Security Operations Center Analyst L2

Job Description – Cybersecurity Analyst

Team: Monitoring/Support

Designation: Cyber Security Analyst

Job Role: Monitor and detect security alerts while supporting Microsoft security and compliance technologies based on customer requirements and industry knowledge.

Experience: Minimum 3 to 5 years of experience working in a Security Operation Centre, focusing on monitoring, detecting, and analyzing security solutions.

Job Location: Cyberjaya, Selangor, Malaysia

Shifts: The resource will work from the office (mandatory) in a 24x7x365 rotational shift.

Role: The Cybersecurity Analyst will report to the DFIR Lead or SOC Manager as part of the Cyber Defence Center at vCyberiz office in Bangalore. The primary functions are to monitor, detect, analyze security alerts, and provide resolutions based on alert diagnosis.

Responsibilities:

• Perform health checks on security solutions regularly to help detect incidents before impact.
• Monitor system resources and resolve issues related to security incidents, emails, changes, and problem tickets.
• Provide inputs to technical documents based on repeat incidents and assist SMEs during problem resolution.
• Troubleshoot security-related service issues as they occur and conduct follow-up reviews.
• Follow Incident, Request, Problem, Change, and Access Management processes based on ITIL and our IT-service management tools.

Experience: Experience in designing, implementing, supporting, and delivering security solutions such as Microsoft Security and Compliance solutions (e.g., M365 Defender for Endpoint, Defender for Cloud, MS Purview, MS Entra, Sentinel SIEM, DLP, Email and Web Security, Spam filtering, Vulnerability Scanning).

Requirements:

• Good experience with Microsoft Security and Compliance (Mandatory).
• Experience with Sentinel SIEM.
• Understanding of ticket management and service requests, with experience implementing solutions for global customers.
• Knowledge of Security Operations and Service Delivery.
• Familiarity with at least one Enterprise Ticketing system such as ServiceNow.
• Understanding of ITIL v4 processes supporting Security Solutions and Service Delivery.

Qualifications (Mandatory):

• Engineering Degree in Computer Science or a Technical Degree with certifications in IT or Information Security.
• Excellent English communication skills.

Additional Qualifications:

• Cisco certifications such as CCNA.
• Technical certifications such as SC-200, SC-100, SC-400, AZ-900.

Skills and Abilities:

• Proficiency in English; knowledge of other languages is a plus.
• Good cross-cultural communication skills.
• Ability to lead a team of security specialists and analysts.
• Ability to interact with various teams and customers.
• Team player and quick learner.
• Proactive in sharing best practices and suggesting improvements.
• Ability to escalate operational issues when necessary.
• Willingness to work in 24x7 shifts.

Performance Criteria:

• The Security Delivery team meets the agreed Service Level Agreements with customers.
• Maintain up-to-date Service Delivery documentation.

Skills include security operations, enterprise ticketing systems (ServiceNow), Cisco certifications (CCNA), service delivery, Microsoft security and compliance, threat analysis, cybersecurity, vulnerability scanning, team leadership, problem management, security solutions implementation, ticket management, MS Purview, web security, Microsoft 365 Defender for Endpoint, access management, incident management, security solutions delivery, threat intelligence, MS Entra, email and web security, ITIL v4, email security, cross-cultural communication, request management, DLP, Defender for Endpoint, technical certifications, spam filtering, threat & vulnerability management, change management.