06 January 2022

Security Operation Lead - Associate Principal

IT
Full Time
Malaysia, Shah Alam
Apply Here
Apply with LinkedIn
Nature of Job
Permanent
Division / Department
IT
Location
Malaysia, Shah Alam

This is Subject Matter Expert role to lead security operation and managing Threat Management, SOC SIEM, Vulnerability Management & Security Tool & Technology under Security Operation department also be mentor to our Secops team as a hands-on engineer. Lead charge in threat analysis, Incident Response, and remediation. Secure, manage, and monitor security systems and applications within the SOC. Seek out and implement new tools and techniques while further optimizing our current solutions . Be trusted advisor to SOC threat analysis and VAPT related security assessment for security operation governance ensure overall security operation programs and reduce the risk in environment.  Manage Third Party Service Provider the security operation lead may work independently, providing evaluations on a security operation as per delivery compliance and evaluate and recommend the process align with security strategy and security operation guideline to protect the environment.

  • Experience as Team Leader and manage SOC,VAPT end to end operation.
  • Hands-on experience on SOC SIEM , Application Security Assessment and Audit, Vulnerability Assessment and Network Penetration Testing, Firewall Configuration Review and Email Security Assessment.
  • Govern and lead behalf of security internal organization manage the third-party service provider and as SPOC coordinate with Group level on SOC L3 Threat hunting advisory and  VAPT deliverable.
  • Responsible and ensure SLA & KPI related to Security Operation & VAPT monitored and reported to internal security management as plan interval.
  • Preferable experience of working on Information Security Tools- Nessus, Nmap, Skybox (for Vulnerability Management),  Metasploit , using Kali Linux (for Penetration Testing), IBM Rational AppScan , Burp Suite Tool and Acunetix (for Web Application testing), HP Fortify (Secure Code Review), Burp Suite Proxy Tool.
  • Experience in Security Maturity Assessment.
  • Experience Vulnerability Assessment governance & Security Operation Risk Management.
  • Understand the requirements from the Internal Security & Group Security develop continues improvement.
  • Document the findings, supporting evidence and recommendations for the management.
  • Manage Third Party MSP & Internal Business compliance governance on SOC &  VAPT domain and report as per KPI.

You are:

  • Leadership quality and proactive person understand Security Threat landscape.
  • Adaptable and fast. able to quickly learn a new tool to get the job done based on the requirements.
  • You are self-driven, motivated, resourceful and able to solve complex technical problems.
  • Experience in Telecommunications, Managed Security, Threat Hunting, IT infrastructure planning, development, operations and technical/security project management across organizations.
  • Able to understand work with cross function and group, third party service provider and internal engagement for security operation and service improvement, consulting, projects, audit and security maturity assessments.
  • You are obsessed with quality and adopt strong leader security operation risk-based approach for an organization’s needs.

Key Responsibilities

  • Responsible for team technical and assurance SOC SIEM Analysis & VAPT cyber security program for Digi and governance.
  • Direct engagement with Management / Group Security / Reporting Incident / Improvement and SLA/KPI.
  • Guide security operation team as subject matter experts on activities to be performed
  • Ensure integrity and completeness of delivery and provide timely, comprehensive and accurate feedback to stakeholders and management.
  • Perform malware analysis and possibly reverse engineering
  • Provide best-practice technical remediation recommendations to effectively mitigate risk

Experience and Requirements

  • Experience handling team of 5 to 10 resources and end to end security operation delivery related various platforms, Threat Analysis and investigation using SIEM or other technologies.
  • Strong understanding of the Incident Response lifecycle (Preparation, Detection & Analysis, Containment, Eradication & Recovery, Post-Incident)
  • Strong knowledge of web technologies, networking protocols, Microsoft Windows and Linux/Unix internals.
  • Understanding threat landscape in terms of the tactics, techniques and procedure of attacks
  • Understanding of the security use cases and able to contribute for better detection
  • Understanding of IOCs, payloads and packet captures
  • Scripting including Bash, PowerShell, Python scripting (or any other)
  • Malware or Forensic analysis background

Your Merits:

  • Bachelor’s degree in, Computer Science OR equivalent through experience.
  • Formal cyber security training (e.g. SANS) and certifications (e.g. Comptia+, CEH,Threat Hunting)
  • More than 5 years’ experience in cyber security SOC,  project management, security VAPT Governance and Improvement, Purple Team, Red Team or similar
  • Must show in-depth understanding of concepts such as , APT, Threat Hunting, cyber kill chain, security controls such as ISO27001, NIST.
  • Must show in-depth understanding of concepts such as End Point Security, APT, cyber kill chain, GRC, security controls.
  • Excellent in written and oral English
Apply Here
Apply with LinkedIn