(A)SOC Security Analyst T1

About the job (A)SOC Security Analyst T1

Headcount: 8
6 Months contract (Renewal of the contract is subject to performance)
Location: KL Sentral.

Open race, open gender

Job Purpose:
Perform initial triage, investigation, and escalations. Investigate alerts and provide details for incident response teams to defend its assets with clear vision and situational awareness in a persistent, dynamic, and highly complex threat environment.

Key Responsibilities:

1. 24*7*365 triage, analysis, and response to notable events & security alerts (including reported incidents via email or phone).
2. Monitor on-boarded events and logs from critical applications, critical servers, and databases (per asset priority framework), network-based intrusion detection systems, endpoints, email, firewall, and proxy servers, for potential security incidents and threats.
3. Assess the security impact of security alerts and traffic anomalies to identify malicious activities and take mitigation actions or escalate to senior members of the team as appropriate.
4. Leverage fundamental understanding of Operating Systems (Windows, Unix/Linux, and OSX) in support of identifying security incidents and to have a proper overview of risk profile.
5. Execute analysis of email-based threats to include understanding of email communications, platforms, headers, transactions, and identification of malicious tactics, techniques, and procedures.
6. Utilize and adhere to defined workflow and processes driving the Threat Monitoring and escalation/handoff actions.
7. Analyze potential cyber threats from a variety of intakes taking appropriate response actions to include threat containment and/or escalations.
8. Process tactical mitigations based on results of analysis and determination of threat validity.
9. Follow escalation and handoff procedures to team members and leadership based on defined threat and priority determination.
10. Utilize a variety of security tools and technologies to analyze potential threats to determine impact, scope, and recovery.
11. Leverage network security tools and capabilities to support Cyber Threat Monitoring activities.
12. Document results of cyber threat analysis effectively and prepare comprehensive handoff and/or escalation for Incident Responses or other teams within the SOC.

Job Specification:
Qualification: Bachelor's Degree or Professional Qualification in the relevant discipline (IT / Computer Science).
Professional Qualification and/or Regulatory, Licensing: Security certifications e.g., CISSP, EC-Council, SANS, etc. are preferred.