Full Time SOC Operations Engineer Jobs, in Fit Pioneer Resources Selangor - Maukerja

We are seeking a SOC Operations Engineer (Day 2) to support advanced security monitoring and operations across network, endpoint, email, web, and data protection platforms. The role focuses on investigating complex alerts, maintaining security tool health, identifying gaps, and continuously improving SOC effectiveness. You will work closely with incident response and engineering teams.

Key Responsibilities:

• Investigate and respond to security alerts from SIEM, EDR, network, email, web, WAF, and DLP tools.
• Perform deep-dive analysis of high-severity incidents, validate true/false positives, and escalate as required.
• Support containment, eradication, and recovery activities in collaboration with IR teams.
• Conduct proactive threat hunting based on IOCs, TTPs, and threat intelligence feeds.
• Identify detection gaps, blind spots, false positives, and under-utilized features; recommend improvements.
• Monitor security tool usage, health, coverage, and performance across all platforms.
• Track agent health, software versions, firmware updates, and vendor advisories.
• Ensure security logs are visible, complete, and healthy within SIEM and other monitoring tools.
• Ensure adherence to regulatory and compliance requirements (e.g., PCI DSS, ISO 27001, NIST).
• Work closely with engineering teams to tune detection rules and improve automation.
• Participate in post-incident reviews and contribute to lessons learned.
• Identify opportunities for process enhancements.
• Develop and maintain playbooks for common incident types.
• Maintain accurate investigation records, daily shift handovers, and operational reports.
• Prepare incident reports, including root cause analysis and lessons learned for major cases.
• Track and report SOC performance metrics (e.g., MTTR, MTTD, alert trends, false positives).
• Generate compliance-ready documentation for audits and regulatory requirements.
• Provide executive summaries highlighting key incidents, trends, and improvement recommendations.

Required Skills & Experience:

• 4–7 years of experience in a SOC or Security Operations role.
• Hands-on experience with SIEM and EDR platforms.
• Working knowledge of network, endpoint, email, web, WAF, and DLP security controls.
• Experience investigating and responding to security incidents, including malware, phishing, and insider threats.
• Familiarity with threat intelligence concepts and frameworks.
• Strong analytical, troubleshooting, and documentation skills.
• Understanding of compliance frameworks and regulatory requirements.