Senior Cyber Threat Analyst

Job Description: Senior Cyber Threat Analyst 1. Leading a team of Cyber Treat Analysts in their day-to-day duties to include mentoring of team members 2. Actively monitor and assess internal information systems, networks, databases, and web-based security measures to maintain integrity and protect against cyber threats. Efficiently respond to security alerts within client-defined Service Level Agreements (SLAs). 3. Constantly review security logs, enhance SIEM content, and assist in deploying and maintaining security tools across various environments. 4. Proactively investigate emerging security trends, new attack methods, and techniques to anticipate and prevent potential system breaches. 5. Analyze threat and vulnerability data from multiple sources, such as Threat Intelligence databases or feeds, and promptly implement relevant mitigation techniques while issuing timely alerts and warnings. 6. Regularly contribute to comprehensive security monitoring reports, highlighting key findings and trends on a daily, weekly, and monthly basis. 7. Detect, remediate, and document network intrusions and system compromises through advanced malware analysis and forensic investigations of network activity, disk storage, and memory usage. 8. Exhibit flexibility in work hours by participating in a rotating shift schedule, including morning, afternoon, and night shifts. Be prepared to travel and have reliable transportation for on-site assignments as needed. 9. Perform routine security assessments and audits on network infrastructure and applications to identify potential vulnerabilities and suggest suitable security controls. 10. Engage in the development and maintenance of security policies, standards, and guidelines to ensure the organization's adherence to industry best practices and regulatory requirements. 11. Collaborate with cross-functional teams to incorporate security measures into software development life cycles, guaranteeing application security from design to deployment. 12. Create and deliver cybersecurity awareness training programs for employees to enhance their understanding of information security risks and best practices. 13. Conduct penetration testing and vulnerability assessments on internal and external systems to identify areas for improvement in the organization's security posture. 14. Provide assistance in investigating and resolving security incidents, offering technical expertise and guidance throughout the incident response process. 15. Contribute to the formulation of risk management strategies and plans, helping the organization identify, assess, and mitigate potential cybersecurity risks. 16. Evaluate emerging security technologies and solutions, recommending their potential benefits and applications within the organization. 17. Support the implementation and maintenance of a comprehensive data loss prevention (DLP) program, ensuring sensitive data is effectively safeguarded against unauthorized access and disclosure. 18. Participate in the design, implementation, and management of the organization's identity and access management (IAM) systems, guaranteeing proper access controls are in place to protect critical assets. 19. Curate and develop security advisory content in collaboration with relevant stakeholders, ensuring accurate and timely dissemination of critical information to enhance organizational awareness and resilience against cyber threats. 20. Develop security monitoring reports by analyzing and synthesizing relevant data, providing actionable insights and recommendations to improve the organization's cybersecurity posture and facilitate informed decision-making. Requirements • Candidate to have a degree in computer science, networking, information technology, information system/Information security, engineering (network/security), or a related field • The ideal candidate should possess excellent communication skills in English, as well as fluency in specific languages such as Kazakh and Russian, enabling seamless collaboration with stakeholders in diverse geographies. This linguistic capability is essential to effectively manage international threat intelligence operations, conduct incident coordination across regions, and support the organization's expansion plans into markets like Kazakhstan with a localized approach to cybersecurity awareness and compliance. • It is a must for candidate is to have a minimum of 2 to 5 years of comparable work experience in the networking and cyber security industries. • Candidate is to hold applicable and internationally recognized cybersecurity professional certifications, such as EC-Council Certified Ethical Hacker (CEH), EC-Council Certified Security Analyst (ECSA), CCNA Cybersecurity Operations, CompTIA Cybersecurity Analyst (CySA+), or CREST Certificates. • The candidate is to have good working experience and knowledge with Detection & Response, Vulnerability Management, Web security, Application Security, Intrusion Prevention System, Penetration Testing, antivirus, and Intrusion Detection System (IDS), among other technologies; SIEM, security event analysis, EDR, networking, operating systems, enterprise integrations, firewalls, routers, and VPN devices” • The role requires a highly specialized understanding of advanced SIEM tools like Splunk, Stellar Cyber, and LogRhythm, which are crucial for proactive threat hunting, log analysis, and real-time monitoring of complex cyber environments. Additionally, the candidate needs to be proficient in managing top-tier EDR solutions like CrowdStrike, Cylance, and SentinelOne, with a focus on developing custom detection rules, optimizing threat hunting queries, and automating threat response to minimize dwell time and reduce false positives effectively. • Given the rapidly evolving regulatory landscape, the role demands a thorough knowledge of global cybersecurity frameworks like NIST, ISO 27001, SWIFT CSP, PCI DSS, and GDPR, as well as the ability to implement and audit these standards within the organization. The candidate should be adept at developing and maintaining compliance programs, conducting readiness assessments, and ensuring adherence to strict regulatory requirements, providing tailored guidance to clients that aligns with both business needs and international security best practices. • Having strong familiarity with security information event management (SIEM) tools and concepts such as correlation, security log aggregation, data normalization, and parsing. • Having substantial experience and knowledge working with multiple operating systems, including Windows, Mac, and Linux. • Having proficiency in using scripting languages such as Python, Bash, or Powershell. • Expertise extends to database security and administration, which includes IBM, Oracle RDBMS, Salesforce MySQL/SQL, Cassandra, Amazon Aurora, Google Cloud Spanner, Microsoft Azure Cosmos DB, IBM Db2, Oracle Autonomous Database, and Alibaba Cloud PolarDB. • Having comprehensive understanding of attack vectors, including phishing, Distributed denial-of-service (DDoS) attacks, malware, SQL Injections, adversarial attacks, data poisoning attacks, Model Inversion Attacks, and Membership Inference Attacks, as well as AI-Aided Social Engineering Attacks. • Deep understanding of various cybersecurity-related software and tools, such as Crowdstrike, LogRhythm SIEM, Sumo Logic ArcSight, XDR (Stellar Cyber Open-XDR, CheckPoint Infinity, Palo Alto Networks Cortex XDR), and IBM QRadar InsightIDR. • Possessing a strong grasp of IP networking architecture, protocols, and security, with proven experience in IP subnetting, TCP, UDP, DNS, and DHCP. • Expertise in networking technologies, including the TCP/IP protocol suite, VLANs, IP addressing and subnetting, NAT, SDN, NFV, and more. Compulsory Soft Skills • The ideal candidate should possess excellent communication skills in English, as well as fluency in specific languages such as Kazakh and Russian, enabling seamless collaboration with stakeholders in diverse geographies. The ability to articulate complex concepts in both technical and non-technical terms is a valuable asset. • Strong leadership abilities and teamwork orientation, with the capacity to work independently and make informed decisions. • Exceptional presentation skills, effectively engaging and communicating with diverse audiences. Location: Kuala Lumpur City Centre Work Mode: In-person at the physical office