Security Operations Center Analyst

Position Title: Security Operations Center (SOC) Analyst Level 3

Department: Information Security

Location: Kuala Lumpur

Role Overview

The SOC Level 3 Analyst is a senior cybersecurity role responsible for leading advanced threat detection, incident response, and threat hunting activities. This position ensures the bank's security operations are resilient, compliant with regulatory requirements, and continuously evolving to counter emerging threats. The analyst will also play a key role in regulatory reporting and audit readiness.

Key Responsibilities

1. Advanced Threat Detection & Analysis

Perform deep analysis of complex security incidents using SIEM, EDR, and threat intelligence platforms.

Correlate data across multiple sources to identify patterns, anomalies, and indicators of compromise (IOCs).

Escalate validated threats with detailed technical assessments and impact analysis.

2. Incident Response Leadership

Lead containment, eradication, and recovery efforts for major cybersecurity incidents.

Conduct forensic investigations, including memory analysis, disk imaging, and log correlation.

Maintain and enhance incident response playbooks and workflows.

3. Threat Hunting & Intelligence Integration

Proactively hunt for advanced threats using hypothesis-driven techniques and behavioral analytics.

Integrate threat intelligence feeds to enrich detection and response capabilities.

Identify visibility gaps and recommend improvements to monitoring infrastructure.

4. Compliance & Reporting

Ensure SOC operations align with regulatory frameworks, including:

o Bank Negara Malaysia's RMiT Guidelines

o ISO/IEC 27001

o PCI DSS

o NIST Cybersecurity Framework

Maintain detailed documentation of incidents, investigations, and response actions for audit and compliance.

Prepare and submit periodic reports, including:

o Key Risk Indicators (KRIs)

o Incident metrics and trends

o Regulatory disclosures to Bank Negara Malaysia (BNM)

Support internal and external audits by providing evidence and walkthroughs of SOC processes.

5. Collaboration & Escalation Management

Act as the technical escalation point for complex incidents and SOC challenges.

Collaborate with IT, application teams, MSSPs, and law enforcement during investigations.

Provide mentorship and technical guidance to junior SOC analysts.

6. Continuous Improvement & Innovation

Participate in red/blue/purple team exercises to validate SOC readiness.

Recommend enhancements to detection rules, automation workflows, and response strategies.

Stay current with emerging threats, attack techniques, and defensive technologies.

Required Skills & Qualifications

Extensive experience in SOC operations, incident response, and threat hunting.

Proficiency with:

o SIEM: Chronicle SIEM

o EDR: SentinelOne

o Secure Web Gateway: Menlo Security

o Email Security: Proofpoint

o Intrusion Prevention System: Trellix IPS

Strong understanding of MITRE ATT&CK, cyber kill chain, and adversary TTPs.

Expertise in log analysis, packet capture review, and malware reverse engineering.

Familiarity with regulatory frameworks (RMiT, ISO 27001, PCI DSS).

Excellent analytical, problem-solving, and communication skills.

Relevant certifications (e.g., GCIH, GCFA, OSCP, CTIA, CHFI) are highly preferred.