Senior Security Analyst de Kuala Lumpur em Logicalis

Data de Postagem 11/2/2024

Resumo do Emprego

  • Tipo de Profissional:
    Full-Time
  • Localização:
    Kuala Lumpur
  • Tipo de Vaga:
  • Experiência
    Not Specified
  • Data de Postagem
    11/2/2024

Descrição da Vaga

Why choose Logicalis?          

  

As Architects of Change, Logicalis' focus is to design, support and execute clients' digital transformation by uniting their vision with their technology expertise and industry insights. The company, through its deep understanding of key IT industry drivers such as security, cloud, data management and IoT, can address customer priorities such as revenue growth and business, operational efficiency, innovation, risk and compliance, data governance and sustainability. 
 

We strengthen our purpose: to design, support, and execute our customers' digital transformation by converging their vision with our technological expertise and knowledge of the industry. The brand refresh underpins both the evolution of Logicalis’ positioning as well as our strategic vision for growth. 

The Role:

The role is part of our regional SOC team, tasked to deliver Managed Security Services (MSS) and help customers achieve its business goals & objectives by re-imagining cybersecurity as one of its business enabler. The role reports to SOC vertical based in Singapore. It is a great opportunity to put your past experiences in building a world class SOC and address cybersecurity challenges of organizations in the region. It provides exposure to wide variety of security technologies, and provides opportunity for the candidate to pioneer in developing SOC and build new MSS offerings.

Accountabilities:

  • Work in 24x7 shift to handle security incidents and provide level two (L2) support during analysis & investigations to identify the root cause.
  • Critical incidents to CSIRT team, for further analysis & investigations, and demonstrate excellent collaboration skills for timely resolution to minimize impact to customers.
  • Provide detailed remediation recommendation to customers for the incidents within agreed SLAs, and if required assist them during remediation implementation.
  • Go that extra mile to proactively work with customer to build threat detection use cases, minimize incident noise, develop correlation logic and enable junior regional analysts to focus on critical incidents.
  • Review 3rd party threat intel feeds and integrate them into MSS platforms to provide value to our customers.
  • Prepare SOC monthly reports, which includes customization based on business requirements and present them to customers during monthly meetings, highlighting risks and mitigation plans.
  • Lead new customer deployments by working closely with customer, regional onsite teams and relevant stakeholders during build phase, and take end-end responsibility for smooth go-live.
  • Identify gaps in existing SOC process and work with team members or other departments to create, modify standard operating procedures, to automate any mundane daily operational activities, ensuring Ops are run efficiently.
  • Enable regional security analysts to deliver seamless L1 support locally by developing SOC playbooks, relevant and sufficient Knowledge base.
  • If required assist sales team to help pitch MSS offerings, drive proof-of-concepts and demo MSS services at technology events, to show value of the service offerings to prospect customers.
  • Lead and manage junior analysts in handling incidents, day-day operations, SLA requirements, and customer requests.

The Individual and their Experience:

  • Candidate should have at least 8 years of experience working in SOC and MSS environments, with a Bachelor’s degree in Computer Science/IT/Information security.
  • Excellent hands-on experience in implementations, incident analysis of IBM QRadar, Alienvault SIEM technologies and should hold relevant vendor certifications.
  • Hands on experience on any Endpoint Protection (EPP) or Endpoint Detection Response (EDR) technologies. Preferred if CrowdStrike, Cisco AMP for endpoint.
  • Hands on experience on email security solutions. Preferred if that is on Cisco Email Solutions.
  • Exposure to firewall technologies such as Cisco, Palo Alto, Checkpoint, Fortinet.
  • Good understanding of WIN, LINUX environments and well versed with basic LINUX commands and troubleshooting, with a proven Unix (Solaris, Linux, BSD) experience.
  • Knowledge on any shell scripting language, and to apply them to automate mundane operations tasks.
  • Candidate should have at least one SANS certification. Preferred if that is GCIH
  • Understanding of basic network concepts and advantage if exposure to cloud technologies.
  • Thinking combined with excellent troubleshooting skills, preferably with experience following ITIL standards
  • Position will be based in Malaysia, Kuala Lumpur

Não está pronto para se candidatar?

Se você está interessado em nossas oportunidades de carreira, mas não está pronto para se candidatar, cadastre-se em nossa rede de Talentos, fique conectado conosco e receba nossas atualizações.

Red Arrow