Security Analyst
PJC-PJ City, Malaysia
Hong Leong Bank Berhad
Hong Leong Bank Malaysia offers a host of personal financing products and services ranging from loans, credit cards, online banking, mobile banking and more. All designed to cater for the different needs and lifestyles of the customers.If you are looking to excel and make a difference, take a closer look at us…
The Opportunity: We are seeking a highly motivated and experienced Senior Security Analyst to join our growing security team. This pivotal role will be responsible for leading our incident investigation and threat hunting efforts, contributing to the continuous improvement of our security posture, and mentoring the next generation of security professionals. If you are passionate about cybersecurity, possess a keen eye for detail, and thrive in a fast-paced environment, we encourage you to apply.
Key Responsibilities:
Incident Response & Investigation:
Lead and conduct in-depth investigations into security incidents, identifying root causes, scope, and impact.
Perform forensic analysis on compromised systems and data to gather evidence and intelligence.
Develop and implement remediation strategies to contain and eradicate threats.
Create detailed incident reports and post-mortem analyses, documenting findings and lessons learned.
Threat Hunting:
Proactively search for advanced persistent threats (APTs), zero-day exploits, and other sophisticated attack techniques within our network and systems.
Develop and utilize threat intelligence to identify new indicators of compromise (IOCs) and attack patterns.
Leverage security tools (SIEM, EDR, network telemetry, etc.) to uncover stealthy activities and anomalous behaviors.
Continuously refine threat hunting methodologies and integrate new techniques.
Process Improvement & Optimization:
Evaluate existing security processes, procedures, and tools for effectiveness and efficiency.
Identify opportunities for automation and orchestration to streamline security operations.
Develop and implement improvements to incident response playbooks, threat hunting frameworks, and other security workflows.
Contribute to the development of new security policies and standards.
Mentorship & Knowledge Sharing:
Provide guidance, coaching, and technical mentorship to junior security analysts.
Foster a culture of continuous learning and knowledge sharing within the team.
Assist in the professional development of team members through training and skill-building initiatives.
Security Projects & Assessments:
Actively participate in various security projects, contributing expertise and insights from an operational security perspective.
Conduct security assessments, vulnerability analyses, and provide actionable feedback on system designs and new implementations.
Collaborate with cross-functional teams (IT, Development, etc.) to integrate security best practices into all stages of the system development life cycle.
Stay current with the latest cybersecurity threats, trends, technologies, and regulations.
Required Qualifications:
Bachelor's degree in Computer Science, Information Security, or a related field; equivalent practical experience will be considered.
5+ years of experience in a dedicated security role, with a strong focus on incident response, security operations, or threat hunting.
Proven experience with Security Information and Event Management (SIEM) platforms (e.g., Splunk, QRadar, Elastic, Microsoft Sentinel).
In-depth understanding of network protocols, operating systems (Windows, Linux), and common attack vectors.
Hands-on experience with endpoint detection and response (EDR) solutions.
Strong analytical and problem-solving skills, with the ability to quickly assess complex situations and make sound decisions.
Excellent written and verbal communication skills, with the ability to articulate technical concepts to both technical and non-technical audiences.
Ability to work independently and as part of a team in a fast-paced, dynamic environment.
Preferred Qualifications:
Relevant industry certifications (e.g., GCIH, GCFA, GNFA, OSCP, CISSP, CEH).
Experience with scripting languages (e.g., Python, PowerShell) for automation and data analysis.
Experience with vulnerability management and penetration testing concepts.
Knowledge of forensic tools and techniques.
Experience in a regulated industry (e.g., finance, healthcare).
What’s next:
Once you’ve applied online, our team will carefully review your application. Due to a high volume of applications, we appreciate your patience to allow for a fair and timely review process.
Should you be shortlisted for the role, we will send you an invitation via email for an interview. You can also check on your application status by logging into your candidate account.
About Hong Leong Bank
We are a leading financial institution in Malaysia backed by a century of entrepreneurial heritage. Providing comprehensive financial services guided by a Digital-at-the-Core ethos has earned us industry recognition and accolades for our innovative approach in making banking simpler and more effortless for our customers. Our digital and physical offerings span across a vast nationwide network in Malaysia, strengthened with an expanding regional presence in Singapore, Hong Kong, Vietnam, Cambodia, and China.
We seek to strike a balance between diversity, inclusion and merit to achieve our mission of infusing diversity in thinking and skillsets into our organisation. Candidates are assessed based on merit and potential, in line with our mission to attract and recruit the best talent available. Expanding on our “Digital at the Core” ethos, we are progressively digitising the employee journey and experience to provide a strong foundation for our people to drive life-long learning, achieve their career aspirations and grow talent from within our organisation.
Realise your full potential at Hong Leong Bank by applying now.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Automation Banking CEH CISSP Computer Science EDR Exploits Finance GCFA GCIH GNFA Incident response Linux OSCP Pentesting PowerShell Python QRadar Scripting Security assessment Sentinel SIEM Splunk Threat intelligence Vulnerability management Windows Zero-day
Perks/benefits: Career development Team events
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.