(A) Security Analyst Level 2

Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia

Accountabilities:

• Work in 24x7 shift environment to handle security incidents and provide level two (L2) support during analysis & investigations to identify the root cause.
• Provide detailed remediation recommendation to customers for the incidents within agreed SLAs, and if required assist them during remediation implementation.
• Execute SOC playbooks, knowledge base to minimize the security incident impact and perform detailed investigation on the infected assets.
• Escalate critical incidents to 3rd level support team, for further analysis & investigations, and demonstrate excellent collaboration skills for timely resolution to minimize impact to customers.
• Review 3rd party threat intel feeds and integrate them into MSS platforms to provide value to our customers.
• Prepare SOC monthly reports, which includes customization based on business requirements and present them to customers during monthly meetings, highlighting risks and mitigation plans.
• Enable regional L1 Security Analysts to deliver seamless L1 support by developing SOC playbooks, relevant and sufficient knowledge base.

The Individual and their Experience:

• Candidate should have at least 3 years of experience working in SOC and MSS environments, with a Bachelor’s degree in Computer Science/IT/Information security.
• Excellent hands-on experience on incident analysis using SIEM platforms such as Microsoft Sentinel, IBM QRadar.
• Hands on experience on any Endpoint Protection (EPP) or Endpoint Detection Response (EDR) technologies. Preferred if Microsoft Defender, CrowdStrike.
• Exposure to firewall technologies such as Cisco, Palo Alto, Checkpoint, Fortinet.
• Good understanding of WIN, LINUX environments and well versed with basic LINUX commands and troubleshooting, with a proven Unix (Solaris, Linux, BSD) experience.
• Knowledge on any shell scripting language, and to apply them to automate mundane operations tasks.
• Candidate should have at least one cybersecurity industry certification such as CEH, CHFI.
• Good understanding of basic network concepts and advantage if exposure to cloud technologies.
• Lateral thinking combined with excellent troubleshooting skills, preferably with experience following ITIL standards