ability to identify false positive and true positive events.

Must have experience in Linux and Windows operating systems. Candidates in this role may also be required to follow the incident response plan and assist SIOC Response Analysts when necessary.

Must display enthusiasm for and interest in Information Security.Standard Job Requirements

  • Provide initial investigation of security incidents
  • Provide communication and escalation throughout the incident per the CSIRT guidelines or internal process or procedure
  • Communicates directly with data asset owners and business response plan owners during high severity incidents
  • Hunting for suspicious anomalous activity based on data alerts or data outputs from various toolsets
  • Perform analysis of log files
  • Takes an active part in the containment of incidents, even after they are escalated
  • Escalating issues when necessaryRequired Technical and Professional ExpertiseTechnical Competencies
  • Knowledge of network security zones, firewall, IDS
  • Knowledge of log formats for syslog, http logs, DB logs and how to gather forensics for traceability back to event
  • Knowledge of packet capture and analysis
  • Experience with log management or security information management tools
  • Experience with Security Assessment tools (NMAP, Nessus, Metasploit, Netcat)
  • Ability to make information security risk determinations
  • Effective verbal and written communication skillsPreferred Tech and Prof ExperienceTraining, Qualifications, and CertificationsPreferred : Security EssentialsIntrusion Detection In Depth Recommended : Hacker Guard : Security Baseline TrainingAdvanced Security Essentials Hacker Techniques, Exploits & Incident Handling EO StatementIBM is committed to creating a diverse environment and is proud to be an equal opportunity employer.
  • All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status.

    IBM is also committed to compliance with all fair employment practices regarding citizenship and immigration status.

    Job Description

    team. Candidates in this role will respond to events according to documented procedures and industry best practices. Ideal candidates should be experienced in the areas of networking, client / server technologies, and

    with the ability to identify false positive and true positive events. Must have experience in Linux and Windows operating systems.

    Candidates in this role may also be required to follow the incident response plan and assist

    Response Analysts when necessary. Must display enthusiasm for and interest in Information Security.

    Standard Job Requirements

    Required Technical and Professional Expertise

    Technical Competencies

    Preferred Tech and Prof Experience

    Training, Qualifications, and Certifications

    Preferred : Recommended :

    Recommended :

    Apply
    Add to favorites
    Remove from favorites
    Apply
    My Email
    By clicking on "Continue", I give neuvoo consent to process my data and to send me email alerts, as detailed in neuvoo's Privacy Policy . I may withdraw my consent or unsubscribe at any time.
    Continue
    Application form