Specialists - L1 SOC Analyst

As a L1 SOC Analyst, you'll work as part of a team of problem solvers, helping to solve complex business issues from strategy to execution. PwC Professional skills and responsibilities for this management level include but are not limited to:

• Monitor for newly triggered alerts. Also look for alerts not yet marked as Open or Closed.
• Collect more information to support the theory of the alerts under assessment.
• Correlate alerts with other security devices.
• Investigate the impact of the alerts.

• Participating in shift handover process.
• Conducting shift handover.
• Preparing shift handover report.
• Communicating shift handover information to next shift personnel.

• Monitor and investigate if logs are not flowing to SIEM. Reach out to the Server owner; generate a list and work on the list. Report the ones resolved, and the method used.
• Linux – Syslogs – get in touch with server owner.
• Windows – check for permission, user status (disabled/activated), password expiry (local user). User ID for windows collections is Irsvrcollector.

• Attend to Jira tickets sent to the client. Respond to inquiries or forward the ticket to the respective group/team.
• Detect and report ticket with log parser issue to Infra/SIEM Engineer.
• Detect and report ticket with False Alarm to Infra/SIEM Engineer.

Authorised to review and analyse alerts generated by security tools and systems.

Empowered to escalation potential security incidents to higher-level analysts (L2 or L3) based on predefined criteria.

• Degree or diploma in Computer Science, Information Security, or related field.
• 0-1 year of experience in the area of Cybersecurity, SOC or Surveillance.
• Certifications (optional but beneficial).
• Offensive mindset is a plus.
• Willing to uplift threat hunting skill as part of career development.
• Basic understanding of networking concepts (e.g. TCP/IP, DNS, HTTP, etc.).
• Familiarity with operating systems (e.g. Windows, Linux).
• Knowledge of security and operational tools such as: Firewalls and IDS/IPS systems.
• Familiarity with ticketing and workflow tools (e.g. Jira) is a plus.
• Strong communication skills (English is a must, Cantonese is a plus) – ability to document incidents and elevate appropriately.
• Attention to detail – crucial for identifying anomalies in logs and alerts.
• Team collaboration – working with other SOC tiers and cybersecurity teams.
• Willingness to work in shifts – SOC often operate 24/7.

Your application will include the following questions:

• Which of the following statements best describes your right to work in Malaysia?
• What's your expected monthly basic salary?
• Which of the following types of qualifications do you have?
• How many years' experience do you have as a Security Operations Centre Analyst?
• Which of the following languages are you fluent in?

At PwC, our purpose is to build trust in society and solve important problems. It is this focus which forms the services we provide and the decisions we make.