Senior Security Operations Analyst
Coda Payments
- Kuala Lumpur
- Permanent
- Full-time
- Effectively use Security Information and Event Management (SIEM) to detect and investigate security incidents/alerts for vulnerabilities exploits, denial of service (DoS) attacks, malware attacks, network intrusions, authorization/authentication attempts, and other forms of data breaches
- Perform security review of applications, infrastructure, system, email, middleware, network, database logs, rules, or security settings to identify suspicious or abnormal activities
- Document and maintain comprehensive records of security incidents, including detailed analysis of incident timelines, impact assessments, and remediation actions taken
- Conduct real-time security investigations to initiate triage, containment, and remediation of security threats and other malicious activity
- Build and formalize a cyber threat intelligence framework to consist of TTPs, indicators of compromise, methodology, and classifications of strategic, tactical, and operational.
- Building and designing security incident playbooks and operating procedures, including providing communications with other teams, evidence collection, and other documentation
- Be able to maintain and build new data ingestion pipelines for the in-house SIEM.
- Kept informed of the evolving security threat landscape, including detailed technical knowledge about the most prevalent threat groups, malware, attack methods, and vulnerabilities.
- At least 8 years of experience in security operations, with 3-4 years of AWS cloud experience.
- In-depth knowledge of SIEM including setting up data ingestion models and pipelines.
- ElasticSearch experience is considered as an advantage.
- Familiarity with MITRE, NIST CSF frameworks.
- Deep understanding of packet analysis, HTTP/S traffic analysis
- Knowledge in scripting languages such as Python, Go.
- GCIA, GCIH, GCFA, GREM, GNFA, GCTI certification is a plus
- Excellent communication skills.