SOC Incident & Alert Consultant

Job Highlights:

• Sponsor Highlied meals if you work at the office!
• We championed hybrid work arrangement.

Job Description
Serves as a contact person to users for cyber security issues, mainly engages in real-time (threshold) security monitoring, event evaluation, alert triage, and incident response. Identifies/filters false positives for process optimization. Responsible for verification, assessment, and classification of reported Cyber Security incidents. Communicates incident remediation status and escalates to relevant parties.

Handles incidents according to response plans/runbooks and escalates incidents to related parties, tier 2 or tier 3 for remediation. Reviews incidents after closure for potential defense and process improvements. Supports discovery, configuration, and vulnerability scanning. Work on service request tickets by receiving and handling requests for service, following agreed procedures. (Including set up new user’s accounts, give access to certain software, network folder, etc.)

Job Description:

• Perform real-time proactive security monitoring, detection and response to security events and incidents within the protected environment from the various SOC entry channels (SIEM, Tickets, Email and Phone).
• Manage incident response including incident detection, analysis, containment, eradication, recovery, and chain of evidence/ forensic artifacts required for additional investigations.
• Conduct thorough checklist-based investigation of security events generated by detection mechanisms such as SIEM, IDS/IPS, AV.
• Categorize the events and raise necessary incidents after a thorough quality check of the event.
• Utilize advanced network and host forensic tools to triage and scope an incident.
• Perform investigation and analytics of network, host-based payloads and artifacts concerning the incident.
• Correlate additional context from the Threat Intelligence (TI) team for the incident during investigation and analysis.
• Participate in Vulnerability Management processes.
• Create recommendations and requirements for content detection and response, enhancements to SOC process & procedures and systems.
• Provide technical support for forensics services to include evidence seizure, computer forensic analysis and data recovery, in support of computer crime investigation.
• Work as part of a team to ensure that corporate data and technology platform components are safeguarded from known threats.

Job Qualifications:

• Demonstrates a broad awareness of cybersecurity events, threats, and actors, including trends and emerging systemic risks.
• Must understand basic security principles with an understanding of malware, cryptography, threats and vulnerabilities, access control, and application, data, and host security.
• Basic understanding of Operating Systems, Virtualization technologies, Network Devices, Cloud computing concepts, Web Proxies, Firewalls, Intrusion Detection/Prevention Systems, Antivirus Systems, Data Loss Prevention, Vulnerability Assessment tools.
• Strong understanding of security incident management, malware management and vulnerability management processes.
• Ability to follow through on all phases of the incident response and identify attacks, determine initial vectors, and complete scope of incidents.
• Good understanding of basic security principles with an understanding of malware, cryptography, threats and vulnerabilities, access control, and application, data, and host security.
• Knowledge of TCP/IP Protocols, network analysis, and network/security applications and common Internet protocols and applications.
• Experience in troubleshooting in a technical environment as well as basic forensics tools and web history tools.
• Excellent English written and verbal skills.
• Proficient in Microsoft Office applications, case management and ticketing system.
• Security monitoring experience with SIEM technologies (e.g. IBM QRadar, Splunk, Sentinel, ManageEngine or SolarWinds).
• Personal Qualities:
• Innovative and eager to learn in a rapidly evolving field
• Personality traits, work habits, communication, and social skills are necessary to work effectively within a dynamic and highly operational environment.
• Exemplary personal and professional integrity and demonstrate strong interpersonal skills.
• Excellent analytical and problem-solving skills with strong attention to detail
• Ability to manage multiple tasks, priorities, and operational assignments in a high-pressure environment.
• Must have good time management skills with a demonstrated ability to complete assignments in a timely, high-quality manner.
• Shift work and/or Stand-by/on-call availability required
• Working Conditions & Compensation

Shift work required
On-call/stand-by availability required
Travel: n/a – possibly rarely
Security Operation Center positions require employees to obtain and maintain a security clearance.
Life at Arvato Systems Malaysia:

If you're looking to be creative and at the same time putting on the entrepreneurship hat while working on Technology related work, then you fit right into our culture.

Top 10 Perks & Benefits on Why You Should Join Us:

• Yearly Company Trip.
• We promote flexi work arrangements having flexi benefits where employees could enjoy what they see fit.
• Besides Annual Leaves & Sick Leaves, we have other unique paid time-offs such as Birthday Leave & Child Care/Parental Leave.
• We got you covered in terms of insurance alongside with your immediate family members (Spouse & Children only).
• Attractive Employee Referral Program.
• Sponsored meals if you work at the office!
• Unlimited coffee refills with state-of-the-art barista coffee machine where you can practice on your preferred choice of latte art.
• Believes in learning and people development with plenty of trainings to upskill your personal growth.
• Plenty of initiatives and interest groups to ensure that not only everyone in the team gels and bond closer together, we put an emphasis on CSR work as well.
• Work is important, but your mental health should always take priority. At Arvato Systems Malaysia, we do everything we can to make sure you lead a healthy and happy life by walking the talk on work-life balance.

Diversity & Inclusion:
Arvato Systems Malaysia stands for Equal Employment Opportunity (EEO). We do not discriminate on the basis of race, religion, color, gender identity, sexual orientation, non-disqualifying physical or mental disability, national origin, veteran status or any other basis covered by appropriate law. All employment is decided on the basis of qualifications, merit, and business need.