Position Snapshot
Location: Kuala Lumpur, MY
Company: Nestrade (Nestle Regional Service Centre)
Full-time
Bachelor’s Degree
5+ years of experience


Position Summary
Joining Nestlé means you are joining the largest Food and Beverage Company in the world. At our very core, we are a human environment – passionate people driven by the purpose of enhancing the quality of life and contributing to a healthier future. A Nestle career empowers you to make an impact locally and globally, as you are provided with the opportunity to make a mark and stand out, as long as you seek it. With Nestle, you are enabled and encouraged to grow not only as professionals, but also as people.


We are currently looking for Cyber Security Incident Response Specialist to join the Global Cyber Security Incident Response team based in Kuala Lumpur, Malaysia. In this position, you will provide situational awareness through the detection, containment, and remediation of cyber threats.


As a level 3 Incident Response Specialist you will manage security incidents, ensuring they are properly identified, analyzed, communicated, actioned/defended, investigated and reported. Together with external SOC services, you will monitor Nestlé assets to identify potential cyber-attacks. Furthermore, you will design and build threat detection techniques to continuously address new threats and increase the Cyber SOC threat detection and response coverage. Working within cross-functional teams, you will create and implement operational processes, identify threats and security gaps, and collaborate with the Security Community of Practice to develop measures to protect the company information and provide inputs to other positions/functions to perform lessons learned and continuous improvement.


A day in the life of...

• Lead advanced cybersecurity incident investigations and response activities.
• Act as the escalation point for cybersecurity incidents requiring advanced and complex investigation at the L1/L2 levels.
• Provide incident response guidance to L1 and L2 Incident Response Analysts.
• Design, build, and enhance threat detection capabilities in SIEM, SOAR, and other security solutions.
• Drive the creation and continuous refinement of Cyber Security Incident Response runbooks.
• Continuously improve threat prevention and detection capabilities, as well as incident response processes and procedures, to address evolving cyber threats.
• Keep the GCSIRT management team and key business stakeholders informed and engaged regarding critical security incidents and related developments.

What will make you successful

• Bachelor or Master’s Degree in Computer Science, Information Security or another similar relevant degree.
• 5+ years of cyber incident response and/or cyber security experience.

• Lead and manage web application security incidents, ensuring timely detection, containment, and resolution. Experience with various incident handling methodologies is a plus.
• Experience and keen understanding of cybersecurity tools, including SIEM, SOAR, IDS/IPS, EDR, endpoint detection & response solutions and more.
• Perform in-depth analysis of security logs to identify anomalies and potential security threats. Hands-on experience with SPL (Search Processing Language) and KQL (Kusto Query Language) for SIEM tools is highly preferred.

• Utilize the MITRE ATT&CK Framework to create and refine Use Cases for advanced threat detection and response. Experience in developing and maintaining these Use Cases is a valuable asset.
• Collaborate with cross-functional teams to improve the organization’s security posture by identifying vulnerabilities in web applications and APIs and recommending appropriate mitigations.
• Strong understanding of web application and API attack vectors, including but not limited to SQL injection, cross-site scripting (XSS), and API abuse.

• Demonstrated ability to analyze complex security issues, develop practical solutions, and communicate them effectively to technical and non-technical stakeholders.
• Effective communication skills and ability to present information to a wide variety of internal stakeholders, including senior-level leadership.
• Experience having worked in a global environment and with virtual teams.

• Professional experience working with sensitive or confidential information in a work environment.
• A commitment to staying current with emerging cybersecurity threats, tools, and best practices.
• Relevant certifications such as CISSP, GCIH, GCFA, CEH, or another similar certification are a plus.

We are Nestlé, the largest food and beverage company. We are 308,000 employees strong driven by the purpose of enhancing the quality of life and contributing to a healthier future. Our values are rooted in respect: respect for ourselves, respect for others, respect for diversity and respect for our future. With more than CHF 91.4 billion sales in 2018, we have an expansive presence with 413 factories in more than 85 countries. We believe our people are our most important asset, so we'll offer you a dynamic inclusive international working environment with many opportunities across different businesses, functions and geographies, working with diverse teams and cultures. Want to learn more? Visit us at www.nestle.com.