251 Security Operations jobs in Malaysia

Overview

Security Operations Center Analyst-Level3

Responsibilities

• Manage and resolve complex L3 level incidents in a Security Operations Center (SOC)
• Understand how the overall SOC function works
• Understand the monitoring tools used in the SOC
• Demonstrate effective communication in English

Qualifications

• Total experience of 6 to 8 years working in a Security Operations Center (SOC)
• At least 3 years of hands-on experience managing and resolving complex L3 level incidents in a SOC
• A deep understanding of how the overall SOC function works
• A deep understanding of the different monitoring tools used in the SOC
• Any experience of working in a SOC setup in Asia in a multi-country setup is an added advantage
• Excellent communication skills in English

About PureSoftware

PureSoftware, a wholly owned subsidiary of Happiest Minds Technologies, is a global software products and digital services company. PureSoftware has been driving transformation for the world’s top organizations across various industry verticals, including banking, financial services, and insurance, life sciences and healthcare, high tech and communications, retail and logistics, and gaming and entertainment. Arttha, from PureSoftware, is a globally trusted financial technology platform.

PureSoftware is Great Place to Work Certified in India for the third consecutive year

You can visit our website at

Seniority level

Mid-Senior level

Employment type

Full-time

Job function

Information Technology, Other, and Analyst

Industries: Insurance, Financial Services, and Banking

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

#J-18808-Ljbffr

Overview

Security Operations Center Analyst (SOC Analyst) – Level 2, with advanced proficiency in Microsoft Sentinel. About Ekco

Founded in 2016 Ekco is one of the fastest growing cloud solution providers in Europe. We specialise in enabling companies to progress along the path of cloud maturity, managing transformation and driving better outcomes from our customers’ existing technology investments. We have over 600 colleagues across regional offices in the UK, Netherlands, Ireland & Malaysia. Role and responsibilities

Utilize Microsoft Sentinel to conduct in-depth analysis of security incidents and alerts. Investigate and assess the scope, impact, and root cause of incidents, providing detailed reports. Actively participate in incident response activities, coordinating with Level 1 and Level 3 analysts. Develop and execute comprehensive incident response plans, ensuring efficient containment and eradication. Proactively hunt for potential security threats and vulnerabilities using Microsoft Sentinel. Stay informed about emerging threats and provide recommendations for enhancing detection capabilities. Serve as a subject matter expert on Microsoft Sentinel, providing guidance to Level 1 analysts. Collaborate with other security teams to implement and enhance security controls. Develop and maintain detailed documentation, including playbooks and standard operating procedures. Identify opportunities for process improvement within the SOC, contributing to the enhancement of workflows and tooling. Stay current with industry trends, new threats, and advancements in cybersecurity. Requirements

Bachelor's degree in Cybersecurity, Information Technology, or a related field (or equivalent work experience). Minimum of 3 years of experience in a SOC Level 2 environment, with a focus on incident analysis and response. Advanced expertise in working with Microsoft Sentinel for security monitoring and incident investigation. Strong understanding of cybersecurity principles, threat intelligence, and incident response best practices. Relevant certifications such as CompTIA Security+, CySA+, Microsoft SC-200, GIAC Certified Incident Handler (GCIH), or equivalent would be an advantage. Proficient in scripting and automation for SOC tasks (e.g., PowerShell). Strong analytical and problem-solving skills with meticulous attention to detail. Bonus points for familiarity with cloud security concepts and platforms (especially Microsoft Azure), experience with other SIEM solutions, knowledge of network protocols, firewall technologies, intrusion detection/prevention systems, and familiarity with regulatory frameworks (e.g., GDPR, NIST, ISO 27001). Why Ekco

Microsoft’s 2023 Rising Star Security Partner of the Year VMware & Veeam top partner status Ranked as 4th fastest growing technology company in the Deloitte Fast50 Awards Commitment to diversity, equality, inclusion and belonging Internal mobility and opportunities for development and progression Flexible working with a family-friendly focus

#J-18808-Ljbffr

Overview

Security Operations Center Analyst-Level3 Responsibilities

Manage and resolve complex L3 level incidents in a Security Operations Center (SOC) Understand how the overall SOC function works Understand the monitoring tools used in the SOC Demonstrate effective communication in English Qualifications

