Our Jobs

SECURITY OPERATIONS CENTER ANALYST

Apply Now

Job Details

Job type icon
Full Time
Location icon
Shah Alam
Department icon
Security and Infrastructure
Education icon
Bachelor’s degree in Computer Science or a related field

About the role?

We are seeking a hands-on SOC Analyst to design and develop the SOC detection and response framework from the ground up.

Key Responsibilities

  • SOC Rule & Policy Development.
  • Design, build and tune custom KQL detection rules in Microsoft Sentinel and Defender XDR.
  • Develop and enforce security baselines and Intune compliance policies across endpoints.
  • Configure Defender for Endpoint, Defender for Identity and Defender for Cloud Apps policies to enhance visibility and detection coverage.
  • SIEM/SOAR Configuration.
  • Configure data connectors, data collection rules (DCR/DCE) and log analytics workspaces in Azure Sentinel.
  • Define parsing, normalization and custom table schemas for non-native data sources.
  • Develop automated playbooks (Logic Apps) to streamline alert enrichment, notification and escalation workflows.
  • Alerting, Tuning & Incident Response.
  • Create and maintain alert rules, analytic queries and automation rules to ensure actionable alerts with minimal false positives.
  • Work closely with Tier 1/2 analysts to continuously tune rule thresholds and response triggers.
  • Conduct threat hunting activities using advanced hunting queries in Defender XDR and Sentinel.
  • Governance & Documentation.
  • Develop and maintain the SOC policy framework, including alert handling, escalation matrix and severity classification.
  • Document all rule sets, configurations and workflows in a structured SOC Knowledge Base.
  • Collaborate with compliance teams to ensure alignment with ISO 27001, GDPR and company ISMS standards.
  • Continuous Improvement.
  • Research new threat vectors, detection techniques and Microsoft security feature updates.
  • Participate in red/blue team simulations to validate detection and response coverage.

Requirements

  • Minimum 3–5 years of SOC or Security Engineering experience.
  • Strong understanding of SIEM/SOAR operations, log management and incident response workflows.
  • Familiar with KQL (Kusto Query Language) and PowerShell scripting for automation.
  • Knowledge of MITRE ATT&CK, NIST and ISO 27001 frameworks.
  • Excellent problem-solving, documentation and analytical skills.
  • Hands-on experience with Microsoft Defender XDR (Endpoint, Identity, Cloud Apps), Microsoft Sentinel (KQL, Analytic Rules, Logic Apps), Intune (Endpoint Security, Compliance Policies, Configuration Profiles) Entra ID / Azure AD Conditional Access Policies and Microsoft Purview (DLP, Insider Risk, Information Protection).