Security Engineer (siem)

Shah Alam, Malaysia

Job Description

Our client, one of the top leading MNC ICT Solution Provider is now seeking for talent who specialise in SIEM to join the team:Responsibilities:

  • Performing daily detect and response functions, closely aligned with typical SOC functions.
  • Identifying compromised computers and potential IP loss using logs, live response, and related computer centric evidence sources.
  • Knowledge of email security threats and security controls, including experience analysing email headers.
  • Coordinates with stakeholders internal and customer.
  • Communicates with management on Project progress and activities assigned.
  • Responsible to mentor other team members.
  • Responsible to create Runbooks for incident resolution and updating the incident response run-book database.
  • Providing accurate and timely routing of verified compromises to the appropriate IT operations teams for further analysis and follow through to remediation.
  • Advising management on the effectiveness of established operating procedures and recommend modifications where appropriate.
  • Stay up to date with latest IT security trends, news and intelligence.
  • Responsible for the completion of SIEM (ArcSight, QRadar, Splunk) Roadmap along with other team members in the SOC.
  • Responsible for on-boarding of log sources for supported and un-supported devices.
  • Responsible for creating flex-development connectors for un-supported devices.
  • Design HLDLLD for customers based on experience, best practices and understanding of customer environment.
  • Responsible to work with SIEM (ArcSight, QRadar, Splunk) content engineer to enhance Security Use-cases for SOC Environment.
  • Responsible to work and integrate Automated Incident Smart Response in the SOC.
  • Supports definition and implementation of protocols to govern security assessment during on-boarding of new log sources.
  • Data normalization and ETL within Splunk.
  • Responsible for integration of logs and data feeds into Splunk through various methodologies, e.g. via syslog connectors, utilizing DB Connect to pull data from on-site databases.
  • Managing all Splunk plugin configurations including ITSI and Enterprise Security.
  • Managing and monitor the Splunk infrastructure for capacity planning and optimization.
  • Installation of search heads, deployment servers, indexers Enterprise Security App.
  • Manage Splunk knowledge objects (Apps, Dashboards, Saved Searches, Scheduled Searches, Alerts, etc.).
  • Manage and report on the activities and performance of the regional SOC team.
  • Provide input to the SOC policies and procedures and correspondingly evaluate and update regional SOC policies and procedures to ensure SOC personnel follow uniform processes.
  • Verify all SIEM components are functioning optimally.
  • Provides valuable insight and input to the identification of information security risk within the regional and brand enterprises and recommends priorities for risk mitigation.
  • Assists with patching recommendations and solution for zero-day threats.
  • Develop content, analytics and detection around threat actor s tactics, techniques procedures that is deliverable through our daily knowledge base updates.
  • Candidate should have 6 to 8 years of hands on Experience on SOC, SIEM, Vulnerability management, Security Incident Response.
  • Experience with SIEM systems such as Splunk, AlienVault, QRadar, ArcSight or similar.
  • Candidate must possess at least a Professional Certificate, Diploma, Advanced/Higher/Graduate Diploma, Bachelor's Degree, Post Graduate Diploma, Professional Degree, Computer Science/Information Technology, Engineering (Computer/Telecommunication) or equivalent.
  • Required language(s): Bahasa Malaysia, English
  • At least 6 year(s) of working experience in the related field is required for this position.
  • Preferably Managers specializing in IT/Computer - Software or equivalent.
  • Full-Time/ Contract position(s) available.
Job Type: Full-timeSalary: RM10,000.00 - RM20,000.00 per monthExperience:
  • the: 6 years (Preferred)
  • Diploma/Advanced Diploma (Preferred)

Beware of fraud agents! do not pay money to get a job will not be responsible for any payment made to a third-party. All Terms of Use are applicable.

Related Jobs

Job Detail

  • Job Id
  • Industry
    Not mentioned
  • Total Positions
  • Job Type:
    Full Time
  • Salary:
    Not mentioned
  • Employment Status
  • Job Location
    Shah Alam, Malaysia
  • Education
    Not mentioned