Total experience of 6 to 8 years working in a Security Operations Center (SOC) At least 3 years of hands-on experience managing and resolving complex L3 level incidents in a SOC A deep understanding of how the overall SOC function works A deep understanding of the different monitoring tools used in the SOC Any experience of working in a SOC setup in Asia in a multi-country setup is an added advantage Excellent communication skills in English About PureSoftware

PureSoftware, a wholly owned subsidiary of Happiest Minds Technologies, is a global software products and digital services company. PureSoftware has been driving transformation for the world’s top organizations across various industry verticals, including banking, financial services, and insurance, life sciences and healthcare, high tech and communications, retail and logistics, and gaming and entertainment. Arttha, from PureSoftware, is a globally trusted financial technology platform. PureSoftware is Great Place to Work Certified in India for the third consecutive year You can visit our website at Seniority level

Mid-Senior level Employment type

Full-time Job function

Information Technology, Other, and Analyst Industries: Insurance, Financial Services, and Banking We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

#J-18808-Ljbffr

Security Operations Center Engineer

iSoftStone Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia

About Us

A leading global technology conglomerate renowned for its extensive ecosystem of digital services and platforms. With a strong presence in cloud computing, gaming, social media, and enterprise solutions, the organization supports millions of users and businesses worldwide. It emphasizes innovation, scalability, and security, making it a key player in driving digital transformation across various industries.

Job Responsibilities

• Responsible for daily alert monitoring, analysis, initial triage and classification.
• Use a SIEM platform (e.g., Splunk, Elasticsearch) to collect logs and analyze events.
• Respond to, record, escalate and report security incidents based on SOP.
• Review and process Parsec and PAN whitelisting requests.
• Monitor the status and completion of vulnerability scans, and regularly review vulnerability scan reports.
• Monitor security tickets generated by platforms such as WAF, vulnerability scanning, EDR, and CPI, and identify the asset owner responsible for each ticket.
• Handle privileged access, system configuration compliance, and collaborate on vulnerability management.
• Analyze network traffic and logs to identify potential threats.
• Conduct periodic vulnerability assessments and remediation follow-up.
• Support the implementation of security policies, standards, and procedures.
• Perform routine maintenance on security devices (patching, configuration updates, firmware upgrades).

Job Requirements

• Minimum bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or a related field.
• Minimum 1 year working experience in network security and cybersecurity-related fields.
• Understanding of networking and security devices (firewall, IDS/IPS).
• Understanding of common cybersecurity threats, such as phishing, brute-force attacks, and malware.
• Understanding of common SaaS applications such as Jira and Office 365.
• Strong analytical and troubleshooting skills.
• Able to work shifts and perform well under pressure.
• Willingness to solve challenges in a practical, hands-on manner.

Good to have

• Ability to perform automation when required, using programming languages such as PowerShell, Bash, Python, or Java.
• Experience in SOC environments and participation in cyber drills.
• Strong knowledge of standards, guidelines, and best practices (e.g., ISO 27001, CIS Benchmark).
• Strong command of English and Mandarin Chinese, with good communication and writing skills.

Seniority level

• Mid-Senior level

Employment type

• Contract

Job function

• Information Technology

Industries

• IT Services and IT Consulting and IT System Custom Software Development

#J-18808-Ljbffr

Overview

This role will report to the Head of IT Security, Malaysia. The SOC Lead will primarily be responsible for leading Great Eastern Next Generation Security Operations Centre (NGSOC) Team and act as a single point of contact to the management team for further action. Serves as primary escalation point of the SOC Analyst for any identified potential anomalies and will perform in-depth investigation into the matters. In the event of security incident, the SOC Lead will also serve as the primary incident responder and ensure that communications as well as adequate resolutions are implemented on a timely basis.

