Mar 2022 – Aug 2022 · 5 mos · Georgetown, Penang, Malaysia

• 📑 IHS Markit is now part of S&P Global 🤝
• » Triage and investigate cybersecurity alerts.
• » Monitor and respond to alerts generated by our enterprise security tools.
• » Triage issues escalated by the Cyber Defense team ensuring quick and appropriate follow-up actions are taken.
• » Recommend alert tuning as required and participate in the tuning process.
• » Improve our detection capabilities by building and enhancing alert rules and actively hunting for evidence of malicious activity.
• » Operate and maintain security tooling and platforms.
• » Follow and enhance security playbooks for the Security Operations Team.
• » Work closely with the Incident Response Team to ensure time-sensitive actions are performed quickly and diligently.
• » Work on various internal projects/initiatives such as UAT and POC of new SOC tools, working cross-functionally with other teams/departments as a stakeholder.
• » Participate in firm-sponsored training, red/blue team events.
• » Perform whitelisting/filtering of false-positive signals.
• » Block malicious network traffic and isolate infected hosts on internal networks.
• » Participate in working with the Security automation team in developing cutting edge security enhancements.

Feb 2021 – Mar 2022 · 1 yr 1 mo · Penang, Malaysia

• 📑 IHS Markit is now part of S&P Global 🤝
• » Coordinate response to security incidents and request.
• Incident & Request ticket queue management for Information Security related incidents and tasks.
• Works initially for all tickets assigned to Information Security queue. Escalates more complex issues to Tier 2 SOC.
• » Apply security policies and procedures.
• » Basic analysis of IDS, Syslog and SIEM alerts.
• » Create incidents based on suspicious alerts and proceed according to incident response guidelines.
• » Use advance analytic tools to determine emerging threat patterns and vulnerabilities.
• » Monitor network availability for any potential security incidents and investigate security events when applicable.
• » Identify security breaches and take action to stop and prevent them in the future.
• » Monitor identity and access management, including monitoring for abuse of permissions by authorized system users.
• » Work closely with all operational teams to assign ownership of events.
• » Support maintenance and operation of monitoring tools.
• » Provide support for multiple back-office information security products.
• » Configuration and administration of internal security team specific solutions.
• » Supporting 24x7 SOC support coverage.

Mar 2020 – Feb 2021 · 11 mos · Penang, Malaysia

Sep 2019 – Feb 2020 · 5 mos · Bangsar South, Kuala Lumpur

• Internship at Security Operations Centre (SOC) for 6 months
• Technical Task:
• Respond to security alerts.
• Investigate and gather evidences of incidents for Incident Reporting from SIEM console.
• Acknowledge each security alert triggered on SIEM console.
• Monitor Website Uptime and Integrity.
• Monitor client's Domain Name System (DNS) behavior, including its security extensions (DNSSEC) via DNSViz.
• Monitor on the critical alert triggered from the services on servers, switches, applications and service via Nagios and report it to the Security Analyst (SA).
• Create query and develop content (on Dashboard) for monitoring purposes in SIEM console.
• Administrative Task:
• Daily Health Check on every clients device for detecting logs availability.
• Notify Senior Security Analyst (SSA) or Team Leader in the event of serious security threats.
• Create an open ticket for Incident Reporting.
• Assist on client's Security Monthly Report.
• Log daily activities to be reviewed by SSA for internship reporting purposes.

Nov 2015 – Aug 2016 · 9 mos · Penang, Malaysia

• Global IT Support (L1 Support)
• Intel escalation process (depends on the sensitivity of the issues)
• Troubleshoot Windows issues on Windows Roaming & Local Profile, Temporary Admin Right and etc.
• Troubleshooting Office products’ issues on Lync, Outlook (.PST file, .OST file and Mail Cloud) and etc.
• Troubleshooting Intel products’ issues on Let’s Meet (LM), Wellnomics, Citrix, Intel Software Market (ISM), Mokafive, Syncplicity
• Knowledge in Office 365, Intel enforcement process & the Enforcement Management Portal (EMP)

Jun 2013 – Oct 2014 · 1 yr 4 mos · Penang, Malaysia

• IT Technician (as Intern)
• Provide on-site technical support
• Installing and configuring computer hardware, operating systems and applications
• Monitor networking equipment and servers
• Installing and configuring CCTV and alarm system
• Involved in PC Refresh of Laptops/Desktops for Alliance Bank Malaysia with the support from Hewlett-Packard (HP) Malaysia
• Involved in setting up Centralized Customer Queue Management System for Bank Rakyat Malaysia throughout Northern region