Job Description

REQUIREMENTS:

Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or equivalent experience. 3-5 years of hands-on experience in SOC operations, incident response, or penetration testing roles. Strong knowledge of SIEM tools (e.g., Splunk, QRadar, ArcSight, Sentinel) and security technologies (firewalls, IDS/IPS, endpoint protection, EDR). Proven ability to perform vulnerability assessments, penetration tests, and threat emulation exercises. Solid understanding of MITRE ATT&CK, Cyber Kill Chain, and threat hunting methodologies. Industry certifications such as CompTIA CySA+, OSCP, eJPT, GPEN, GCIH, GCIA, or Security+ are preferred.

KEY RESPONSIBILITIES:

Security Monitoring and Incident Response

Monitor, investigate, and respond to security alerts and network security systems. Perform advanced triage and root-cause analysis on escalated incidents. Correlate logs from multiple sources (firewall, proxy, DNS, email, cloud) to identify attack chains. Lead containment and remediation efforts during active incidents. Develop and enhance SOC playbooks and standard operating procedures (SOPs) for incident handling. Tune SIEM rules and detection logic to improve accuracy and reduce false positives.

Penetration Testing and Threat Emulation

Plan, execute, and document penetration tests for internal networks, web applications, cloud environments, and client infrastructures. Exploit and validate vulnerabilities to assess potential business impact. Perform adversary emulation and red team exercises mapped to MITRE ATT&CK techniques. Develop and maintain attack simulation scripts and proof-of-concept exploits for detection validation. Work closely with SOC and detection engineering teams to validate, test, and improve detection coverage. Provide detailed reports and actionable recommendations for identified weaknesses.
Job Types: Full-time, Permanent

Pay: RM6,000.00 - RM8,000.00 per month

Benefits:

Opportunities for promotion Professional development
Work Location: In person