Responsibilities

• Lead the operation of Next Generation Security Operations Centre (NGSOC).
• Lead and support security operations tasks such as cyber intelligence gathering, threat hunting, security monitoring and log review (SIEM) and incident response.
• Plan, develop and constantly review SOC related policies, standards and procedures.
• Manage cyber incidents associated with threats, intrusions, compromise, unusual, unauthorized or illegal activity via Incident Response and CSIRT framework.
• Handle escalations from SOC analysts and Managed Security Service Providers (MSSP) ensuring escalations are handled within agreed SLAs.
• Collaborate with other functions such as Infra, Network, End User Computing, Cloud and Technology teams.
• Coordinate with Risk Management, Assurance & Audit and Risk & Compliance to ensure security tools implementation and reporting, and manage risk matters adequately.
• Provide regular reports to management on the status of the SOC’s operations, security incidents and security posture, and highlight trends based on SOC metrics.
• Review and upgrade SOC related system components (such as SIEM, SOAR) to ensure effective operational and defensive capabilities.
• Identify gaps and propose countermeasures including training requirements for the SOC team and handling audit and compliance for overall SOC operations.
• Takes accountability for business and regulatory compliance risks and mitigates them appropriately.
• Maintain awareness of industry trends on regulatory compliance, emerging threats and technologies to better safeguard the company.
• Highlight potential concerns/risks and proactively share best risk management practices.

Qualifications

• Possess at least a Degree/Master’s Degree in Computer Science/Information Technology/Engineering or equivalent. IT security related certifications (CISSP, CISA, etc.) are a plus.
• Minimum 7 years of working experience in SOC & Information Security.
• Experience in handling security incidents and process improvement.
• Broad knowledge in infrastructure, information and application security (e.g., DMZ, PKI, SSL, multi-factor authentication, cryptography, secure communications) and related tools such as SIEM and SOAR.
• Familiarity with security frameworks such as NIST CSF, ISO27001, PCI DSS and CIS Critical Security Controls.
• Strong analytical and problem-solving skills with the ability to identify and assess security risks and develop mitigation strategies.
• Experience with incident management and response, including post-incident reviews and corrective action plans.
• Knowledge of current security events and a demonstrated passion to stay informed of best practices and trends.
• Excellent communication and leadership skills, with the ability to motivate and inspire a team to achieve its goals.
• High integrity, accountability and teamwork oriented attitude.
• Takes initiative to improve current state and is adaptable to new changes.

How you succeed

• Champion and embody our Core Values in everyday tasks and interactions.
• Demonstrate high integrity and accountability.
• Take initiative to drive improvements and embrace change.
• Take accountability for business and regulatory compliance risks, implementing measures to mitigate them effectively.
• Keep abreast with industry trends, regulatory compliance and emerging threats to proactively safeguard the company.

Who we are

Founded in 1908, Great Eastern is a well-established market leader and trusted brand in Singapore and Malaysia. With over S$100 billion in assets and more than 16 million policyholders, including 12.5 million from government schemes, it provides insurance solutions through three distribution channels – tied agency force, bancassurance, and Great Eastern Financial Advisers. The Group also operates in Indonesia and Brunei. The Great Eastern Life Assurance Company Limited and Great Eastern General Insurance Limited have AA- financial strength ratings from S&P Global Ratings since 2010. Great Eastern’s asset management subsidiary, Lion Global Investors Limited, is a leading asset manager in Southeast Asia. Great Eastern is a subsidiary of OCBC, a major regional bank with strong credit ratings.

To all recruitment agencies: Great Eastern does not accept unsolicited agency resumes. Please do not forward resumes to our email or our employees. We will not be responsible for any fees related to unsolicited resumes.

#J-18808-Ljbffr

Overview

This role reports to Security Operations Center (SOC) Lead under the Next Generation Security Operation Center (NGSOC) Domain. As part of GE NGSOC, this position provides end to end technical support for STMR management platforms such as QRadar SIEM, Palo Alto XSOAR and others delivered by IT Security.

Responsibilities

• Lead Security Threat Monitoring and Response (STMR) tower and act as the main liaison for all platforms within the NGSOC department.
• Lead and work closely with designated Manage Security Service Provider (MSSP) to operate, troubleshoot and maintain availability of STMR management platforms and all assets in security platforms managed and owned by Great Eastern.
• Monitor, review and respond to security alerts escalated from NGSOC; manage cyber incidents related to threats, intrusions, compromise, and unusual or unauthorized activity via CSIRT framework.
• Create and fine-tune policies and rules within STMR management security platforms and other log sources to correlate events and improve detection capability.
• Assist in recommending, planning and implementing security measures or enhancements to protect computer systems, networks and data.
• Work closely with Risk and Compliance during audits and with the CSIRT team during IT security incidents and crisis situations.
• Takes accountability for business and regulatory compliance risks and takes appropriate steps to mitigate them.
• Maintains awareness of industry trends on regulatory compliance, emerging threats and technologies to understand risk and safeguard the company.
• Highlight potential concerns/risks and proactively share best risk management practices.

