JOB DETAILS

Senior Incident Response Specialist, Cyber Security

CompanyCygnify
LocationKuala Lumpur
Work ModeOn Site
PostedJanuary 17, 2026
About The Company
Cygnify is an on-demand, plug & play TA team on a month-to-month subscription, delivering unlimited global hires with no placement fees. Our Talent Acquisition as a Service (TAaaS) offers companies instant access to a fully managed team of recruitment experts, cutting-edge AI tools, and a 100M+ candidate database. All our monthly plans are transparent, and flexible, with no lock-ins, supporting all roles, levels, and locations globally. Press Play to supercharge your Talent Acquisition—streamlining hiring with a single partner across every location, leveraging our deep market expertise, extensive networks, and proven success in securing top talent. Avoid the high costs of growing an in-house team and agency placement fees. We have it all in our plug & play TA solution.
About the Role

Role Mission

The Senior Analyst – Cyber Security Incident Response is responsible for monitoring, detecting, and analyzing cybersecurity incidents through the Security Operations Centre (SOC) platform. The role supports the end-to-end incident lifecycle — including triage, investigation, containment, and closure — ensuring timely response to security events and maintaining cyber resilience. This role acts as the Level 2 (L2) Incident Responder, bridging SOC analysts and Incident Response management by performing deep technical analysis and coordinating with internal teams for resolution.

Accountabilities:

  • Perform end-to-end incident triage and investigation of security alerts escalated from L1 SOC analysts.
  • Ensure timely incident analysis, containment, and escalation aligned with MTTD and MTTR goals.
  • Support the SIEM platform (Elastic Stack) by fine-tuning existing rules and suggesting new detections.
  • Conduct log analysis and correlation across multiple data sources (network, endpoint, and cloud).
  • Create and maintain incident documentation, reports, and lessons learned.
  • Support incident response playbook execution during containment and recovery phases.
  • Collaborate with IT, network, and application teams for incident remediation and root cause analysis.
  • Provide insights for use case improvements and participate in use case validation and testing.
  • Escalate confirmed incidents to CSIRT / Assistant Manager – Incident Response for further action.
  • Participate in post-incident reviews, contributing to process and detection improvements.

  • Monitor alerts generated from the SOC/SIEM and perform initial to intermediate-level investigations. 
  • Review and validate security events from multiple log sources and identify legitimate threats.
  • Perform deep-dive investigations for incidents involving malware, phishing, insider threats, and cloud breaches.
  • Assist in detection rule creation and tuning under the guidance of senior incident responders.
  • Use frameworks like MITRE ATT&CK for mapping and improving detection quality.
  • Conduct threat hunting using Elastic Stack and related tools.
  • Collaborate with MSSP, CSIRT, and IT infrastructure teams to ensure timely incident handling.
  • Support incident response reporting, evidence collection, and documentation for compliance and audit.
  • Contribute to automation opportunities in detection and response workflows.
  • Participate in training sessions, simulations, and tabletop exercises to enhance readiness.
  • Responsible for the log source onboarding and managing the continuous logs availability on the SIEM platform.
  • Monitor alerts generated from the SOC/SIEM and perform initial to intermediate-level investigations. 
  • Review and validate security events from multiple log sources and identify legitimate threats.
  • Perform deep-dive investigations for incidents involving malware, phishing, insider threats, and cloud breaches.
  • Assist in detection rule creation and tuning under the guidance of senior incident responders.
  • Use frameworks like MITRE ATT&CK for mapping and improving detection quality.
  • Conduct threat hunting using Elastic Stack and related tools.
  • Collaborate with MSSP, CSIRT, and IT infrastructure teams to ensure timely incident handling.
  • Support incident response reporting, evidence collection, and documentation for compliance and audit.
  • Contribute to automation opportunities in detection and response workflows.
  • Participate in training sessions, simulations, and tabletop exercises to enhance readiness.
  • Responsible for the log source onboarding and managing the continuous logs availability on the SIEM platform.
Key Skills
Incident ResponseCyber SecuritySIEMLog AnalysisThreat HuntingMalware AnalysisPhishing DetectionCloud SecurityElastic StackMITRE ATT&CKIncident TriageRoot Cause AnalysisAutomationCollaborationDocumentationPost-Incident Review
Categories
TechnologySecurity & SafetyData & Analytics
Job Information
📋Core Responsibilities
The Senior Incident Response Specialist is responsible for monitoring and analyzing cybersecurity incidents, ensuring timely response and maintaining cyber resilience. This includes performing deep technical analysis and coordinating with internal teams for incident resolution.
📋Job Type
full time
📊Experience Level
5-10
💼Company Size
15
📊Visa Sponsorship
No
💼Language
English
🏢Working Hours
40 hours
Apply Now →

You'll be redirected to
the company's application page