Closing Date : 31/01/2025

Infosecops Engineer  

Position Responsibilities

1. Threat Detection & Monitoring:

  • Utilize SIEM, IDS/IPS, and EDR tools to monitor and detect potential security threats and incidents in real-time.

2. Incident Response & Threat Hunting:

  • Lead the response to security incidents, including investigation, containment, remediation, and post-incident analysis. Conduct proactive threat hunting to identify and mitigate risks before they escalate.

3. Vulnerability Management:

  • Perform regular vulnerability scans, assess risks, and work with IT teams to apply patches and mitigate identified vulnerabilities.

4. Risk Assessment & Mitigation:

  • Conduct comprehensive risk assessments, identify potential threats, and implement measures to mitigate identified risks.

5. Policy Development & Compliance:

  • Develop, implement, and maintain security policies, standards, and procedures. Ensure compliance with industry standards and regulatory requirements (e.g., GDPR, HIPAA, NIST, ISO 27001).

6. Security Tool Management:

  • Manage and fine-tune security tools, including firewalls, SIEM systems, and endpoint protection platforms. Ensure tools are optimized for threat detection and response.

7. Cloud Security:

  • Implement and monitor security best practices for cloud environments (AWS, Azure, Google Cloud), including IAM, encryption, network security, and cloud-native security tools (e.g., AWS GuardDuty, AWS WAF and Shield, Azure Security Center).

8. Log Analysis & Automation:

  • Analyze logs from various sources (network devices, servers, applications) to identify anomalies and automate routine tasks using scripting languages (e.g., Python, Bash).

9. Security Awareness Training:

  • Design and deliver training programs to educate employees on security best practices and promote a security-first culture within the organization.

Qualification & Experiences

Experience:2-4+ years in a combined role of Security Operations and Information Security, with hands-on experience in cloud security.

Technical Skills:

  • Proficiency in SIEM tools (e.g., Splunk, QRadar), EDR solutions, firewalls, IDS/IPS, and vulnerability scanners.
  • Cloud Security Experience (Good to have): Hands-on experience with cloud platforms (e.g., AWS, Azure, Google Cloud), including IAM, network security, and cloud-native security tools.
  • Strong knowledge of encryption, IAM, and secure configurations for cloud environments.

Knowledge: In-depth understanding of security frameworks (e.g., NIST, ISO 27001) and incident response methodologies and server/cloud networking.

Problem-Solving Skills: Strong analytical skills for assessing complex security events and developing effective solutions.

Communication: Excellent verbal and written skills, with the ability to communicate complex security concepts to both technical and non-technical audiences.

a Necessity, not a Luxury


  Employment Type:  Permanent (Full Time)

  Min. Education:  Bachelor's Degree

  Spoken Language:  Malay, English

  Written Language:  Malay, English