Talent.com
Tawaran kerja ini tidak tersedia di negara anda.
Security Analyst L2

Security Analyst L2

Ensign InfoSecurityKuala Lumpur, Kuala Lumpur, Malaysia
23 jam yang lalu
Penerangan pekerjaan

Overview

As a Level 2 Security Analyst in a Managed Security Service Provider (MSSP) environment, you will serve as an advanced escalation point for Tier 1 analysts, handling complex alerts and security incidents across multiple client environments. Your primary responsibility is to investigate threats in-depth, guide incident response efforts, enhance detection capabilities, and ensure clients are protected with timely and accurate responses. This role demands strong technical, analytical, and communication skills to succeed in a fast-paced, multi-tenant SOC.

Key Responsibilities

  • Analyze and respond to escalated alerts from Tier 1 analysts across multiple clients.
  • Conduct in-depth investigations using SIEM, EDR, NDR, firewall logs, and other security tools.
  • Perform malware analysis, log correlation, and network traffic analysis to identify attack vectors.
  • Execute containment, eradication, and recovery procedures using predefined runbooks and playbooks.
  • Escalate and coordinate with Level 3 analysts or incident response teams for high-severity incidents.
  • Provide technical guidance, support, and mentoring to Tier 1 analysts.
  • Identify gaps in detection capabilities and recommend improvements in correlation rules, tuning, and alerts.
  • Support proactive threat hunting initiatives based on IOCs, TTPs, and contextual threat intelligence.
  • Monitor external threat intelligence feeds and correlate them with client telemetry to identify potential risks.
  • Maintain clear and accurate documentation of all investigations, actions taken, and incident outcomes.
  • Contribute to the continuous improvement of SOC processes, including the development of SOPs, playbooks, and runbooks.
  • Ensure all activities are performed in compliance with client-specific SLAs, internal policies, and applicable regulatory standards.
  • Participate in client-specific onboarding activities and ensure monitoring tools are correctly configured.
  • Join incident review meetings and provide root cause analysis and post-incident reporting when required.
  • Handle shift handovers with detailed summaries and ensure continuity of investigations and tasks.
  • Participate in internal knowledge-sharing sessions and contribute to SOC-wide initiatives and improvements.

Requirements

Education & Experience :

  • Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or related field—or equivalent work experience.
  • 2–4 years of experience in a Security Operations Center or similar cybersecurity environment.
  • Experience working in an MSSP or multi-tenant environment is highly desirable.

    • Technical Skills :

  • Strong experience with SIEM platforms (e.g., Splunk, Sentinel, QRadar).
  • Hands-on experience with EDR tools (e.g., CrowdStrike, SentinelOne, Microsoft Defender).
  • Familiarity with NDR and SOAR platforms is a plus (e.g., Darktrace, Corelight, Cortex XSOAR).
  • Strong understanding of networking protocols, log analysis, and system administration (Windows / Linux).
  • Knowledge of malware behaviors, phishing techniques, and MITRE ATT&CK framework.
  • Experience with scripting and automation tools (e.g., Python, PowerShell) is a plus.
  • Familiarity with case management tools (e.g., Jira, ServiceNow, TheHive).

    • Certifications (preferred) :

  • CompTIA Security+, CySA+, or equivalent.
  • GIAC certifications (e.g., GCIH, GCIA, GCFA).
  • CEH, or vendor-specific certifications (e.g., Microsoft SC-200, CrowdStrike CCFR).

    • #J-18808-Ljbffr

    Buat amaran kerja untuk carian ini

    Security Analyst L2 • Kuala Lumpur, Kuala Lumpur, Malaysia