Security Engineer

About the Role

We are actively seeking a Security Engineer to become an essential member of our security operations team, based in Kuala Lumpur, Malaysia. This role is crucial in managing security escalations and supporting our customer security services. As a Security Engineer, you will offer vital technical consultation and support to our Managed Services Team. You will take charge of security ticket management, spearheading the handling, processes, and enhancements within the team. Your duties will also include conducting comprehensive investigations and analysis of cybersecurity incidents, as well as leading the response to these incidents in partnership with other internal and external teams, and customers. Following security incidents, you will carry out post-incident activities, including root cause analysis, reporting, and evaluating regulatory and compliance impacts. You will be vigilant in monitoring cybersecurity alerts, triaging, and scrutinizing alerts from platforms such as SIEM, MDR, EDR, and Microsoft Defender for Cloud. Collaborating with both the internal security team and external Security Operations Centres (SOC), you will develop and refine monitoring alerts and use cases. Moreover, you will undertake proactive security tasks, including assessments, audits, and testing to detect vulnerabilities and offer remediation recommendations. You will be accountable for identifying and addressing gaps within customer environments and proposing enhancements to their security posture. Keeping current with the latest threat landscape, adversary tactics, techniques, and procedures (TTPs), cybersecurity events, and best practices is essential for ongoing knowledge advancement.

Responsibilities

• Manage security ticket lifecycles and drive process improvements within the security operations team.
• Investigate and analyse cybersecurity incidents; lead incident response in coordination with internal / external teams and customers.
• Post-incident activities : root cause analysis, reporting, and assessing regulatory / compliance impacts.
• Monitor and triage security alerts from SIEM, MDR, EDR, and Microsoft Defender for Cloud; refine monitoring alerts and use cases with internal and external SOCs.
• Perform proactive security tasks : assessments, audits, testing, vulnerability detection, and remediation recommendations.
• Identify gaps in customer environments and propose enhancements to security posture.
• Stay current with threat landscape, TTPs, cybersecurity events, and best practices.

Requirements

Office Hours : Monday to Friday, Kuala Lumpur business hours with flexibility for overlap with our London office when needed. Overtime is available and paid for pre-arranged work.

On-Call : You will be on 24 / 7 standby (in a rota) for a maximum of 2 weeks a month when security escalations are required. Standby allowance and overtime are provided.

Location : Solaris Dutamas, Kuala Lumpur. Hybrid model with a minimum of 3 days in the office.

Skills and experience :

About the person

Why work at Doherty?

We are a Microsoft Gold Partner with four Solutions Partner Designations (including Modern Work), a Tier 1 Microsoft CSP relationship and ISO27001 & ISO9001 accredited. DA operates a global managed services team with offices in both London (HQ) and Kuala Lumpur.

#J-18808-Ljbffr