全职 Security Analyst 工作, 薪水, Ryt Bank Federal Territory 公司招聘中 - Ricebowl

About the Team

We're building the next generation of digital banking infrastructure that combines enterprise-grade reliability with startup agility.

Our Cyber Security team is the backbone of our technology organisation, ensuring that innovation and trust go hand in hand as we scale Malaysia's first AI-powered digital bank.

You'll collaborate with some of the sharpest minds in the industry, operating in a supportive and dynamic environment that fosters creativity, exploration, and innovation.

Your next thrilling adventure starts here. Be part of shaping the future of digital banking today!

About the Role

Security Analysts are the operational core of Ryt Bank's Cyber Operations team, responsible for security monitoring, detection engineering, incident response, threat intelligence, and vulnerability management. The team runs two seniority levels — Sr Security Analyst and Security Analyst — sharing the same broad remit across all defensive domains. The distinction lies in depth of experience, independence of execution, and breadth of ownership.

Sr Security Analysts are expected to lead independently across all domains, drive detection engineering improvements, and mentor junior analysts. Security Analysts build foundational capability across a subset of domains, growing toward full-spectrum ownership over time.

Both roles are well-suited to technically sharp, methodical individuals eager to work in a fast-moving AI-powered digital bank where the threat landscape — including AI-native attack surfaces — evolves daily.

What You'll Do

DETECTION & MONITORING

• Triage security alerts escalated from the MSSP (L1), applying MITRE ATT&CK and bank-specific context to determine severity and response. Sr Analysts lead L2/L3 triage with independent judgement; Analysts handle L2 triage under guidance.
• Develop and maintain detection-as-code rules (Sigma, KQL) in the SIEM. Sr Analysts own the detection engineering programme — developing, tuning, and retiring rules based on threat intelligence; Analysts contribute rules and improvements.
• Monitor security event logs, network traffic, endpoint telemetry, and application logs for indicators of compromise.
• Develop SOAR playbooks. Sr Analysts drive automation improvements and reduce analyst toil team-wide; Analysts contribute to individual playbook development.

INCIDENT RESPONSE

• Participate in incident response activities — triage, containment, evidence collection, eradication, and post-incident review. Sr Analysts lead complex or prolonged incidents; Analysts participate under Sr Analyst or Lead direction.
• Conduct digital forensics and malware analysis. Sr Analysts produce forensic reports suitable for regulatory and legal purposes; Analysts handle standard analysis and escalate complex cases.
• Maintain accurate incident records for BNM reporting and post-incident learning.
• Support BNM incident notification preparation. Sr Analysts coordinate ORION reporting; Analysts assist with documentation.

THREAT INTELLIGENCE

• Convert intelligence findings into actionable detection rules, IOC blocklists, and SOAR playbook triggers.
• Monitor AI-specific threat patterns — deepfake fraud, prompt injection campaigns, adversarial inputs targeting DIDE, MCP/agentic workflow exploitation. Sr Analysts produce strategic threat assessments and briefings; Analysts monitor and escalate findings.
• Support monthly BNM threat assessment report preparation. Sr Analysts lead report production; Analysts provide data and draft sections.

VULNERABILITY MANAGEMENT

• Track and coordinate remediation of identified vulnerabilities within agreed SLAs.
• Maintain the bank's vulnerability management platform and ensure asset coverage is complete.

What We're Seeking

EXPERIENCE

• 3–5 years across SOC operations, threat intelligence, incident response, and vulnerability management — with demonstrated ability to operate independently across all domains.
• Proven ownership of a threat intelligence programme or detection engineering function.
• Deep familiarity with dark web monitoring, OSINT tradecraft, and CTI operationalisation.
• Strong exposure to AI/ML threat vectors — deepfake fraud, adversarial AI, LLM-specific attacks, agentic workflow exploitation.
• Experience in a regulated financial institution or digital banking environment is strongly preferred.

SKILLS (BOTH LEVELS)

• Proficiency in detection-as-code — Sigma, KQL, or SPL.
• Methodical and precise incident documentation and analytical skills.
• Ability to operate calmly and decisively under pressure during live incidents.
• Sr Analysts: expert-level proficiency, ability to lead incidents and mentor others, strong report-writing for board and BNM audiences.
• Analysts: growing proficiency, collaborative mindset, proactive in expanding domain coverage.

PREFERRED CERTIFICATIONS

• CompTIA CySA+, Security+.
• GIAC GCIH, GCFA, or GCTI.
• Sr Analysts: CISSP or CISM for senior progression.
• CEH or equivalent.

What We Value

• Revolutionary in our thinking.
• Innovative in our products, services and the way we work.
• Genuine in our intentions.
• Honourable in our actions.
• Tenacious in overcoming challenge.