SOC Analyst
Kuala Lumpur, Malaysia (Hybrid)
Ekco
We're innovators in security and cloud solutions & management services, designed to drive productivity and scalability. Get in TouchSOC Analyst
About Ekco
Founded in 2016 Ekco is now one of the fastest growing cloud and security solution providers in Europe!
We specialise in enabling companies to progress along the path of cloud maturity, cybersecurity, managing transformation and driving better outcomes from our customers’ existing technology investments.
We are the people who power your possible
We have over 600 highly talented and supportive colleagues (and counting) across a number of regional offices in Ireland, the Netherlands, and Malaysia.
The Role
We wish to appoint SOC Analyst to our team. The candidate will become part of a team of that delivers a range of advisory and technology services to our clients. This is a great opportunity to become involved in a dynamic and rapidly growing team delivering a leading range of professional services offering.
EKCO will support you and encourage your growth and development to identify further potential and expertise in the cybersecurity field.
Day to day your role will involve:
- Performing accurate and precise real-time analysis and correlation of logs/alerts from a multitude of client devices.
- Determining if events constitute security incidents e.g.: security events and incidents from SIEM, Firewall (FW), Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS), Antivirus (AV), Directory Servers, Network Access Control (NAC) and other client data sources.
- Analysing and assessing security incidents and advancing to client resources or collaborating with internal teams for additional assistance
- Investigating security events forwarded from client for security risk.
- Conducting tuning engagements with security engineers to develop/adjust SIEM rules and analyst response procedures.
- Raising incidents to appropriate Senior Security Analyst or Incident Response staff or relevant sources to confirm if there is increased risk to the business
- Recognising potential; successful; and unsuccessful intrusion attempts and compromises thorough reviewing and analysing relevant event detail and summary information
- Performing vulnerability scans and assessments.
- Using TCP/IP networking skills to perform network analysis to isolate and diagnose.
- Responding to inbound requests via phone and other electronic means for technical assistance.
- Documenting actions in cases to effectively communicate information internally and to client.
- Reporting common and repeat problems (trend analysis) to management and propose process and technical improvements.
- Assist in providing resolution plans for system and network issues.
- Providing cover in line with rotating shift patterns. You should be flexible to rotating 8, 10 or 12 hour shifts. We provide 24/7 cover to clients and shifts are allocated accordingly
- Performing other duties as assigned.
To be successful in this role you’ll need/ What you’ll bring to the role or team/ What we’re looking for in a team mate
- A Bachelor’s degree or equivalent in Computer Science, Computer Engineering, Electrical Engineering, Network Security, Information Security, Information
Technology, or Mathematics (or equivalent work experience)
- Keen problem solving/ troubleshooting skills
- A can-do attitude
- Excellent written and verbal communication skills. You should be able to communicate technical details clearly.
- The ability to adjust and adapt to changing priorities in a dynamic environment
- A pro-active approach to addressing issues and requests and the ability to multi task
- The ability to learn new technology and concepts quickly
- Great organisational skills and attention to detail
Bonus points if you have:
- Prior experience working with SIEM or EDR – E.g. SPLUNK, IBM QRadar, Sentinel, Rapid7, Carbon Black
- Industry recognized certifications – E.g. CompTIA Security+, CySA+, Microsoft SC-200
- Theoretical or practical knowledge in the following areas:
- Unix, Linux, Windows, etc. operating systems
- Exploits, vulnerabilities, network attacks
- Well-known networking protocols and services (FTP, HTTP, SSH, SMB,
LDAP, etc.)
- Packet analysis tools (tcpdump, Wireshark, ngrep, etc.) o Regular expressions
- Database structures and queries
We believe in taking care of our team so as one of us you’ll have access to our “Ekco Extras”
Why Ekco
- ⭐️Microsoft’s 2023 Rising Star Security Partner of the year
- 🚀VMware & Veeam top partner status
- 🏅Ranked as 4th fastest growing technology company in the Deloitte Fast50 Awards
- 🌈Ekco are committed to cultivating an environment that promotes diversity, equality, inclusion and belonging
- 🎉We recognise the value of internal mobility and encourage opportunities for internal development & progression
- ✨Flexible working with a family friendly focus are at the core of our company values
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Antivirus Carbon Black Cloud CompTIA Computer Science EDR Exploits Firewalls IDS Incident response Intrusion detection Intrusion prevention IPS LDAP Linux Mathematics Network security QRadar Sentinel SIEM SOC Splunk SSH TCP/IP UNIX VMware Vulnerabilities Vulnerability scans Windows
Perks/benefits: Career development Flex hours Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Product Security Engineer jobs
- Open Cloud Security Architect jobs
- Open Security Operations Engineer jobs
- Open Principal Security Engineer jobs
- Open Information Security Officer jobs
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Chief Information Security Officer jobs
- Open Senior Product Security Engineer jobs
- Open Cyber Security Architect jobs
- Open IT Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Security Specialist jobs
- Open Senior Network Security Engineer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Cybersecurity Consultant jobs
- Open Security Consultant jobs
- Open IT Security Analyst jobs
- Open Security Operations Analyst jobs
- Open Senior Information Security Analyst jobs
- Open Manager Pentest H/F jobs
- Open Information Security Architect jobs
- Open Information System Security Officer jobs
- Open Agile-related jobs
- Open Risk assessment-related jobs
- Open SOC-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open GCP-related jobs
- Open IAM-related jobs
- Open Application security-related jobs
- Open Pentesting-related jobs
- Open Threat intelligence-related jobs
- Open DoD-related jobs
- Open Vulnerability management-related jobs
- Open DevOps-related jobs
- Open Security Clearance-related jobs
- Open CEH-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open SaaS-related jobs
- Open Malware-related jobs
- Open Kubernetes-related jobs
- Open Java-related jobs
- Open EDR-related jobs
- Open TS/SCI-related jobs