Introduction
The L1 Threat Analyst is responsible for monitoring security alerts, performing initial triage, and escalating potential security incidents to higher-level analysts.
This role supports continuous security monitoring operations by analyzing alerts from SIEM, EDR, network, and cloud security tools to identify suspicious or malicious activity.
Your role and responsibilities
Monitor security dashboards and alert queues on a 24/7 basis.
Perform initial triage and validation of security alerts to identify false positives and potential threats.
Investigate suspicious events using available security tools, logs, and threat intelligence.
Escalate confirmed or high-risk incidents to L2/L3 analysts according to established procedures.
Document investigations, actions taken, and incident details in ticketing systems.
Follow incident response playbooks and standard operating procedures.
Support continuous improvement by identifying recurring alert patterns and process gaps.
Maintain awareness of current cyber threats, vulnerabilities, and attack techniques.
Required technical and professional expertise
Bachelor's degree in Cybersecurity, Information Technology, or related field (or equivalent experience).
Basic understanding of networking, operating systems, and security concepts.
Familiarity with SIEM, EDR, or security monitoring tools.
Strong analytical and problem-solving skills.
Good written and verbal communication skills.
Ability to work in shift-based operations.
Preferred technical and professional experience
Security certifications such as Security+, CySA+, or equivalent.
Exposure to threat detection, incident response, or SOC operations.
Knowledge of common attack frameworks such as MITRE ATT&CK.
IBM is committed to creating a diverse environment and is proud to be an equal-opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender, gender identity or expression, sexual orientation, national origin, caste, genetics, pregnancy, disability, neurodivergence, age, veteran status, or other characteristics. IBM is also committed to compliance with all fair employment practices regarding citizenship and immigration status.
