Security Analyst L2

As Architects of Change, Logicalis' focus is to design, support and execute clients' digital transformation by uniting their vision with their technology expertise and industry insights. The company, through its deep understanding of key IT industry drivers such as security, cloud, data management and IoT, can address customer priorities such as revenue growth and business, operational efficiency, innovation, risk and compliance, data governance and sustainability.

We strengthen our purpose: to design, support, and execute our customers' digital transformation by converging their vision with our technological expertise and knowledge of the industry. The brand refresh underpins both the evolution of Logicalis’ positioning as well as our strategic vision for growth.

Accountabilities:

• Work in 24x7 shift environment to handle security incidents and provide level two (L2) support during analysis & investigations to identify the root cause.
• Provide detailed remediation recommendation to customers for the incidents within agreed SLAs, and if required assist them during remediation implementation.
• Execute SOC playbooks, knowledge base to minimize the security incident impact and perform detailed investigation on the infected assets.
• Escalate critical incidents to 3rd level support team, for further analysis & investigations, and demonstrate excellent collaboration skills for timely resolution to minimize impact to customers.
• Review 3rd party threat intel feeds and integrate them into MSS platforms to provide value to our customers.
• Prepare SOC monthly reports, which includes customization based on business requirements and present them to customers during monthly meetings, highlighting risks and mitigation plans.
• Enable regional L1 Security Analysts to deliver seamless L1 support by developing SOC playbooks, relevant and sufficient knowledge base.

The Individual and their Experience:

• Candidate should have at least 3 years of experience working in SOC and MSS environments, with a Bachelor’s degree in Computer Science/IT/Information security.
• Excellent hands-on experience on incident analysis using SIEM platforms such as Microsoft Sentinel, IBM QRadar.
• Hands on experience on any Endpoint Protection (EPP) or Endpoint Detection Response (EDR) technologies. Preferred if Microsoft Defender, CrowdStrike.
• Exposure to firewall technologies such as Cisco, Palo Alto, Checkpoint, Fortinet.
• Good understanding of WIN, LINUX environments and well versed with basic LINUX commands and troubleshooting, with a proven Unix (Solaris, Linux, BSD) experience.
• Knowledge on any shell scripting language, and to apply them to automate mundane operations tasks.
• Candidate should have at least one cybersecurity industry certification such as CEH, CHFI.
• Good understanding of basic network concepts and advantage if exposure to cloud technologies.
• Lateral thinking combined with excellent troubleshooting skills, preferably with experience following ITIL standards

If you’re interested in career opportunities, but not ready to apply, join our Talent Network to stay connected to us and receive updates on the latest job opportunities and company news.