Enable job alerts via email!
Cyber Security Engineer
RHB Banking Group
Selangor
On-site
MYR 80,000 - 120,000
Full time
Job summary
A leading banking institution in Malaysia is seeking a Cyber Threat Tier 3 SME for its Cyber Threat team. This role involves mentoring the SOC team and requires significant experience in information security, incident response, and the ability to analyze complex cybersecurity threats. Proficiency with SIEM solutions and knowledge of the Mitre Attack framework are essential. The position involves maintaining compliance, developing use cases, and performing threat hunting to protect the bank's IT infrastructure.
Qualifications
- 4 - 5 years of information security experience.
- 1 - 2 years supporting incident response.
- Experience with threat models.
Responsibilities
- Maintain SIEM solutions ensuring compliance.
- Perform threat hunting using accepted methodologies.
- Develop SIEM use cases based on the Mitre Attack framework.
Skills
Tools
Job description
To be part of the Cyber Threat team, serve as a Tier 3 SME, and mentor the SOC team. This role requires continuous detection, analysis, investigation, response, and mitigation of advanced threats before they affect the bank's IT infrastructure, utilizing a proven and documented cyber threat model, e.g., Mitre Attack Framework.
- 4 - 5 years of information security experience
- 1 - 2 years supporting incident response and/or investigations
- Experience reviewing and assessing logs for anomalous activity indicating threats
- Knowledge of threat actor attack methods and tracking their developments
- Experience with Threat Models such as Cyber Kill Chain & Mitre ATT&CK
- Ability to convey complex information clearly and succinctly
- Exceptional attention to detail
- Strong technical writing skills
- Extensive experience with analytical tradecraft
- Thorough understanding of cybersecurity principles
- Ability to work independently and build relationships
- Efficient research methodologies
- Ability to relate technical threats to business risks
- Proficiency with scripting and programming languages (e.g., Python, PowerShell, Java, NodeJS, Perl)
- Strong communication and writing skills for reporting and analysis
- Maintain SIEM solutions like Splunk, Imperva, etc., ensuring compliance with patch and obsolescence frameworks
- Ensure complete and accurate log and event data from all relevant devices
- Produce monthly SIEM health reports
- Perform threat hunting using industry-accepted methodologies (e.g., hypothesis-driven, IOC-driven, machine learning)
- Analyze host, network traffic, IDS/IPS/DLP events, packet captures, firewall logs, and other security solutions
- Provide forensic analysis of network packets, DNS, proxy, NetFlow, malware, host security, and application logs
- Identify infrastructure gaps by mimicking attacker behaviors
- Perform offensive validation of identified TTPs
- Develop SIEM use cases based on the Mitre Attack framework
- Onboard use cases to SOC for 24/7 monitoring and response
- Update IOC lists in threat prevention solutions
- Improve detection processes for efficiency
- Create dashboards and reports to identify threats and anomalies
- Assist in designing and implementing new security technologies
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
job faster
Follow us
