Job Description Cybersecurity Specialist
Team: Monitoring/Support
Designation: Cyber Security Specialist (SOC L3)
Job Role: Monitor and Detect Security Alerts while supporting Microsoft
security and compliance technologies based on customer requirements and industry knowledge
Experience: Minimum 7 years of experience working in a Security Operation
Centre in terms of monitoring detecting and analyzing security solutions
Employer: Vcyberiz Sdn Bhd Cyberjaya Malaysia
JobLocation: Cyberjaya Selangor
Shifts: The resource will have to work from office (Mandatory) and come in a
24x7x365 rotational shift.
Role:
As a SOC Level 3 Analyst you will serve as a senior technical escalation point for all
security incidents within the Security Operations Center. You will work to contain and
mitigate threats perform advanced threat hunting lead incident response efforts and provide mentorship to SOC analysts at Level 1 and Level 2. Your expertise will drive the continuous improvement of SOC processes tools and capabilities to strengthen the organizations security posture.
Responsibilities:
The Cybersecurity Specialist would carry out the following responsibilities:
Act as the escalation point for complex incidents and provide expert analysis and
guidance.
Proactively hunt for threats and vulnerabilities within the organization.
Lead the investigation of advanced security incidents including root cause
analysis and remediation.
Collaborate with stakeholders across IT risk management and executive teams to
mitigate risks effectively.
Ensure timely detection triage and response to security threats and events.
Act as the escalation point for complex incidents and provide expert analysis and
guidance.
Proactively hunt for threats and vulnerabilities within the organization.
Lead the investigation of advanced security incidents including root cause
analysis and remediation.
Collaborate with stakeholders across IT risk management and executive teams to
mitigate risks effectively.
Ensure timely detection triage and response to security threats and events.
Perform advancedlevel threat analysis correlating events from multiple sources.
Lead incident response containment and recovery activities including root cause
analysis and remediation.
Conduct detailed postincident reviews and create root cause analysis reports.
Develop and maintain SOC playbooks and standard operating procedures.
Perform threat intelligence research and integrate findings into detection
mechanisms.
Conduct security tool finetuning including SIEM and EDR platforms.
Train and mentor junior SOC analysts (L1/L2) to enhance overall team capability.
Collaborate with teams to evaluate and deploy advanced cybersecurity tools and
techniques.
Ensure adherence to compliance and regulatory requirements in SOC operations.
Work Experience:
Proven experience designing implementing supporting and delivering security
solutions such as Microsoft Security and Compliance solutions including M365
Defender for Endpoint Defender for Cloud MS Purview MS Entra Sentinel SIEM
DLP Email and Web Security Spam Filtering and Vulnerability Scanning.
Extensive experience in security operations using agnostic tools and platforms
including writing and executing queries in languages like KQL or SPL for threat
detection incident response and analysis across various environments.
Experience in Major Incident Management coordinating response efforts root
cause analysis and communication across crossfunctional teams including
leveraging agnostic monitoring tools for faster triage and remediation.
Ability to create and manage security playbooks that define incident response
processes for both Microsoft and thirdparty security tools ensuring alignment
with organizational security policies and best practices.
Strong skills in malware analysis with experience working across multiple security
technologies to identify assess and respond to threats regardless of the
underlying platform or vendor.
Comprehensive knowledge of the Microsoft Defender suite (e.g. Defender for
Endpoint Defender for Identity Defender for Office 365) with the ability to
navigate and integrate it with other thirdparty solutions for seamless security
operations.
Experience managing service requests and handling ticket management
workflows in a structured environment.
Proven track record of delivering security solutions and services for global
customers with the ability to integrate solutions from multiple vendors to
enhance security effectiveness.
Deep understanding of Security Operations and Service Delivery with an
emphasis on continuous improvement and operational efficiency regardless of
vendor technology.
Proficiency in using Enterprise Ticketing systems such as ServiceNow to track
escalate and resolve security incidents regardless of the underlying security
platform.
Familiarity with ITIL v4 processes in supporting Security Solutions and Service
Delivery with a focus on Incident Change and Problem Management.
Qualifications (Mandatory):
Bachelors degree in Computer Science Cybersecurity or a related field.
Relevant certifications such as:
o GIAC Certified Incident Handler (GCIH)
o Certified Information Systems Security Professional (CISSP)
o Offensive Security Certified Professional (OSCP)
o Certified Ethical Hacker (CEH)
Qualifications (Preferred):
Master s degree in Cybersecurity or a related field.
Certifications in advanced threat intelligence or forensic analysis (e.g. GCFA
GREM).
Skills and Abilities:
Advanced understanding of threat landscapes adversary tactics and attack
frameworks (e.g. MITRE ATT&CK).
Proficiency in incident response malware analysis and digital forensics.
Strong knowledge of security technologies including firewalls SIEM EDR
IDS/IPS and DLP solutions.
Handson experience with scripting and automation (Python PowerShell etc.).
Expertise in network traffic analysis and packetlevel investigations.
Excellent communication and reportwriting skills.
Ability to lead teams and make decisions under pressure during active incidents.
Performance Criteria:
Efficient and effective incident response and containment times.
Quality of root cause analysis and postincident reporting.
Contribution to the development and improvement of SOC processes and
playbooks.
Proactive identification of threats through threat hunting and intelligence
research.
Mentorship and skill development of SOC team members.
High levels of stakeholder satisfaction and collaboration.
web security,advanced,incident response,security playbook management,threat detection,vulnerability scanning,python,soc,spl,enterprise ticketing systems,root,defender for cloud,network traffic analysis,powershell,cybersecurity,malware analysis,email security,kql,security,dlp,microsoft security and compliance solutions,ms entra,spam filtering,ms purview,sentinel siem,m365 defender for endpoint
SOC L3
