GSOC Threat Detection Team Lead
Cyberjaya, Malaysia
Applications have closed
Experian
Experian is committed to helping you protect, understand, and improve your credit. Start with your free Experian credit report and FICO® score.Company Description
We’re passionate about unlocking the power of data in order to transform lives and create opportunities for consumers, businesses and society. For more than 125 years, we’ve helped businesses grow, consumers and small businesses gain access to financial services, and economies and communities flourish – and we’re not done.
Our 17k amazing employees in 40+ countries believe the possibilities for you, and the world, are growing. We’re investing in the future, through new technologies, talented people and innovation so we can help create a better tomorrow.
To do this we employ the greatest and brightest minds that share our purpose and want to make a difference. We embrace our diversity yet share similar values and growth mindsets.
What’s your next professional and personal goal? Let Experian help bring this to life
Job Description
Description
Successful candidate is required to work on 12 hours rotational shift
The Threat Detection Lead Analyst is an essential part of Experian’s Global Security Operation Center (GSOC) that perform in-depth analysis and further triage of security threats, proposes remediation actions, and takes part in the creation and steady improvement of correlation rules, processes and procedures and other department related documentation. The Threat Detection Lead Analyst is a leader within the organization, executing on strategic items that promote a strong information security posture. Below is the list of main tasks:
- Investigate incidents using SIEM technology, packet captures, reports, data visualization, and pattern analysis.
- Analyze, escalate, and assist in remediation of critical information security incidents.
- Improve and challenge existing processes and procedures in a very agile and fast-moving information security environment.
- Collaborate with external teams for incident resolution and escalations, ensuring questions and concerns from Experian users are answered in a timely manner.
- Provide support and leadership to the tier one analysts, including feedback on quality of work, driving case quality.
- Expert knowledge of:
- Information security policies and goals
- Log analysis and event traffic patterns
- The current IT threat landscape and upcoming trends in security
Qualifications
Required Experience: 5+ years’ experience in the following areas:
Demonstrates advanced technical skills and hands-on knowledge, such as:
- In-depth packet analysis skills, core forensic familiarity, incident response skills, public could security practices, and data fusion skills based on multiple security data sources
- Security analysis and architecture of Azure and AWS cloud environment using security tools including Defender for Cloud, GuardDuty, CloudTrail, or CloudWatch.
- System administration on Unix, Linux, or Windows
- Network forensics, logging, and event management
- Defensive network infrastructure (operations or engineering)
- Vulnerability assessment and penetration testing concepts
- Malware analysis concepts, techniques, and reverse engineering
- In-depth knowledge of network and host security technologies and products (such as firewalls, network IDS, scanners) and continuously improve these skills
- Security monitoring technologies, such as SIEM, IPS/IDS, UEBA, DLP, among others.
- Scripting and automation
Demonstrates behavioral skills, such as:
- Ability to work in a team environment, able to train and coach other team members
- Excellent verbal and written communications skills and ability to produce clear and thorough security incident reports and briefings.
- Strong logical thinking abilities, especially analyzing security events.
- Excellent analytical and problem-solving abilities
- Excellent organizational and attention to details in tracking activities within various Security Operation workflows.
- Well established client-focused communication skills that requires to read, review, investigate, and summarize reports on complex issues, in a manner that can be understood by non-technical readers.
- Ability to lead incident investigation efforts and effectively coordinate communications.
Education:
Bachelor’s degree preferred, but not required. Relevant technical and industry certifications are a plus, e.g. Comptia, GIAC certifications, CISSP, SIEM vendor-specific certifications.
Additional Information
All your information will be kept confidential according to EEO guidelines.
Experian Careers - Creating a better tomorrow together
Find out what its like to work for Experian by clicking here
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Agile Automation AWS Azure CISSP Cloud CompTIA Firewalls Forensics GIAC IDS Incident response IPS Linux Log analysis Malware Monitoring Pentesting Reverse engineering Scripting Security analysis SIEM Threat detection UNIX Windows
Perks/benefits: Career development Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Staff Security Engineer jobs
- Open Information Security Specialist jobs
- Open Senior Security Analyst jobs
- Open Security Operations Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Senior Information Security Analyst jobs
- Open Product Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Principal Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Senior Information Security Engineer jobs
- Open Consultant SOC / CERT H/F jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Specialist jobs
- Open Security Specialist jobs
- Open Security Researcher jobs
- Open Chief Information Security Officer jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Cyber Security Specialist jobs
- Open IT Security Engineer jobs
- Open Agile-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open CISM-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open CISA-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Java-related jobs
- Open Kubernetes-related jobs
- Open EDR-related jobs
- Open Security Clearance-related jobs
- Open Malware-related jobs
- Open IDS-related jobs
- Open APIs-related jobs
- Open CEH-related jobs
- Open CI/CD-related jobs