Hiring.fm
Ensign InfoSecurity

Senior Security Analyst (SOC Level 3)

Malaysia (Kuala Lumpur) Full time

Ensign is hiring !

Key Responsibilities:

  • Lead high-severity incident response and containment activities, coordinating with stakeholders across IT and business units.

  • Conduct in-depth forensic analysis on endpoints, networks, and logs to determine the root cause and impact of security incidents.

  • Develop advanced detection use cases and correlation rules based on threat intelligence and TTPs (MITRE ATT&CK, etc.).

  • Perform proactive threat hunting using SIEM, EDR, and threat intel feeds to uncover undetected threats.

  • Review and fine-tune alerts, playbooks, and automation workflows to reduce false positives and improve SOC efficiency.

  • Mentor L1 and L2 analysts, providing guidance, training, and quality review of investigations.

  • Serve as a technical escalation point for complex security issues and investigations.

  • Contribute to incident post-mortems and provide recommendations to improve security posture and processes.

  • Collaborate with red/purple teams and engineering to simulate attacks and validate defense effectiveness.
     

Requirements:

Education & Certification:

  • Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field.

  • Strongly preferred certifications:

    • GIAC (GCFA, GCIH, GCIA, GDAT)

    • CISSP, OSCP, or equivalent
       

Technical Skills:

  • Deep understanding of security monitoring and detection tools (SIEM, EDR, IDS/IPS, SOAR).

  • Strong hands-on experience in forensic tools, log analysis, malware analysis, and packet inspection.

  • Solid grasp of attacker tactics, techniques, and procedures (TTPs), threat modeling, and behavior analytics.

  • Familiarity with scripting or automation (Python, PowerShell, Bash) is an advantage.

  • Experience with Windows, Linux, and cloud environments (AWS/Azure security monitoring).
     

Soft Skills:

  • Excellent analytical and problem-solving skills.

  • Strong written and verbal communication, including report writing.

  • Ability to lead investigations and influence cross-functional teams under pressure.
     

Preferred Experience:

  • 4–6+ years of experience in SOC operations, incident response, or threat detection.

  • Experience working in or leading incident response within a 24x7 SOC or MSSP environment.

  • Prior involvement in threat hunting or red/purple team collaboration is a strong plus.