Security Analyst

JOB DESCRIPTION

• Reporting to the Manager of IT Security Engineering
• Conduct incident response operations according to documented procedures and industry best practices
• Perform monitoring and investigation of security events using multiple tools such as log management solutions, SIEM, SOAR, UEBA and security devices.
• Actively investigate the latest security vulnerabilities, advisories, incidents and penetration techniques and notify stakeholders when necessary
• Perform vulnerability scanning via automated tools to identify potential risk exposures and attack vectors across the organization’s networks, hardware, software, and systems
• Participate in security incident response efforts by maintaining an in-depth knowledge of common attack vectors, common security exploits, and countermeasures. Responds to all information security relevant events
• Identify abnormal security events and respond to cyber intrusions through log review and analysis of the relevant event detail information
• Analyze and assess security incident and escalate to appropriate internal teams for additional assistance
• Analyze potential threats and recommend remediation activities required based on security objectives and knowledge of overall risk of asset
• Reviews and optimizes indicators of compromise (IOCs) and event rules.
• Perform threat hunting based on inputs from CTI.
• Evaluate threats from state actors, non-state actors, cyber criminals and activists and provide feedback on detection indicators and intruder tactics, techniques and procedures
• Develop and follows procedures to manage the security incident and information for the potential of conducting forensics and evidence control.

JOB REQUIREMENTS

• Malaysian citizen.
• Pass Malay Language including oral test at Sijil Pelajaran Malaysia (SPM) level
• Possess a Bachelor's degree in Computer Science, Information Systems/Technologies (IS/IT) or equivalent qualification from accredited higher learning institutions.
• At least 4-6 years of IT Security Analyst, SOC relevant work experience.
• Strong analytical skills and ability to work together in a team environment
• Understanding of common network traffic i.e. TCP/IP, network traffic, network protocols, network devices and multiple operating system
• Technical knowledge of mainstream operation system and wide range of security technologies such as network and endpoint security solutions
• Ability to multitask in fast paced dynamic environment
• Ability to see a task through from assignment to completion with minimal supervision
• Knowledge in information security frameworks, standards, and compliance requirements, i.e. ISO/IEC 27001
• Excellent written and verbal communication skills in English and BM
• Willingness to learn and share any information
• Experience in a banking environment is an added advantage
• Credential from a cybersecurity certification such as GCIH, Security+ and First Responder is an added advantage

JOB STATUS

Permanent

All applications are strictly CONFIDENTIAL and only shortlisted candidates will be called in for interview. Applications are deemed UNSUCCESSFUL if there is no feedback from the EPF 2 MONTHS after the closing date of the advertisement.