Security Operation Center

Location: Kuala Lumpur

Project Duration: Long

Shift Timing (Regular/Rotational): Rotational

Work Model (Remote/Hybrid/Onsite): Onsite, work from office

Required skills:

● 2-5 Years of Experience in SOC

● Familiarity and experience in implementation of or two SIEM products (LogRhythm, QRadar, SA, Sentinel, Arcsight etc).

● Install / configure / build / fine-tune the SIEM tools to setup an effective information security support

● Establish KPI, review & manage security logs and provide reports based on KPI and metrics.

● Hands-on knowledge of Correlation rules creation / Update / Deletion

● Familiarity of ITIL and ISO processes

● Excellent communication and customer interaction

Key Responsibilities:

● Monitoring of security incidents in 24x7 rotational shifts.

● Provide support to the team for escalated incidents.

● Periodic review of events and standard reports and provide an analysis report.

● Define content and periodicity of reports.

● Customize processes and incident analysis procedures based on the new threats.

● Analyze unstructured threat intelligence reports and enhance correlation rules.

● Fine tune and add correlation rules as per Client environment changes and threat environment.

● Provide guidance to Security Analysts for creating the SOP to handle the alerts for new correlation rules.

● Ensure ticket assignment / reassignment as per SLA

Arcsight, sentinel , Iso, Soc, Customer Interaction, Itil, logrhythm , SA, Siem, Communication, Qradar