Qualifications

• Possess at least a diploma/degree/professional degree/master’s degree in Computer Science/Information Technology/Engineering or equivalent.
• At least 5 years of working experience in related field.
• Intermediate knowledge and skills in handling security systems such as SIEM, SOAR; knowledge of other security products is an added value.
• Intermediate experience in handling cyber security alerts and incidents.
• Strong analytical and problem-solving skills.
• Good knowledge of Incident Response and Investigative methodology.
• Self-motivated and a team player.
• Information Security Certification involving incident response, ethical hacking, or cybersecurity (e.g., GCIA, GCIH, CISSP, CEH) will be an added advantage.
• High level of integrity, accountability and good teamwork attitude.
• Takes initiative to improve current state and adapt to change.

How you succeed

• Champion and embody our Core Values in everyday tasks and interactions.
• Demonstrate high level of integrity and accountability.
• Take initiative to drive improvements and embrace change.
• Take accountability of business and regulatory compliance risks, implementing measures to mitigate them effectively.
• Keep abreast with industry trends, regulatory compliance, and emerging threats and technologies to understand and highlight potential concerns/risks to safeguard our company proactively.

Who we are

Founded in 1908, Great Eastern is a well-established market leader and trusted brand in Singapore and Malaysia. With over S$100 billion in assets and more than 16 million policyholders, including 12.5 million from government schemes, it provides insurance solutions to customers through three successful distribution channels – a tied agency force, bancassurance, and financial advisory firm Great Eastern Financial Advisers. The Group also operates in Indonesia and Brunei.

The Great Eastern Life Assurance Company Limited and Great Eastern General Insurance Limited have been assigned the financial strength and counterparty credit ratings of "AA-" by S&P Global Ratings since 2010, one of the highest among Asian life insurance companies. Great Eastern's asset management subsidiary, Lion Global Investors Limited, is one of the leading asset management companies in Southeast Asia.

Great Eastern is a subsidiary of OCBC, the longest established Singapore bank, formed in 1932. It is the second largest financial services group in Southeast Asia by assets and one of the world’s most highly-rated banks, with an Aa1 rating from Moody’s and AA- by both Fitch and S&P. Recognised for its financial strength and stability, OCBC is consistently ranked among the World’s Top 50 Safest Banks by Global Finance and has been named Best Managed Bank in Singapore by The Asian Banker.

#J-18808-Ljbffr

Overview

This role will report to the Head of IT Security, Malaysia. The SOC Lead will primarily be responsible for leading Great Eastern Next Generation Security Operations Centre (NGSOC) Team and act as a single point of contact to the management team for further action. Serves as primary escalation point of the SOC Analyst for any identified potential anomalies and will perform in-depth investigation into the matters. In the event of security incident, the SOC Lead will also serve as the primary incident responder and ensure that communications as well as adequate resolutions are implemented on a timely basis. Responsibilities

Lead the operation of Next Generation Security Operations Centre (NGSOC). Lead and support security operations tasks such as cyber intelligence gathering, threat hunting, security monitoring and log review (SIEM) and incident response. Plan, develop and constantly review SOC related policies, standards and procedures. Manage cyber incidents associated with threats, intrusions, compromise, unusual, unauthorized or illegal activity via Incident Response and CSIRT framework. Handle escalations from SOC analysts and Managed Security Service Providers (MSSP) ensuring escalations are handled within agreed SLAs. Collaborate with other functions such as Infra, Network, End User Computing, Cloud and Technology teams. Coordinate with Risk Management, Assurance & Audit and Risk & Compliance to ensure security tools implementation and reporting, and manage risk matters adequately. Provide regular reports to management on the status of the SOC’s operations, security incidents and security posture, and highlight trends based on SOC metrics. Review and upgrade SOC related system components (such as SIEM, SOAR) to ensure effective operational and defensive capabilities. Identify gaps and propose countermeasures including training requirements for the SOC team and handling audit and compliance for overall SOC operations. Takes accountability for business and regulatory compliance risks and mitigates them appropriately. Maintain awareness of industry trends on regulatory compliance, emerging threats and technologies to better safeguard the company. Highlight potential concerns/risks and proactively share best risk management practices. Qualifications

