Introduction
About the Team
The Security Operations Center has a global footprint within IBM and is responsible for monitoring 24x7 monitoring and incident response. As a part of this team, you will be working with other likeminded security professionals in order to secure and protect IBM employees, systems and environments (such as IBM Cloud) against emerging cybersecurity threats.
Your role and responsibilities
As an Entry‑Level Cybersecurity Analyst, you’ll join IBM’s global Security Operations Center (SOC), a 24x7 team dedicated to detecting and responding to cybersecurity threats. You’ll help protect IBM employees, systems, and environments—including IBM Cloud—by monitoring security alerts, investigating suspicious activity, and supporting incident response efforts.
This role is ideal for motivated fast learners who are passionate about cybersecurity, eager to grow, and ready to work in a fast‑paced environment. You’ll collaborate with experienced analysts, learn industry‑standard tools, and build the foundational skills needed for a long‑term career in security operations.
Shifts may include daytime, evening, or overnight including weekend hours to support the SOC’s 24x7 mission.
Required technical and professional expertise
0-2 years of experience in information security or related IT fields
Basic understanding of:
Security operations, incident response, or threat analysis
Cloud computing and network fundamentals
Security frameworks such as NIST, MITRE ATT&CK, or FEDRAMP
Familiarity with SIEM platforms and log analysis
Exposure to EDR tools or endpoint investigations
Strong written and verbal communication skills
High integrity, professionalism, and ability to handle sensitive information
Ability to work collaboratively in a team environment
High School Diploma or GED
Relevant entry‑level certifications (e.g., Security+, CYSA+, Google Cybersecurity)
Preferred technical and professional experience
Hands‑on experience in a SOC or IT security environment
Strong understanding of networking or firewall concepts
Experience with scripting or programming
Familiarity with SIEM tools (e.g., QRadar)
Experience with EDR platforms such as CrowdStrike, Microsoft Defender, or Carbon Black
Exposure to cloud platforms (AWS, Azure, IBM Cloud)
Knowledge of virtualization (VMware, Hyper‑V) or container technologies (Kubernetes)
Interest in purple teaming or adversary simulation
Basic Windows, Linux, or Mac system administration or forensics
Bachelor’s degree in Cybersecurity, Computer Science, or related field
Advanced certifications (e.g., GCIH, GCIA, GMON, OSCP, CASP, CISSP)
IBM is committed to creating a diverse environment and is proud to be an equal-opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender, gender identity or expression, sexual orientation, national origin, caste, genetics, pregnancy, disability, neurodivergence, age, veteran status, or other characteristics. IBM is also committed to compliance with all fair employment practices regarding citizenship and immigration status.