Security Analyst
Ensign InfoSecurity (Malaysia) Sdn BhdSelangor, MalaysiaJuly 6, 2026
On-site
Full-time
SOC
Senior · 5+ yrs
Ensign is hiring !
L2
Responsibilities
- Monitor third party security feeds, forums, and mailing lists to gather information related to the client through automated means
- Produce intelligence outputs to provide an accurate depiction of the current threat landscape and associated risk through the use of customer, community, and open source reporting
- Produce actionable intelligence information for delivery to colleagues and customers in the form of technical reports, briefings, and data feeds
- Review vulnerabilities advisories
- Review and process threat intelligence reports
- Perform detailed investigative works into all traffic anomalies against established, historical baselines of individual agencies. Reviewing and profiling the events of all monitored clients
- Assess each event based on factual information and wider contextual information available
- Review, propose and generate reports to automate or reduce low value event escalations
- Build rules and intelligence to detect such threats and proliferate to all monitored networks
- Implementing and devising detection method of such threats in our security operations through SIEM Rules, DB scripts etc
- Perform periodic analysis of security events, network traffic, and logs to engineer new detection methods, or create efficiencies when available
- Supports the development of tactics, techniques, and procedures in providing proactive threat hunting and analysis against the available information sources (e.g. Netflow, DNS and Firewall logs, etc.)
- Assist the Security Analysts with the investigative works
- Prepare training programme for Security Analyst and conduct knowledge sharing sessions for Security Analyst
- Fulfil Change Requests, Service Requests and respond to internal / external enquiries with regards to detection Use Case
- Any other tasks as assigned
Requirements
- Degree holder with at least 5 years' of experience in related field and capacity
- Prior experience working in a Security Operations Centre (SOC) or Computer Emergency Response Team (CERT/CIRT)
- Possessed deep interest in open source research and critical thinking / contextual analysis abilities
- Has proper understanding of network, apps,and server fundamentals, and be able to identify and analyze logs thoroughly by looking at the indicators
- Has understanding of MITRE ATT&CK framework or cyber kill chain
- Investigative and analytical problem solving skills
- An understanding of the current vulnerabilities, response, and mitigation strategies used in cyber security
- Related professional cyber security certification, such as GCIA, CEH, will be preferred
- Experience with intelligence analysis processes, including Open Source Intelligence (OSINT) and closed source intelligence gathering, source verification, data fusion, link analysis, and threat actor
- Ability to research and characterize security threats to include identification and classification of threat indicators