Job Description – Cybersecurity Specialist
Team: Monitoring/Support
Designation: Cyber Security Specialist (SOC L3)
Job Role:Monitor and Detect Security Alerts while supporting Microsoft security and compliance technologies based on customer requirements and industry knowledge.
Experience:Minimum 7 years of experience working in a Security Operation Centre in terms of monitoring, detecting and analyzing security solutions.
Employer:Vcyberiz Sdn Bhd, Cyberjaya, Malaysia
Job Location:Cyberjaya, Selangor
Shifts:The resource will have to work from office (Mandatory) and come in a 24x7x365 rotational shift.
Role:
As a SOC Level 3 Analyst, you will serve as a senior technical escalation point for all security incidents within the Security Operations Center.
You will work to contain and mitigate threats, perform advanced threat hunting, lead incident response efforts, and provide mentorship to SOC analysts at Level 1 and Level 2.
Your expertise will drive the continuous improvement of SOC processes, tools, and capabilities to strengthen the organization's security posture.
Responsibilities:
Act as the escalation point for complex incidents and provide expert analysis and guidance.
Proactively hunt for threats and vulnerabilities within the organization.
Lead the investigation of advanced security incidents, including root cause analysis and remediation.
Collaborate with stakeholders across IT, risk management, and executive teams to mitigate risks effectively.
Ensure timely detection, triage, and response to security threats and events.
Perform advanced-level threat analysis, correlating events from multiple sources.
Lead incident response, containment, and recovery activities, including root cause analysis and remediation.
Conduct detailed post-incident reviews and create root cause analysis reports.
Develop and maintain SOC playbooks and standard operating procedures.
Perform threat intelligence research and integrate findings into detection mechanisms.
Conduct security tool fine-tuning, including SIEM and EDR platforms.
Train and mentor junior SOC analysts (L1/L2) to enhance overall team capability.
Collaborate with teams to evaluate and deploy advanced cybersecurity tools and techniques.
Ensure adherence to compliance and regulatory requirements in SOC operations.
Work Experience:
Proven experience designing, implementing, supporting, and delivering security solutions such as Microsoft Security and Compliance solutions, including M365 Defender for Endpoint, Defender for Cloud, MS Purview, MS Entra, Sentinel SIEM, DLP, Email and Web Security, Spam Filtering, and Vulnerability Scanning.
Extensive experience in security operations using agnostic tools and platforms, including writing and executing queries in languages like KQL or SPL for threat detection, incident response, and analysis across various environments.
Experience in Major Incident Management, coordinating response efforts, root cause analysis, and communication across cross-functional teams, including leveraging agnostic monitoring tools for faster triage and remediation.
Ability to create and manage security playbooks that define incident response processes for both Microsoft and third-party security tools, ensuring alignment with organizational security policies and best practices.
Strong skills in malware analysis, with experience working across multiple security technologies to identify, assess, and respond to threats, regardless of the underlying platform or vendor.
Comprehensive knowledge of the Microsoft Defender suite (e.g., Defender for Endpoint, Defender for Identity, Defender for Office 365), with the ability to navigate and integrate it with other third-party solutions for seamless security operations.
Experience managing service requests and handling ticket management workflows in a structured environment.
Proven track record of delivering security solutions and services for global customers, with the ability to integrate solutions from multiple vendors to enhance security effectiveness.
Deep understanding of Security Operations and Service Delivery, with an emphasis on continuous improvement and operational efficiency, regardless of vendor technology.
Proficiency in using Enterprise Ticketing systems, such as ServiceNow, to track, escalate, and resolve security incidents, regardless of the underlying security platform.
Familiarity with ITIL v4 processes in supporting Security Solutions and Service Delivery, with a focus on Incident, Change, and Problem Management.
Qualifications (Mandatory):
Bachelor's degree in Computer Science, Cybersecurity, or a related field.
Relevant certifications, such as:
GIAC Certified Incident Handler (GCIH)
Certified Information Systems Security Professional (CISSP)
Offensive Security Certified Professional (OSCP)
Certified Ethical Hacker (CEH)
Qualifications (Preferred):
Master's degree in Cybersecurity or a related field.
Certifications in advanced threat intelligence or forensic analysis (e.g., GCFA, GREM).
Skills and Abilities:
Advanced understanding of threat landscapes, adversary tactics, and attack frameworks (e.g., MITRE ATT&CK).
Proficiency in incident response, malware analysis, and digital forensics.
Strong knowledge of security technologies, including firewalls, SIEM, EDR, IDS/IPS, and DLP solutions.
Hands-on experience with scripting and automation (Python, PowerShell, etc.).
Expertise in network traffic analysis and packet-level investigations.
Excellent communication and report-writing skills.
Ability to lead teams and make decisions under pressure during active incidents.
Performance Criteria:
Efficient and effective incident response and containment times.
Quality of root cause analysis and post-incident reporting.
Contribution to the development and improvement of SOC processes and playbooks.
Proactive identification of threats through threat hunting and intelligence research.
Mentorship and skill development of SOC team members.
High levels of stakeholder satisfaction and collaboration.#J-18808-Ljbffr