全职 SOC Operations Engineer (Day 2) 工作, 薪水 up to MYR 10,000, Hanodale Solution Federal Territory 公司招聘中 - Ricebowl

Job Overview

We are looking for an experienced SOC Operations Engineer (Day 2) to support advanced security monitoring and security operations across network, endpoint, email, web, WAF, and data protection platforms.

The ideal candidate will be responsible for investigating complex security alerts, improving SOC effectiveness, maintaining security tool health, identifying security gaps, and collaborating closely with incident response and engineering teams.

Key Responsibilities

Advanced Alert Investigation & Response

• Investigate and respond to security alerts generated from SIEM, EDR, network, email, web, WAF, and DLP platforms.
• Perform deep-dive analysis on high-severity incidents and validate true/false positives.
• Escalate incidents where necessary and support containment, eradication, and recovery activities with Incident Response teams.

Threat Hunting & Continuous Improvement

• Conduct proactive threat hunting using IOCs, TTPs, and threat intelligence feeds.
• Identify detection gaps, blind spots, false positives, and under-utilized features.
• Recommend and implement improvements to enhance SOC effectiveness.

Security Tool Health & Optimization

• Monitor security tool health, usage, coverage, and overall platform performance.
• Track agent health, software versions, firmware updates, and vendor advisories.
• Ensure security logs are properly collected, visible, and healthy within SIEM and monitoring tools.

Compliance & Governance

• Ensure compliance with regulatory and security standards such as PCI DSS, ISO 27001, and NIST.

Collaboration & Knowledge Sharing

• Work closely with engineering teams to improve detection rules and security automation.
• Participate in post-incident reviews and contribute to lessons learned activities.

Process Enhancement

• Identify opportunities to improve SOC processes and workflows.
• Develop and maintain incident response playbooks for common security incidents.

Reporting & Documentation

• Maintain accurate investigation records, operational reports, and shift handovers.
• Prepare incident reports including root cause analysis and lessons learned.
• Track SOC KPIs such as MTTR, MTTD, alert trends, and false positives.
• Generate compliance-ready documentation for audits and regulatory requirements.
• Provide executive summaries with key incident findings and improvement recommendations.

Requirements

• 4–7 years of experience in SOC or Security Operations roles.
• Hands-on experience with SIEM and EDR platforms.
• Strong knowledge of network, endpoint, email, web, WAF, and DLP security controls.
• Experience handling security incidents including malware, phishing, and insider threats.
• Familiarity with threat intelligence concepts and frameworks.
• Strong analytical, troubleshooting, and documentation skills.
• Understanding of compliance and regulatory frameworks such as PCI DSS, ISO 27001, and NIST.

Preferred Skills

• Experience with threat hunting and incident response activities.
• Knowledge of SOC metrics and operational reporting.
• Experience working in enterprise or managed security environments.
• Relevant cybersecurity certifications are an added advantage.

Pay: RM6,000.00 - RM10,000.00 per month

Work Location: In person