Possess at least a Degree/Master’s Degree in Computer Science/Information Technology/Engineering or equivalent. IT security related certifications (CISSP, CISA, etc.) are a plus. Minimum 7 years of working experience in SOC & Information Security. Experience in handling security incidents and process improvement. Broad knowledge in infrastructure, information and application security (e.g., DMZ, PKI, SSL, multi-factor authentication, cryptography, secure communications) and related tools such as SIEM and SOAR. Familiarity with security frameworks such as NIST CSF, ISO27001, PCI DSS and CIS Critical Security Controls. Strong analytical and problem-solving skills with the ability to identify and assess security risks and develop mitigation strategies. Experience with incident management and response, including post-incident reviews and corrective action plans. Knowledge of current security events and a demonstrated passion to stay informed of best practices and trends. Excellent communication and leadership skills, with the ability to motivate and inspire a team to achieve its goals. High integrity, accountability and teamwork oriented attitude. Takes initiative to improve current state and is adaptable to new changes. How you succeed

Champion and embody our Core Values in everyday tasks and interactions. Demonstrate high integrity and accountability. Take initiative to drive improvements and embrace change. Take accountability for business and regulatory compliance risks, implementing measures to mitigate them effectively. Keep abreast with industry trends, regulatory compliance and emerging threats to proactively safeguard the company. Who we are

Founded in 1908, Great Eastern is a well-established market leader and trusted brand in Singapore and Malaysia. With over S$100 billion in assets and more than 16 million policyholders, including 12.5 million from government schemes, it provides insurance solutions through three distribution channels – tied agency force, bancassurance, and Great Eastern Financial Advisers. The Group also operates in Indonesia and Brunei. The Great Eastern Life Assurance Company Limited and Great Eastern General Insurance Limited have AA- financial strength ratings from S&P Global Ratings since 2010. Great Eastern’s asset management subsidiary, Lion Global Investors Limited, is a leading asset manager in Southeast Asia. Great Eastern is a subsidiary of OCBC, a major regional bank with strong credit ratings. To all recruitment agencies:

Great Eastern does not accept unsolicited agency resumes. Please do not forward resumes to our email or our employees. We will not be responsible for any fees related to unsolicited resumes.

#J-18808-Ljbffr

Overview

This role reports to Security Operations Center (SOC) Lead under the Next Generation Security Operation Center (NGSOC) Domain. As part of GE NGSOC, this position provides end to end technical support for STMR management platforms such as QRadar SIEM, Palo Alto XSOAR and others delivered by IT Security. Responsibilities

Lead Security Threat Monitoring and Response (STMR) tower and act as the main liaison for all platforms within the NGSOC department. Lead and work closely with designated Manage Security Service Provider (MSSP) to operate, troubleshoot and maintain availability of STMR management platforms and all assets in security platforms managed and owned by Great Eastern. Monitor, review and respond to security alerts escalated from NGSOC; manage cyber incidents related to threats, intrusions, compromise, and unusual or unauthorized activity via CSIRT framework. Create and fine-tune policies and rules within STMR management security platforms and other log sources to correlate events and improve detection capability. Assist in recommending, planning and implementing security measures or enhancements to protect computer systems, networks and data. Work closely with Risk and Compliance during audits and with the CSIRT team during IT security incidents and crisis situations. Takes accountability for business and regulatory compliance risks and takes appropriate steps to mitigate them. Maintains awareness of industry trends on regulatory compliance, emerging threats and technologies to understand risk and safeguard the company. Highlight potential concerns/risks and proactively share best risk management practices. Qualifications

