Enable job alerts via email!
Senior Security Analyst (SOC Level 3)
Ensign Infosecurity
Kuala Lumpur
On-site
MYR 80,000 - 120,000
Full time
Generate a tailored resume in minutes
Land an interview and earn more. Learn more
Job summary
A leading cybersecurity firm in Kuala Lumpur is seeking a proactive cybersecurity expert to lead high-severity incident response and mentor team members. The ideal candidate holds a Bachelor’s degree and relevant certifications, with 4-6 years of experience in SOC operations and a strong grasp of detection tools. You will be responsible for developing advanced detection use cases and conducting forensic analysis to protect critical systems.
Qualifications
- 4–6+ years of experience in SOC operations or incident response.
- Strongly preferred certifications: GIAC, CISSP, OSCP, or equivalent.
- Excellent analytical and problem-solving skills.
Responsibilities
- Lead high-severity incident response and containment activities.
- Conduct in-depth forensic analysis on endpoints, networks, and logs.
- Develop detection use cases and correlation rules based on threat intelligence.
- Perform proactive threat hunting using SIEM and EDR.
- Mentor L1 and L2 analysts with guidance and training.
Skills
Education
Lead high-severity incident response and containment activities, coordinating with stakeholders across IT and business units.
Conduct in-depth forensic analysis on endpoints, networks, and logs to determine the root cause and impact of security incidents.
Develop advanced detection use cases and correlation rules based on threat intelligence and TTPs (MITRE ATT&CK, etc.).
Perform proactive threat hunting using SIEM, EDR, and threat intel feeds to uncover undetected threats.
Review and fine-tune alerts, playbooks, and automation workflows to reduce false positives and improve SOC efficiency.
Mentor L1 and L2 analysts, providing guidance, training, and quality review of investigations.
Serve as a technical escalation point for complex security issues and investigations.
Contribute to incident post-mortems and provide recommendations to improve security posture and processes.
Collaborate with red/purple teams and engineering to simulate attacks and validate defense effectiveness.
- Education & Certification: Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or related field.
- Strongly preferred certifications: GIAC (GCFA, GCIH, GCIA, GDAT), CISSP, OSCP, or equivalent.
- Experience in SOC operations, incident response, or threat detection, 4–6+ years.
- Deep understanding of security monitoring and detection tools (SIEM, EDR, IDS/IPS, SOAR).
- Hands‑on experience in forensic tools, log analysis, malware analysis, and packet inspection.
- Solid grasp of attacker TTPs, threat modeling, and behavior analytics.
- Familiarity with scripting or automation (Python, PowerShell, Bash).
- Experience with Windows, Linux, and cloud environments (AWS/Azure security monitoring).
- Excellent analytical and problem‑solving skills.
- Ability to lead investigations and influence cross‑functional teams under pressure.
- Experience working in or leading incident response within a 24x7 SOC or MSSP environment.
- Prior involvement in threat hunting or red/purple team collaboration is a strong plus.
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
