Senior Incident Response Specialist (Platform)

StarHub Lihat semua pekerjaan

  • Petaling Jaya, Selangor
  • Tetap
  • Sepenuh masa
  • 3 hari lepas
About this role(This role is based in Malaysia, Petaling Jaya )
The Senior Analyst - Cyber Security Incident Response is responsible for monitoring, detecting, and analysing cybersecurity incidents through the Security Operations Centre (SOC) platform. The role supports the end-to-end incident lifecycle - including triage, investigation, containment, and closure - ensuring timely response to security events and maintaining StarHub's cyber resilience. This role acts as the Level 2 (L2) Incident Responder, bridging SOC analysts and Incident Response management by performing deep technical analysis and coordinating with internal teams for resolution.Responsibilities
  • Monitor alerts generated from the SOC/SIEM and perform initial to intermediate-level investigations.
  • Review and validate security events from multiple log sources and identify legitimate threats.
  • Perform deep-dive investigations for incidents involving malware, phishing, insider threats, and cloud breaches.
  • Assist in detection rule creation and tuning under the guidance of senior incident responders.
  • Use frameworks like MITRE ATT&CK for mapping and improving detection quality.
  • Conduct threat hunting using Elastic Stack and related tools.
  • Collaborate with MSSP, CSIRT, and IT infrastructure teams to ensure timely incident handling.
  • Support incident response reporting, evidence collection, and documentation for compliance and audit.
  • Contribute to automation opportunities in detection and response workflows.
  • Participate in training sessions, simulations, and tabletop exercises to enhance readiness.
  • Responsible for the log source onboarding and managing the continuous logs availability on the SIEM platform.
Qualifications
  • 2-3 years of experience in a SOC or Incident Response (L2) environment.
  • Intermediate hands-on experience with SIEM platforms (Elastic Stack preferred).
  • Exposure to incident triage, malware analysis, phishing response, and log correlation.
  • Strong understanding of use case creation and MITRE ATT&CK framework mapping.
  • Demonstrated ability to analyze complex alerts and distinguish false positives from true incidents.
  • Familiarity with security tools such as EDR, NDR, Cyber security tools and threat intelligence platforms.
  • Good communication and documentation skills for stakeholder updates.
  • Certifications such as CEH, CompTIA Security+, GCIA, or Elastic Certified Analyst preferred.
To APPLY NOW, click on Skye!

StarHub