Possess at least a diploma/degree/professional degree/master’s degree in Computer Science/Information Technology/Engineering or equivalent. At least 5 years of working experience in related field. Intermediate knowledge and skills in handling security systems such as SIEM, SOAR; knowledge of other security products is an added value. Intermediate experience in handling cyber security alerts and incidents. Strong analytical and problem-solving skills. Good knowledge of Incident Response and Investigative methodology. Self-motivated and a team player. Information Security Certification involving incident response, ethical hacking, or cybersecurity (e.g., GCIA, GCIH, CISSP, CEH) will be an added advantage. High level of integrity, accountability and good teamwork attitude. Takes initiative to improve current state and adapt to change. How you succeed

Champion and embody our Core Values in everyday tasks and interactions. Demonstrate high level of integrity and accountability. Take initiative to drive improvements and embrace change. Take accountability of business and regulatory compliance risks, implementing measures to mitigate them effectively. Keep abreast with industry trends, regulatory compliance, and emerging threats and technologies to understand and highlight potential concerns/risks to safeguard our company proactively. Who we are

Founded in 1908, Great Eastern is a well-established market leader and trusted brand in Singapore and Malaysia. With over S$100 billion in assets and more than 16 million policyholders, including 12.5 million from government schemes, it provides insurance solutions to customers through three successful distribution channels – a tied agency force, bancassurance, and financial advisory firm Great Eastern Financial Advisers. The Group also operates in Indonesia and Brunei. The Great Eastern Life Assurance Company Limited and Great Eastern General Insurance Limited have been assigned the financial strength and counterparty credit ratings of "AA-" by S&P Global Ratings since 2010, one of the highest among Asian life insurance companies. Great Eastern's asset management subsidiary, Lion Global Investors Limited, is one of the leading asset management companies in Southeast Asia. Great Eastern is a subsidiary of OCBC, the longest established Singapore bank, formed in 1932. It is the second largest financial services group in Southeast Asia by assets and one of the world’s most highly-rated banks, with an Aa1 rating from Moody’s and AA- by both Fitch and S&P. Recognised for its financial strength and stability, OCBC is consistently ranked among the World’s Top 50 Safest Banks by Global Finance and has been named Best Managed Bank in Singapore by The Asian Banker.

#J-18808-Ljbffr

Security Operations Center Engineer

iSoftStone Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia About Us

A leading global technology conglomerate renowned for its extensive ecosystem of digital services and platforms. With a strong presence in cloud computing, gaming, social media, and enterprise solutions, the organization supports millions of users and businesses worldwide. It emphasizes innovation, scalability, and security, making it a key player in driving digital transformation across various industries. Job Responsibilities

Responsible for daily alert monitoring, analysis, initial triage and classification. Use a SIEM platform (e.g., Splunk, Elasticsearch) to collect logs and analyze events. Respond to, record, escalate and report security incidents based on SOP. Review and process Parsec and PAN whitelisting requests. Monitor the status and completion of vulnerability scans, and regularly review vulnerability scan reports. Monitor security tickets generated by platforms such as WAF, vulnerability scanning, EDR, and CPI, and identify the asset owner responsible for each ticket. Handle privileged access, system configuration compliance, and collaborate on vulnerability management. Analyze network traffic and logs to identify potential threats. Conduct periodic vulnerability assessments and remediation follow-up. Support the implementation of security policies, standards, and procedures. Perform routine maintenance on security devices (patching, configuration updates, firmware upgrades). Job Requirements

Minimum bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or a related field. Minimum 1 year working experience in network security and cybersecurity-related fields. Understanding of networking and security devices (firewall, IDS/IPS). Understanding of common cybersecurity threats, such as phishing, brute-force attacks, and malware. Understanding of common SaaS applications such as Jira and Office 365. Strong analytical and troubleshooting skills. Able to work shifts and perform well under pressure. Willingness to solve challenges in a practical, hands-on manner. Good to have

Ability to perform automation when required, using programming languages such as PowerShell, Bash, Python, or Java. Experience in SOC environments and participation in cyber drills. Strong knowledge of standards, guidelines, and best practices (e.g., ISO 27001, CIS Benchmark). Strong command of English and Mandarin Chinese, with good communication and writing skills. Seniority level

Mid-Senior level Employment type

Contract Job function

Information Technology Industries

IT Services and IT Consulting and IT System Custom Software Development

#J-18808-Ljbffr