Security (Information & Communication Technology)
Location:Petaling Jaya, MY
Company:Nestlé Malaysia
Job Type:Full-time
Education:Bachelor's Degree
Experience:5+ years
A day in the life of...
Lead advanced cybersecurity incident investigations and response activities.
Act as the escalation point for cybersecurity incidents requiring advanced and complex investigation at the L1/L2 levels.
Provide incident response guidance to L1 and L2 Incident Response Analysts.
Design, build, and enhance threat detection capabilities in SIEM, SOAR, and other security solutions.
Drive the creation and continuous refinement of Cyber Security Incident Response runbooks.
Continuously improve threat prevention and detection capabilities, as well as incident response processes and procedures, to address evolving cyber threats.
Keep the GCSIRT management team and key business stakeholders informed and engaged regarding critical security incidents and related developments.
What will make you successful
Bachelor or Master's Degree in Computer Science, Information Security or another similar relevant degree.
5+ years of cyber incident response and/or cyber security experience.
Lead and manage web application security incidents, ensuring timely detection, containment, and resolution.
Experience with various incident handling methodologies is a plus.
Experience and keen understanding of cybersecurity tools, including SIEM, SOAR, IDS/IPS, EDR, endpoint detection & response solutions and more.
Perform in-depth analysis of security logs to identify anomalies and potential security threats.
Hands-on experience with SPL (Search Processing Language) and KQL (Kusto Query Language) for SIEM tools is highly preferred.
Utilize the MITRE ATT&CK Framework to create and refine Use Cases for advanced threat detection and response.
Experience in developing and maintaining these Use Cases is a valuable asset.
Collaborate with cross-functional teams to improve the organization's security posture by identifying vulnerabilities in web applications and APIs and recommending appropriate mitigations.
Strong understanding of web application and API attack vectors, including but not limited to SQL injection, cross-site scripting (XSS), and API abuse.
Demonstrated ability to analyze complex security issues, develop practical solutions, and communicate them effectively to technical and non-technical stakeholders.
Effective communication skills and ability to present information to a wide variety of internal stakeholders, including senior-level leadership.
Experience having worked in a global environment and with virtual teams.
Professional experience working with sensitive or confidential information in a work environment.
A commitment to staying current with emerging cybersecurity threats, tools, and best practices.
Relevant certifications such as CISSP, GCIH, GCFA, CEH, or another similar certification are a plus.#J-18808-Ljbffr