Overview
CyberSOC Analyst Jobs in Petaling Jaya, Selangor, Malaysia at SLB
Title: CyberSOC Analyst
Company: SLB
Location: Petaling Jaya, Selangor, Malaysia
The CyberSOC Analyst is responsible to identify, analyze, communicate, defend, and contain information security incidents.
- Conducts network monitoring and intrusion detection analysis using various computer network defense tools, such as intrusion detection/prevention systems (IDS/IPS), firewalls, host-based security systems (HBSS), etc
- Correlates network activity across networks to identify trends of unauthorized use
- Research emerging threats and vulnerabilities to aid in the identification of incidents
- Analyze the results of the monitoring solutions, assess, and correlate the output using automated systems.
- Conduct triage, event correlation, classification, and analysis of these events such that incidents are investigated and logged or followed up using the existing information risk incident management processesProvide pro-active feedback which will enable improvement of the current monitoring rules, based on information and knowledge/experience from Schlumberger and Industry best practices.
- Capable of working unsupervised, but able to interact and give direction to business and IT (Information Technology) teams in line within established corporate security policies and processes
- Develops and maintains constructive and cooperative working relationships with team members
- Demonstrates the ability to drive creative, innovative ways to solve problems or minimize risk
- Consultative skills and ability to work cross-functionallyFocused and results oriented
- Ability to react quickly, decisively, and deliberately in high-stress, high-impact situationsStrong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one
Certifications (1 or more of the following)
Current (not future/or planned) Certification are preferable
- SANS (SysAdmin, Audit, Network, and Security) GIAC (Global Information Assurance Certification) certification in Cyber Defense, Penetration Testing, Incident Response or Forensics
- Certified Information Systems Security Professional (CISSP)
- Certified Information Security Manager (CISM)
- EC-Council certification: CEH (Certified Ethical Hacker), ECSA (Certified Security Analyst), CHFI (Computer Hacking Forensic Investigator), CND (Certified Network Defender)
- Cisco Certified Network Associate (CCNA)
Technical Skills
- Data Security
- Data Loss Prevention tools, (e.g., AIP (Azure Information Protection), IRM (Information Rights management))
- Endpoint
- Antivirus solutions (e.g., Microsoft Defender)
- Strong Windows and Linux administration experience
- Information Security tools & packet analyses tools (e.g., Cb, Wireshark)
- OT/IIoT Security
- Security Event Monitoring and Analysis
- Compliance and Audit
- Vulnerability Management
- Vulnerability Testing tools (e.g., Qualys, Kali)
- Scripting/Automation
- Incident Response – Security Risk
- Application Security
- Could Security
- Forensics
- Malware analysis and memory analysiso Network and Host forensics
- Threat Intel
- Email security
- Identity & Access Management
- Project Management
- Common Technical Skills
- SharePoint and PowerBI experience are an advantage
- YARA-L, PowerShell or Python coding experience is an advantage
- Basic project management experience
- Azure Active Directory
- Cloud Access Security Broker (CASB)
- Federation
- Conditional Access
- Zero Trust
- Phishing detection tools (e.g., Proofpoint TRAP, CLEAR)
- Experience in analyzing threat intel feeds.
- Cloud experience (e.g., Azure, GCP (Google Cloud Platform), AWS (Amazon Web Services), Yandex, G42)
- Fair understanding of the threat modeling
- Strong troubleshooting and root cause analysis skills
- Cyber outbreak management and the ability to differentiate malicious activity from directed attack patterns
- Programming/Scripting tools (e.g., Python, Bash, PowerShell, YARA-L)
- Fair understanding of the NIST (National Institute of Standards and Technology) CS (Cyber Security) Framework
- Log analysis/ Windows event analysis
- Security Information and Event Management (SIEM) – Chronicle and Splunk are preferred
Network Security
- Firewall (e.g., Pato Alto Networks)
- Internet Protocols and Services (e.g., TCP/IP, FTP (File Transfer Protocol), HTTPS, SSH (Secure Shell))
- Intrusion Detection (e.g., IDS/IPS tools)
- Network scanning tools (e.g., NMAP)
- Networking infrastructure (Cisco is preferred)
- Information Security tools & packet analyses tools (e.g., Cb, Wireshark)
- Awareness of SCADA (Supervisory Control and Data Acquisition) / IIoT (Industrial Internet of Things) technologies