Opportunity Expired
Associates degree in Computer Science, Information Security or similar discipline
Provide eyes on glass real-time security monitoring in a 24x7 environment by monitoring security infrastructure and security alarm devices for Indicators of Compromise utilizing various SIEM and cyber security tools
Perform initial assessment of incoming alerts (assessing the priority, determining severity in respect to customer environments as well as correlating additional details) and coordinate with Senior Analysts for high priority incidents, where necessary
Provide basic security event detection and initial triage of security events, opening tickets in designated ticketing systems within SLO and/or SLA guidelines
Provide health and availability analysis, opening tickets in designated ticketing systems within SLO and/or SLA guidelines
Follow documented escalation procedures
Identify recurring incidents for problem management purposes
Coordinate with Senior Analysts for high priority incidents.
Strong documentation and communication skills
Exceptional problem-solving skills
Proactive in engaging with customer reps, client executives and Telecommunication management teams
Basic knowledge in network technologies
Knowledge of Transmission Control Protocol/Internet Protocol (TCP/IP), RCF 1918 and common attacks against TCP/IP protocol
Good knowledge of Server Operating System
Basic understanding of threat landscape and indicators of compromise
Basic understanding of current cyber security threats, attacks and countermeasures for adversarial activities such as network probing and scanning, distributed denial of service (DDoS), phishing, ransomware, botnets, command and control (C2) activity, etc.
Information Technology security related certifications such as but not limited to - CompTIA A+, Network+, Security+, Linux related certifications, Cisco CCNA, Microsoft Certified Azure Fundamentals, AWS Cloud Practitioner, SANS GSEC.
Basic understanding of command line scripting and implementation (i.e., Python, PowerShell, Bash Shell).
Some experience with tools such as Active Directory, Cisco IOS, MS Server, AMP, Arcsight ESM, Splunk ES, Azure Sentinel, Logrythm, Rapid 7, SNORT, Yara, IronPort, and Firepower is preferred.
Strong understanding of networking (TCP Flags, TCP Handshake, IP addressing, Firewalls, Proxy, IDS, IPS)
Ability to perform NetFlow / packet capture (PCAP) analysis.
Associates degree in Computer Science, Information Security or similar discipline.
Ability to write new content/searches/scripts (e.g., Splunk dashboards, Splunk ES alerts, QRadar, RSA Netwitness, SumoLogic, etc).
The opportunity is available to applicants in any of the following categories.
Malaysia
Malaysian Temporary Work Visa
Malaysian Citizen
Malaysian Permanent Resident