S12_Security Analyst

📍 Location: Klang

🏢 Company: SRKK Group

💼 Employment Type: Full-time

✨ We are looking for people who are humble, hungry, and smart.

Protect, Detect, and Respond—Strengthen SRKK’s Cyber Defense

SRKK Group is a leading end-to-end digital transformation consultancy with established presences in Malaysia and Singapore. As a Microsoft partner-focused organization, we help customers modernize and secure their environments across cloud, data, applications, and the modern workplace.

We are seeking a Security Analyst to monitor, investigate, and respond to threats across customer and internal environments. You’ll operate security tooling (SIEM, EDR, firewalls, IDS/IPS), coordinate with internal teams and security partners, and continuously improve detection and response. If you’re passionate about cyber defense, disciplined in analysis, and eager to make an impact, this role will accelerate your journey in cybersecurity.

💼 What You’ll Do

Security Monitoring & Detection

• Continuously monitor alerts from SIEM, EDR, firewalls, and IDS/IPS to detect suspicious activities and potential threats.
• Tune detection rules and use cases to reduce false positives and improve fidelity.

Incident Investigation & Response

• Triage alerts, conduct root cause analysis, and escalate confirmed incidents for containment and remediation.
• Support incident coordination, evidence collection, and post‑incident reviews.

Threat Analysis, Log Review & Hunting

• Review system, endpoint, and network logs to identify anomalies.
• Conduct proactive threat hunting to detect hidden or advanced threats.

Vulnerability Management

• Perform or review vulnerability scans, analyze results, and work with IT teams to prioritize remediation and patch cycles.

Penetration Testing Support

• Conduct or coordinate penetration testing activities; document findings and recommend mitigations.

Security Tools Operations

• Assist with the management and tuning of SIEM, EDR, firewall, and other platforms to enhance detection and response capabilities.

Partner & Stakeholder Collaboration

• Liaise with security vendors, technology partners, and MSSPs during investigations, product rollouts, and threat‑intel sharing.
• Collaborate with internal IT, cloud, apps, and consulting teams for swift remediation.

Awareness, Reporting & Governance

• Deliver cybersecurity awareness briefings (e.g., phishing, ransomware, social engineering) for customers and internal users.
• Prepare monitoring reports, incident documentation, and improvement recommendations.
• Support compliance with security policies, standards, and regulatory requirements; assist in audits when required.

👤 Who You Are

• Hands-on experience (or strong internship/projects) in security monitoring, incident response, or SOC operations.
• Familiar with SIEM/EDR, network/security logs, and basic scripting or query languages (e.g., KQL/Splunk Query).
• Understanding of common attack techniques (MITRE ATT&CK), malware, phishing, and ransomware tactics.
• Analytical, structured, and detail‑oriented with strong documentation skills.
• Clear communicator who can collaborate with customers, partners, and cross‑functional teams.
• Certifications (nice to have): Security+, AZ‑500, SC‑200, CEH, CySA+ or equivalent.
• Curious, responsible, and improvement‑oriented — humble, hungry, smart.

🌱 Why Join SRKK Group?

• Direct impact on strengthening defenses across cloud, modern workplace, and application environments.
• Learn from senior consultants and security partners; access to Microsoft‑aligned learning paths.
• Opportunities to work on SIEM, EDR, vulnerability management, and threat hunting use cases.
• Exposure to incident response, SSR/BTR customer reviews, and continuous improvement programs.
• Clear growth path toward SOC Analyst (L2), Incident Responder, or Security Consultant roles.
• A collaborative, improvement‑driven culture that values professionalism and learning.