Job Description

About Ekco:
Founded in 2016 Ekco is now one of the fastest growing cloud solution providers in Europe! We specialise in enabling companies to progress along the path of cloud maturity, cybersecurity, managing transformation and driving better outcomes from our customers\xe2\x80\x99 existing technology investments.

• 
  \xef\xb8\x8f In a few words, we take businesses to the cloud and back!

We have over 600 highly talented and supportive colleagues (and counting) across a number of regional offices in the UK, Benelux & Ireland.
About the role: Ekco recently acquired Ward Solutions (www.ward.ie) a significant cybersecurity business of circa 80 Cyber professionals based out of Ireland. We are now growing a SOC team in Malaysia and are seeking a number of cyber professionals to join our team.
A tier 1 SOC Analyst is typically responsible for the following tasks:

• Performing accurate and precise real-time analysis and correlation of logs/alerts from a multitude of client devices.
• Determining if events constitute security incidents e.g. security events and incidents from SIEM, Firewall (FW), Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS), Antivirus (AV), Directory Servers, Network Access Control (NAC) and other client data sources.
• Analysing and assessing security incidents and advancing to client resources or collaborating with internal teams for additional assistance
• Investigating security events forwarded from client for security risk.
• Conducting tuning engagements with security engineers to develop/adjust SIEM rules and analyst response procedures.
• Raising incidents to appropriate Senior Security Analyst or Incident Response staff or relevant sources to confirm if there is increased risk to the business
• Recognising potential; successful; and unsuccessful intrusion attempts and compromises thorough reviewing and analysing relevant event detail and summary information
• Performing vulnerability scans and assessments.
• Using TCP/IP networking skills to perform network analysis to isolate and diagnose.
• Responding to inbound requests via phone and other electronic means for technical assistance.
• Documenting actions in cases to effectively communicate information internally and to client.
• Reporting common and repeat problems (trend analysis) to management and propose process and technical improvements.
• Assist in providing resolution plans for system and network issues.
• Performing other duties as assigned.

You will need to have:

• A Bachelor\xe2\x80\x99s degree or equivalent in Computer Science, Computer Engineering, Electrical Engineering, Network Security, Information Security, Information Technology, or Mathematics (or equivalent work experience)

• Keen problem solving/ troubleshooting skills
• A can-do attitude
• Excellent written and verbal communication skills. You should be able to communicate technical details clearly.
• The ability to adjust and adapt to changing priorities in a dynamic environment
• A pro-active approach to addressing issues and requests and the ability to multi task
• The ability to learn new technology and concepts quickly
• Great organisational skills and attention to detail

Bonus points if you have any of the following:

• Prior work experience in a relevant area
• Vendor specific certifications / experience \xe2\x80\x93 Fortinet, Cisco, Checkpoint, Juniper etc.
• IBM QRadar or similar SIEM Certification / Experience
• Theoretical or practical knowledge in the following areas:
  • Unix, Linux, Windows, etc. operating systems
  • Well-known networking protocols and services (FTP, HTTP, SSH, SMB, LDAP, etc.)

• Packet analysis tools (tcpdump, Wireshark, ngrep, etc.) o Regular expressions
• Database structures and queries

We believe in being exceptional. Are you Exceptional? If you\xe2\x80\x99re passionate about learning and curious about information security, we\xe2\x80\x99re eager to hear from you!