Job Description

POSITION GENERAL FUNCTION

• The scope of responsibilities includes all SIEM administration, management, configuration, testing, and integration tasks related to the system, focusing primarily on content development to include reports, dashboards, real-time rules, filters, and active channels.

ESSENTIAL POSITION FUNCTION

• Identify, categorize, prioritize, and investigate events rapidly utilizing triage and response guidelines for the enterprise using commonly available CSOC log sources
• Monitor incoming event queues for potential security incidents using the SIEM tool per operational procedures
• Perform initial investigation and triage of potential incidents, and escalate or close events as applicable
• Monitor CSOC ticket (or email) queue for potential event reporting from outside entities and individual users
• Produce, maintain and update CSOC Playbook.
• Document investigation results, ensuring relevant details are passed to tier 2 (Cybersecurity Response team) for final event analysis.
• Update or reference CSOC collaboration tool as necessary for changes to SOC process and procedure as well as ingest CSOC daily intelligence reports and previous shift logs.
• Work with internal business units and external stakeholder to drive secure configurations in images used for desktops, servers, network devices, and wireless network devices
• Maintain the group email address and distribution lists, answer SOC main phone lines, and update all relevant documentation such as shift logs and tickets.
• Keep updated on knowledge and awareness on latest security trends.
• To perform duties with due diligence and professional care in accordance with professional standards and best practises

Key Challenges

• To ensure understanding and involvement from all level of management and employees
• To get top management commitment in compliance activities
• To get all staff and management to adhere to policies, procedures and internal control

Working Relationship

WHO? FROM? PURPOSE

• Manager

• PCA & IT SM

• To discuss and report on IT security and risk management

Managers, Management Representative, Lead Auditors

All departments/units under IT Division SIRIM QAS

• To discuss and agreed on certification matters

Consultants and Officers

Cyber Security Malaysia, Majlis Keselamatan Negara

• To discuss and agreed on IT Security matters

Dimension

• No of staff: 7
• No of compliance checking: 3
• No of IT Security testing: 2

Competencies

Change and Innovate - Continuous Improvement

Courage to Excel - Courage

Communicate and Collaborate - Influencing

Courage to Excel - Driving For Results

Coach and Nurture Talent - Coaching

Courage to Excel - Decision Making

Courage to Excel - Planning & Organizing

Commit to Win - Business Acumen

Communicate and Collaborate - Building Partnerships

Customer Centric - Customer Orientation

Change and Innovate - Innovation

Skills

• Experience in maintaining system (hardware and software).
• Experience in network/firewall configuration.
• Travelling, extra work (After office hour).
• Have a throughout understanding of system functionality including overall structures of TAMS subsystem.
• Minimum supervision with good interpersonal and communication skills.
• Knowledge in system, infrastructure and application architecture.

Relevant Industries

EXTERNAL

• Degree holder with minimum 3.0 CGPA with minimum 2 years relevant experience in supervisory role.
• Minimum 3 years of cybersecurity experience and deep technical knowledge on a number of security technologies; have a solid understanding of information security and networking

Unique Requirement

• Knowledge in system, infrastructure and application architecture. Good analytical skills in the field relevant to information security management
• Vulnerability analysis and reverse engineering
• Computer hardware and software systems (Windows, UNIX and Linux operating systems, C, C++, C#, Java, ASM, PHP, PERL) also network firewall
• Resourceful, result oriented and highly motivated to achieve organizational goals and targets

Education

External

• Degree preferably with specialization in computer related discipline and working knowledge of SIEM technology. Industry certification such as CISSP, GPH, CPT, etc is a plus.
• Experience with cyber security incident response protocols (e.g., identification, impact assessment, containment, remediation, evidence handling, technical reporting, etc.) and safeguarding information.

Additional Information

Open for Malaysian citizens only.
Please be reminded that only online applications will be entertained.
Applications should reach us no later than 17 March 2023.
Only shortlisted candidates will be notified.

Malaysia Airports