MSD Malaysia
* Design and implement advanced detection architectures across the organization's security landscape, utilizing SIEM, EDR, XDR and cloud security platforms.* Lead the development and refinement of complex, high-fidelity detection use cases, custom correlation rules, and detection models tailored to the organization's unique risk profile and threat landscape.* Continuously enhance and optimize detection techniques, reducing alert fatigue and improving detection accuracy.* Identify and develop improvement initiatives within the Detection and Response team, implementing best practices and optimizing processes to enhance security capabilities.* Lead investigations into critical incidents, coordinate containment and eradication activities, and ensure recovery aligns with NIST incident response framework principles.* Leverage SOAR platforms to automate triage, enrichment, and response workflows for improved Incident Response efficiency.* Utilize AI-based tools such as Agentic AI and Co-pilot to enhance investigation speed, threat hunting, and reporting accuracy.* Leverage MDR capabilities to enhance detection and response workflows and streamline investigation prioritization.* Use endpoint protection and diagnostic tools such as Microsoft Defender for Endpoint (MDE) and CrowdStrike to conduct forensic analysis and validate root causes.* Partner with internal stakeholders, leadership, and external partners to provide situational awareness and actionable recommendations.* Support junior analysts through coaching, technical guidance, and knowledge sharing to build overall Incident Response capability and mature the threat detection posture.* Expert understanding of attack lifecycles, network telemetry, endpoint data, and adversarial tactics mapped to MITRE ATT&CK.* Proven ability to lead the full incident lifecycle, following NIST best practices from identification through post-incident recovery.* Ability to design and optimize automated response workflows in SOAR tools to reduce response time and analyst fatigue.* Comfortable integrating AI and machine learning tools into investigative processes to improve detection accuracy and reduce false positives.* Understands the business impact of identified threats and aligns response actions to minimize operational risk.* Proactively evaluates emerging technologies and integrates them into Incident Response operations.* Experience with SIEM platforms such as Microsoft Sentinel for event correlation and detection engineering.* Strong knowledge of SOAR technologies for orchestration and response automation.* Familiarity with endpoint detection and response (EDR) tools such as MDE, CrowdStrike and Sysinternals.* Working knowledge of AI-powered analysis and automation tools including Agentic AI and Co-pilot.* Understanding of key cybersecurity frameworks and standards: NIST Incident Response Framework, MITRE ATT&CK, and ISO 27001.* Experience with scripting languages including python and PowerShell.* Strong knowledge of Windows Active Directory Environment and cloud computing architectures.* Experience conducting forensic analysis, log correlation, and root cause investigations.* Strong communication skills to convey findings to technical and non-technical audiences.* Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or related field (or equivalent experience).* 5+ years of experience in IR operations, intrusion detection, or incident response.* Experience developing detection rules, playbooks, and automation workflows.* Demonstrated experience leading complex investigations and coordinating cross-functional response efforts.* Advanced certifications: GIAC (GCIH, GCFA etc.).* 5+ years of experience in Detection Engineering roles for large organizations.* Hands-on experience with cloud-native security tooling and hybrid SOC environments.* Ability to work collaboratively across teams; foster an environment where associates thrive and perform at their best.* Model ethical conduct, transparency, and accountability in every action; ensure compliance with cybersecurity and data privacy standards.* Demonstrate curiosity, adaptability, and a growth mindset. Encourage innovation, learning, and continuous improvement across IR operations.**Los Angeles Residents Only:** We will consider for employment all qualified applicants, including those with criminal histories, in a manner consistent with the requirements of applicable state and local laws, including the City of Los Angeles’ Fair Chance Initiative for Hiring Ordinance
#J-18808-Ljbffr