Position Responsibilities
Threat Detection and Monitoring:
-Utilize SIEM, IDS/IPS, and EDR tools to monitor and detect potential security threats and incidents in real-time.
Incident Response and Threat Hunting:
-Lead the response to security incidents, including investigation, containment, remediation, and post-incident analysis. Conduct proactive threat hunting to identify and mitigate risks before they escalate.
Vulnerability Management:
-Perform regular vulnerability scans, assess risks, and work with IT teams to apply patches and mitigate identified vulnerabilities.
Risk Assessment and Mitigation:
-Conduct comprehensive risk assessments, identify potential threats, and implement measures to mitigate identified risks.
Policy Development and Compliance:
-Develop, implement, and maintain security policies, standards, and procedures. Ensure compliance with industry standards and regulatory requirements (e.g., GDPR, HIPAA, NIST, ISO 27001).
Security Tool Management:
-Manage and fine-tune security tools, including firewalls, SIEM systems, and endpoint protection platforms. Ensure tools are optimized for threat detection and response.
Cloud Security:
-Implement and monitor security best practices for cloud environments (AWS, Azure, Google Cloud), including IAM, encryption, network security, and cloud-native security tools (e.g., AWS GuardDuty, AWS WAF and Shield, Azure Security Center).
Log Analysis and Automation:
-Analyze logs from various sources (network devices, servers, applications) to identify anomalies and automate routine tasks using scripting languages (e.g., Python, Bash).
Security Awareness Training:
-Design and deliver training programs to educate employees on security best practices and promote a security-first culture within the organization.
(Apply now at https://my.hiredly.com/jobs/jobs-malaysia-zus-coffee-job-infosecops-engineer)
; Requirements:- Qualification and Experiences
Experience: 2-4+ years in a combined role of Security Operations and Information Security, with hands-on experience in cloud security.
Technical Skills:
-Proficiency in SIEM tools (e.g., Splunk, QRadar), EDR solutions, firewalls, IDS/IPS, and vulnerability scanners.
-Cloud Security Experience (Good to have): Hands-on experience with cloud platforms (e.g., AWS, Azure, Google Cloud), including IAM, network security, and cloud-native security tools.
-Strong knowledge of encryption, IAM, and secure configurations for cloud environments.
Knowledge: In-depth understanding of security frameworks (e.g., NIST, ISO 27001) and incident response methodologies and server/cloud networking.
Problem-Solving Skills: Strong analytical skills for assessing complex security events and developing effective solutions.
Communication: Excellent verbal and written skills, with the ability to communicate complex security concepts to both technical and non-technical audiences.
a Necessity, not a Luxury