The scope of responsibilities includes all SIEM administration, management, configuration, testing, and integration tasks related to the system, focusing primarily on content development to include reports, dashboards, real-time rules, filters, and active channels.
ESSENTIAL POSITION FUNCTION
Identify, categorize, prioritize, and investigate events rapidly utilizing triage and response guidelines for the enterprise using commonly available CSOC log sources
Monitor incoming event queues for potential security incidents using the SIEM tool per operational procedures
Perform initial investigation and triage of potential incidents, and escalate or close events as applicable
Monitor CSOC ticket (or email) queue for potential event reporting from outside entities and individual users
Produce, maintain and update CSOC Playbook.
Document investigation results, ensuring relevant details are passed to tier 2 (Cybersecurity Response team) for final event analysis.
Update or reference CSOC collaboration tool as necessary for changes to SOC process and procedure as well as ingest CSOC daily intelligence reports and previous shift logs.
Work with internal business units and external stakeholder to drive secure configurations in images used for desktops, servers, network devices, and wireless network devices
Maintain the group email address and distribution lists, answer SOC main phone lines, and update all relevant documentation such as shift logs and tickets.
Keep updated on knowledge and awareness on latest security trends.
To perform duties with due diligence and professional care in accordance with professional standards and best practises
Key Challenges
To ensure understanding and involvement from all level of management and employees
To get top management commitment in compliance activities
To get all staff and management to adhere to policies, procedures and internal control
Working Relationship
WHO? FROM? PURPOSE
Manager
PCA & IT SM
To discuss and report on IT security and risk management
Managers, Management Representative, Lead Auditors
All departments/units under IT Division SIRIM QAS
To discuss and agreed on certification matters
Consultants and Officers
Cyber Security Malaysia, Majlis Keselamatan Negara
To discuss and agreed on IT Security matters
Dimension
No of staff: 7
No of compliance checking: 3
No of IT Security testing: 2
Competencies
Change and Innovate - Continuous Improvement Courage to Excel - Courage Communicate and Collaborate - Influencing Courage to Excel - Driving For Results Coach and Nurture Talent - Coaching Courage to Excel - Decision Making Courage to Excel - Planning & Organizing Commit to Win - Business Acumen Communicate and Collaborate - Building Partnerships Customer Centric - Customer Orientation Change and Innovate - Innovation
Skills
Experience in maintaining system (hardware and software).
Experience in network/firewall configuration.
Travelling, extra work (After office hour).
Have a throughout understanding of system functionality including overall structures of TAMS subsystem.
Minimum supervision with good interpersonal and communication skills.
Knowledge in system, infrastructure and application architecture.
Relevant Industries
EXTERNAL
Degree holder with minimum 3.0 CGPA with minimum 2 years relevant experience in supervisory role.
Minimum 3 years of cybersecurity experience and deep technical knowledge on a number of security technologies; have a solid understanding of information security and networking
Unique Requirement
Knowledge in system, infrastructure and application architecture. Good analytical skills in the field relevant to information security management
Vulnerability analysis and reverse engineering
Computer hardware and software systems (Windows, UNIX and Linux operating systems, C, C++, C#, Java, ASM, PHP, PERL) also network firewall
Resourceful, result oriented and highly motivated to achieve organizational goals and targets
Education
External
Degree preferably with specialization in computer related discipline and working knowledge of SIEM technology. Industry certification such as CISSP, GPH, CPT, etc is a plus.
Open for Malaysian citizens only. Please be reminded that only online applications will be entertained. Applications should reach us no later than 17 March 2023. Only shortlisted candidates will be notified.