Position Title: Security Operations Center (SOC) Analyst Level 3
Department: Information Security
Location: Kuala Lumpur
Role Overview
The SOC Level 3 Analyst is a senior cybersecurity role responsible for leading advanced threat detection, incident response, and threat hunting activities. This position ensures the bank's security operations are resilient, compliant with regulatory requirements, and continuously evolving to counter emerging threats. The analyst will also play a key role in regulatory reporting and audit readiness.
Key Responsibilities
1. Advanced Threat Detection & Analysis
- Perform deep analysis of complex security incidents using SIEM, EDR, and threat intelligence platforms.
- Correlate data across multiple sources to identify patterns, anomalies, and indicators of compromise (IOCs).
- Escalate validated threats with detailed technical assessments and impact analysis.
2. Incident Response Leadership
- Lead containment, eradication, and recovery efforts for major cybersecurity incidents.
- Conduct forensic investigations, including memory analysis, disk imaging, and log correlation.
- Maintain and enhance incident response playbooks and workflows.
3. Threat Hunting & Intelligence Integration
- Proactively hunt for advanced threats using hypothesis-driven techniques and behavioral analytics.
- Integrate threat intelligence feeds to enrich detection and response capabilities.
- Identify visibility gaps and recommend improvements to monitoring infrastructure.
4. Compliance & Reporting
Ensure SOC operations align with regulatory frameworks, including:
oBank Negara Malaysia's RMiT Guidelines
oISO/IEC 27001
oPCI DSS
oNIST Cybersecurity Framework
- Maintain detailed documentation of incidents, investigations, and response actions for audit and compliance.
- Prepare and submit periodic reports, including:
oKey Risk Indicators (KRIs)
oIncident metrics and trends
oRegulatory disclosures to Bank Negara Malaysia (BNM)
- Support internal and external audits by providing evidence and walkthroughs of SOC processes.
5. Collaboration & Escalation Management
- Act as the technical escalation point for complex incidents and SOC challenges.
- Collaborate with IT, application teams, MSSPs, and law enforcement during investigations.
- Provide mentorship and technical guidance to junior SOC analysts.
6. Continuous Improvement & Innovation
- Participate in red/blue/purple team exercises to validate SOC readiness.
- Recommend enhancements to detection rules, automation workflows, and response strategies.
- Stay current with emerging threats, attack techniques, and defensive technologies.
Required Skills & Qualifications
- Extensive experience in SOC operations, incident response, and threat hunting.
- Proficiency with:
oSIEM: Chronicle SIEM
oEDR: SentinelOne
oSecure Web Gateway: Menlo Security
oEmail Security: Proofpoint
oIntrusion Prevention System: Trellix IPS
- Strong understanding of MITRE ATT&CK, cyber kill chain, and adversary TTPs.
- Expertise in log analysis, packet capture review, and malware reverse engineering.
- Familiarity with regulatory frameworks (RMiT, ISO 27001, PCI DSS).
- Excellent analytical, problem-solving, and communication skills.
- Relevant certifications (e.g., GCIH, GCFA, OSCP, CTIA, CHFI) are highly preferred.
