GT ITS-SOC-Security Analytics
C ybersecurity focused on the analysis of data to produce proactive security measures to monitor security or cyber threat could be used to identify indicators of compromise before an actual threat occurs. It also implements a wide variety of use cases, from user behavior monitoring to network traffic analysis. Key Responsibilities *
- Manage and coordinate SIEM Engineering Platforms, ensuring that prevention, detection and response capabilities setup is maximized, as well as operate as expected.
- Coordinate Cyber Security Engineering Platforms maintenance and support, with vendors, to ensure uptime and performance is as per defined and compliant with SLAs.
- Support Threat Management and Incident Response to ensure the company has the right technologies and controls established to maximize Threat Monitoring and Incident Response capabilities.
- Coordinate implementation of SIEM Use Cases in Security and Threat Monitoring solutions, to maximize detection capabilities.
- Drive implementation and improve the automation and orchestration framework, building automated playbooks from Detection to Protect or Respond functionalities.
- Coordinate solutions integration between the company and vendor's technologies, to enhance Protection, Threat Monitoring or Incident Response capabilities, along with orchestration of those solutions.
- Support Threat Intel and Incident Response teams to given an identified Vulnerability, Threat or Risk, maximize the capabilities to Protect, Detect or Respond against those. Coordinate the implementation of any needed changes with our vendors, as a response of those identified Vulnerabilities, Risks or Threats.
- Lead the development, documentation and maintenance of Standards, Procedures, SOPs and knowledge base for SIEM and Security monitoring
- Continuous knowledge improvement in tools and best practices in Cyber Security Protection, Threat Monitoring and Incident Response.
- Evaluate new emerging Cyber Security technologies and make recommendations for adoption within the Group.
- Analyse emerging IT / Cyber security threats, assess associated risks, develop recommendation to address emerging threats and provide technical input on security advisories.
(Basic Degree/Diploma etc)
Bachelor's Degree or Professional Qualification in the relevant discipline (IT / Computer Science)
Professional Qualification and/or Regulatory, Licensing requirements
Security certifications e.g. CISSP, EC-Council, SANS, etc are preferred. Network certifications e.g. CCNA, CCNP, etc are added advantages.
Relevant Work Experience
5 years of experience in IT security, preferably in IT/Cyber security monitoring, incident response, threat intelligence analysis role of a banking environment Required Competencies and Skills *
(Essential to succeed in this job)
Knowledge of security best practices and concepts. Knowledge of computer environment and terms In-depth knowledge of common security controls, detection capabilities, and other practices / solutions for securing digital environments, to include packet flows / TCP & UDP traffic, firewall and proxy technologies, anti-virus, Intrusion Detection/Prevention Systems and other host-based monitoring, email monitoring and spam technologies, SIEMs, etc. Experience in analyzing malware / hacking tools and threat actor tactics, techniques, and procedures to characterize threat actors' technical methods for accomplishing their missions. Understanding of forensic analysis on and data captures from networks / packet capture, hosts (volatile/live memory), electronic media, log data, and network devices in support of intrusion analysis or enterprise level information security operations.
Personal skills (Soft Competencies [Core/Leadership])
Highly results-oriented and can work independently. Ability to build relationships and interact effectively with internal and external parties. Ability to plan, organize and prioritize tasks. Ability to work effectively as a team. Good analytical, technical, written and verbal communication skills. Travel Requirements (if any)
(Incl typical Destinations and Duration)
Travel within Klang Valley