Security Analyst - Ampang Jaya

Ensign is hiring !

Key Responsibilities:

• Perform in-depth analysis of security events escalated by L1 analysts to determine scope, impact, and appropriate response actions.
• Investigate and respond to security incidents, including malware infections, phishing attacks, unauthorized access, and other cybersecurity threats.
• Conduct root cause analysis and recommend remediation and preventive actions.
• Utilize threat intelligence feeds and tools to enhance the detection and investigation process.
• Collaborate with other IT/security teams to contain and resolve incidents.
• Maintain and improve incident response runbooks and playbooks.
• Assist in tuning and optimizing SIEM rules, correlation logic, and alerts to reduce false positives.
• Mentor and support L1 analysts to ensure consistent incident handling practices.
• Prepare incident reports and executive summaries for management or customers.
• Participate in red/blue team exercises or threat-hunting activities as needed.

Requirements:

Education & Certification:

• Degree in Cybersecurity, Computer Science, Information Technology, or a related field.
• Relevant certifications are highly preferred: CompTIA CySA+, EC-Council ECIH, GCIA, GCFA, GCIH, etc.

Technical Skills:

• Strong understanding of network protocols, log analysis, and cybersecurity frameworks.
• Hands-on experience with SIEM platforms (e.g., Splunk, QRadar, LogRhythm).
• Familiarity with EDR/XDR tools, IDS/IPS, firewalls, and forensic tools.
• Ability to write and optimize detection rules and scripts.
• Knowledge of MITRE ATT&CK and threat modeling methodologies.