Our Jobs

SOC ANALYST

Apply Now

Job Details

Job type icon
Full Time
Location icon
Shah Alam
Department icon
Security and Infrastructure
Education icon
Bachelor’s degree in Computer Science or a related field

About the role?

We are seeking a hands-on SOC Analyst to design and develop the SOC detection and response framework from the ground up.

Key Responsibilities

  • SOC Rule & Policy Development.
  • Design, build and tune custom KQL detection rules in Microsoft Sentinel and Defender XDR.
  • Develop and enforce security baselines and Intune compliance policies across endpoints.
  • Configure Defender for Endpoint, Defender for Identity and Defender for Cloud Apps policies to enhance visibility and detection coverage.
  • SIEM/SOAR Configuration.
  • Configure data connectors, data collection rules (DCR/DCE) and log analytics workspaces in Azure Sentinel.
  • Define parsing, normalization and custom table schemas for non-native data sources.
  • Develop automated playbooks (Logic Apps) to streamline alert enrichment, notification and escalation workflows.
  • Alerting, Tuning & Incident Response.
  • Create and maintain alert rules, analytic queries and automation rules to ensure actionable alerts with minimal false positives.
  • Work closely with Tier 1/2 analysts to continuously tune rule thresholds and response triggers.
  • Conduct threat hunting activities using advanced hunting queries in Defender XDR and Sentinel.
  • Governance & Documentation.
  • Develop and maintain the SOC policy framework, including alert handling, escalation matrix and severity classification.
  • Document all rule sets, configurations and workflows in a structured SOC Knowledge Base.
  • Collaborate with compliance teams to ensure alignment with ISO 27001, GDPR and company ISMS standards.
  • Continuous Improvement.
  • Research new threat vectors, detection techniques and Microsoft security feature updates.
  • Participate in red/blue team simulations to validate detection and response coverage.

Requirements

  • Minimum 3–5 years of SOC or Security Engineering experience.
  • Strong understanding of SIEM/SOAR operations, log management and incident response workflows.
  • Familiar with KQL (Kusto Query Language) and PowerShell scripting for automation.
  • Knowledge of MITRE ATT&CK, NIST and ISO 27001 frameworks.
  • Excellent problem-solving, documentation and analytical skills.
  • Hands-on experience with Microsoft Defender XDR (Endpoint, Identity, Cloud Apps), Microsoft Sentinel (KQL, Analytic Rules, Logic Apps), Intune (Endpoint Security, Compliance Policies, Configuration Profiles) Entra ID / Azure AD Conditional Access Policies and Microsoft Purview (DLP, Insider Risk, Information Protection).