Security Analyst Level 2 - QW368XX9

Security Analyst Level 2 - QW368XX9 Logo

Kuala Lumpur , Kuala Lumpur

Created Wed, 25 May 2022


  • Work in 24x7 shift environment to handle security incidents and provide level two (L2) support during analysis & investigations to identify the root cause.
  • Provide detailed remediation recommendation to customers for the incidents within agreed SLAs, and if required assist them during remediation implementation.
  • Execute SOC playbooks, knowledge base to minimize the security incident impact and perform detailed investigation on the infected assets.
  • Escalate critical incidents to 3rd level support team, for further analysis & investigations, and demonstrate excellent collaboration skills for timely resolution to minimize impact to customers.
  • Review 3rd party threat intel feeds and integrate them into MSS platforms to provide value to our customers.
  • Prepare SOC monthly reports, which includes customization based on business requirements and present them to customers during monthly meetings, highlighting risks and mitigation plans.
  • Enable regional L1 Security Analysts to deliver seamless L1 support by developing SOC playbooks, relevant and sufficient knowledge base.

The Individual and their Experience:

  • Candidate should have at least 3 years of experience working in SOC and MSS environments, with a Bachelor’s degree in Computer Science/IT/Information security.
  • Excellent hands-on experience on incident analysis using SIEM platforms such as Microsoft Sentinel, IBM QRadar.
  • Hands on experience on any Endpoint Protection (EPP) or Endpoint Detection Response (EDR) technologies. Preferred if Microsoft Defender, CrowdStrike.
  • Exposure to firewall technologies such as Cisco, Palo Alto, Checkpoint, Fortinet.
  • Good understanding of WIN, LINUX environments and well versed with basic LINUX commands and troubleshooting, with a proven Unix (Solaris, Linux, BSD) experience.
  • Knowledge on any shell scripting language, and to apply them to automate mundane operations tasks.
  • Candidate should have at least one cybersecurity industry certification such as CEH, CHFI.
  • Good understanding of basic network concepts and advantage if exposure to cloud technologies.
  • Lateral thinking combined with excellent troubleshooting skills, preferably with experience following ITIL standards