Search by job, company or skills

CFI Financial Group

SOC L2 Analyst

CFI Financial Group
Petaling Jaya, Malaysia, Selangor
4-6 Years
new job description bg glownew job description bg glownew job description bg svg
  • Posted 15 days ago
  • Be among the first 10 applicants
Early Applicant

Job Description

Who are we

CFI Financial Group is an award-winning trading provider, possessing more than 25 years of experience with multiple offices around the world including London, Larnaca, Beirut, Amman, Dubai, Kuwait, Port Louis, and others.

Check out more about CFI here.

CFI is hiring! Make your mark in the online trading industry.

Are you looking to pursue a career in finance Do you want to work with a dynamic and growing team in the exciting world of online trading and investing If you answered yes, then we have some amazing opportunities for you!

Position Summary

The Security Operations Center (SOC) Level 2 Analyst is responsible for advanced security monitoring, threat analysis, and incident investigation for the company's virtual asset trading platform. This role acts as the escalation point for Level 1 analysts and leads complex incident response activities.

You will play a key role in ensuring cybersecurity compliance and safeguarding client assets and platform integrity.

Key Responsibilities

Incident Response & Investigation

  • Lead investigation of escalated security incidents, including root cause analysis and scope assessment.
  • Coordinate incident response activities according to the Company's Incident Response Plan.
  • Conduct forensic analysis across network, endpoint, and blockchain-related systems.
  • Prepare detailed incident reports for management and regulatory requirements.
  • Maintain and document incident response playbooks.

Threat Detection & Analysis

  • Monitor and analyze alerts from SIEM, EDR, IDS/IPS, and blockchain analytics tools.
  • Develop and tune detection rules to reduce false positives.
  • Perform threat hunting to identify APTs and insider threats.
  • Analyze IOCs and relevant threat intelligence feeds.
  • Monitor wallet-related security activity and potential unauthorized access.

Security Operations

  • Provide guidance and mentorship to SOC L1 analysts.
  • Review and validate alerts escalated by L1 team members.
  • Participate in the vulnerability management program, including prioritization and remediation follow-up.
  • Support penetration testing and remediation verification.
  • Maintain dashboards and security operations reporting metrics.

Compliance & Reporting

  • Ensure alignment with regulatory reporting requirements.
  • Support annual technical and cybersecurity audits.
  • Contribute to monthly security incident reporting.
  • Maintain comprehensive security logs per retention requirements.

Requirements

Essential Requirements

  • Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or related field.
  • 4–5 years of experience in security operations or incident response.
  • Strong understanding of network, endpoint, and cloud security principles.
  • Hands-on experience with SIEM platforms (e.g., Splunk, QRadar, Wazuh, Microsoft Sentinel).
  • Experience with EDR/XDR solutions and forensic analysis tools.
  • Knowledge of attack frameworks (MITRE ATT&CK) and threat intelligence methodologies.
  • Familiarity with incident response frameworks.
  • Strong analytical and problemsolving skills.
  • Ability to work in a 24/7 shift environment and be on-call for critical incidents.

Preferred Qualifications

  • Certifications such as GCIH, GCFA, CySA+, CEH, or equivalent.
  • Experience in financial services, fintech, or virtual asset/cryptocurrency industries.
  • Knowledge of blockchain technology, wallet security, and crypto transaction analysis.
  • Experience with blockchain analytics (e.g., Chainalysis, Elliptic).
  • Familiarity with VASP regulatory requirements.
  • Experience with cloud security monitoring (AWS, Azure, GCP).
  • Scripting experience in Python, PowerShell, or similar languages.
  • Understanding of MPC custody systems and key management.

Technical Skills

  • SIEM administration and correlation rule development
  • Network traffic analysis and packet inspection
  • Malware analysis fundamentals
  • Log analysis across multiple platforms
  • Vulnerability assessment and management
  • EDR platforms
  • Threat intelligence platforms and feeds
  • Incident tracking and case management systems

Expanded Security & Platform Experience (Preferred)

  • Experience with crypto trading platforms, exchange operations, and trading-related security risks
  • Securing highavailability and lowlatency trading environments
  • Experience with Cloudflare, Akamai, and similar platforms:
  • WAF
  • DDoS protection
  • Bot management
  • CDN and edge protection
  • Experience across multi-cloud security (AWS, Azure, GCP)
  • Ability to analyze attacks targeting trading engines, APIs, and customer-facing platforms

Why Join CFI

  • Fastgrowing multinational company
  • Competitive salary and benefits
  • Work alongside industry professionals
  • Supportive and collaborative environment
  • Unlimited growth and development opportunities

More Info

Job Type:
Permanent Job
Industry:
Other
Function:
Finance
Employment Type:
Full time

About Company

CFI Financial Group

Job ID: 144866659

Jobs by Skill - IT
Jobs by Skill - Non IT
International Jobs
Last Updated: 07-04-2026 04:51:33 PM
Homejobs in Petaling JayaSOC L2 Analyst

Similar Jobs

KPMG In Malaysia - PJ - Advisory - TRC - Senior Associate - Enterprise Network & Security

kpmg malaysia

Python AWS Developer

RARR Technologies

Associate Solution Sales Director, Cloud

Starhub

Service Delivery Manager

ntt data, inc.

Sales Specialist, Falcon Secure Access

CrowdStrike