Cyber Threat Analyst - Global Threat Operations

Cyber Threat Analyst LevelBlue reduces risk and builds lasting resilience so organizations can innovate and advance their mission with confidence. As the world's most analyst-recognized and largest pure-play managed security services provider, LevelBlue elevates client outcomes that matter: stronger defense, faster response, and sustained business continuity. LevelBlue combines AI-powered security operations, advanced threat intelligence, and elite human expertise to provide the most comprehensive portfolio of strategic advisory, managed security, offensive security, and incident response services. This position will cover US business hours (the person needs to be flexible with days/times). The Cyber Threat Analyst is a member of the Global Threat Operations (GTO) team within LevelBlue Managed Security Services (MSS). In addition to possessing technical knowledge, a Threat Analyst interacts extensively with customers and partners using polite, professional etiquette. Cyber Threat Analysts perform the following duties:

• Use strong TCP/IP networking skills to perform network analysis and understand detected threats.
• Analyze and respond to security events from firewalls, IDS, IPS, SIEM, Web Application Firewall (WAF) and other security data sources within documented SLA.
• Respond within service level agreement (SLA) standards to customer tickets and threats requiring incident notification.
• Tune devices for blocking and reporting based on customer business need.
• Use effective written and verbal communication skills to interact with customers and internal resources in a polite, positive, and professional manner.
• Take responsibility for customer satisfaction and overall success of managed services.
• Respond to needs and questions of customers concerning their managed services, managed devices and detected threats.
• Adhere to policies, procedures, and security best practices.
• Resolve problems independently and understands the correct escalation procedures.

Skills & Knowledge Requirements: Must have basic proficient skills/knowledge in some of the following:

• Information security best practices & network security architecture
• Current events in Cyber Security and associated patching and remediation efforts
• Unix / Linux operating systems
• TCP/IP networking
• Sourcefire/Snort based security products
• IP Tables/Packet filter firewalls
• Scanning technologies
• Log collection and analysis tools

Desired experience:

• Information security, web server administration, or networking
• Excellent customer service skills
• Excellent analytical thinking and problem solving skills
• Strong oral and written communication skills
• Self-managed and team oriented
• Deadline and detail oriented
• Highly motivated

Required:

• English: Demonstrated Fluency

Preferred:

• Certified in Security related Industry, Vendor or Professional Certification- GCIA, GCIH, Security+, OSCP, or CEH preferred.

Education:

• A high school diploma or equivalent is required; a college or university degree is a plus.

This role is open to candidates legally authorized to work in the Philippines. At LevelBlue, including teams that previously operated as Trustwave, we support flexible work and bring people together in person for key moments based on role, team, and business needs. LevelBlue is committed to a culture of respect, inclusion, and equal opportunity. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status, age, or any other status protected under applicable law. To all agencies: Please do not contact LevelBlue employees outside of the Talent Acquisition team. LevelBlue's policy is to only accept resumes from agencies through its approved agency process and with a valid agreement in place. Any resume submitted outside this process will be considered the property of LevelBlue, and no fee will be paid if a candidate is hired from such a submission.