Overview

CyberSOC Analyst Jobs in Petaling Jaya, Selangor, Malaysia at SLB

Title: CyberSOC Analyst

Company: SLB

Location: Petaling Jaya, Selangor, Malaysia

The CyberSOC Analyst is responsible to identify, analyze, communicate, defend, and contain information security incidents.

  • Conducts network monitoring and intrusion detection analysis using various computer network defense tools, such as intrusion detection/prevention systems (IDS/IPS), firewalls, host-based security systems (HBSS), etc
  • Correlates network activity across networks to identify trends of unauthorized use
  • Research emerging threats and vulnerabilities to aid in the identification of incidents
  • Analyze the results of the monitoring solutions, assess, and correlate the output using automated systems.
  • Conduct triage, event correlation, classification, and analysis of these events such that incidents are investigated and logged or followed up using the existing information risk incident management processesProvide pro-active feedback which will enable improvement of the current monitoring rules, based on information and knowledge/experience from Schlumberger and Industry best practices.
  • Capable of working unsupervised, but able to interact and give direction to business and IT (Information Technology) teams in line within established corporate security policies and processes
  • Develops and maintains constructive and cooperative working relationships with team members
  • Demonstrates the ability to drive creative, innovative ways to solve problems or minimize risk
  • Consultative skills and ability to work cross-functionallyFocused and results oriented
  • Ability to react quickly, decisively, and deliberately in high-stress, high-impact situationsStrong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one

Certifications (1 or more of the following)

Current (not future/or planned) Certification are preferable

  • SANS (SysAdmin, Audit, Network, and Security) GIAC (Global Information Assurance Certification) certification in Cyber Defense, Penetration Testing, Incident Response or Forensics
  • Certified Information Systems Security Professional (CISSP)
  • Certified Information Security Manager (CISM)
  • EC-Council certification: CEH (Certified Ethical Hacker), ECSA (Certified Security Analyst), CHFI (Computer Hacking Forensic Investigator), CND (Certified Network Defender)
  • Cisco Certified Network Associate (CCNA)

Technical Skills

  • Data Security
    • Data Loss Prevention tools, (e.g., AIP (Azure Information Protection), IRM (Information Rights management))
  • Endpoint
    • Antivirus solutions (e.g., Microsoft Defender)
    • Strong Windows and Linux administration experience
    • Information Security tools & packet analyses tools (e.g., Cb, Wireshark)
  • OT/IIoT Security
  • Security Event Monitoring and Analysis
  • Compliance and Audit
  • Vulnerability Management
    • Vulnerability Testing tools (e.g., Qualys, Kali)
  • Scripting/Automation
  • Incident Response – Security Risk
  • Application Security
  • Could Security
  • Forensics
    • Malware analysis and memory analysiso Network and Host forensics
  • Threat Intel
  • Email security
  • Identity & Access Management
  • Project Management
  • Common Technical Skills
    • SharePoint and PowerBI experience are an advantage
    • YARA-L, PowerShell or Python coding experience is an advantage
    • Basic project management experience
    • Azure Active Directory
    • Cloud Access Security Broker (CASB)
    • Federation
    • Conditional Access
    • Zero Trust
    • Phishing detection tools (e.g., Proofpoint TRAP, CLEAR)
    • Experience in analyzing threat intel feeds.
    • Cloud experience (e.g., Azure, GCP (Google Cloud Platform), AWS (Amazon Web Services), Yandex, G42)
    • Fair understanding of the threat modeling
    • Strong troubleshooting and root cause analysis skills
    • Cyber outbreak management and the ability to differentiate malicious activity from directed attack patterns
    • Programming/Scripting tools (e.g., Python, Bash, PowerShell, YARA-L)
    • Fair understanding of the NIST (National Institute of Standards and Technology) CS (Cyber Security) Framework
    • Log analysis/ Windows event analysis
    • Security Information and Event Management (SIEM) – Chronicle and Splunk are preferred

Network Security

  • Firewall (e.g., Pato Alto Networks)
  • Internet Protocols and Services (e.g., TCP/IP, FTP (File Transfer Protocol), HTTPS, SSH (Secure Shell))
  • Intrusion Detection (e.g., IDS/IPS tools)
  • Network scanning tools (e.g., NMAP)
  • Networking infrastructure (Cisco is preferred)
  • Information Security tools & packet analyses tools (e.g., Cb, Wireshark)
  • Awareness of SCADA (Supervisory Control and Data Acquisition) / IIoT (Industrial Internet of Things) technologies
Upload your CV/resume or any other relevant file. Max. file size: 800 MB.