SOC Engineer
Kuala Lumpur - Malaysia
Job Summary
SOC EngineerKuala Lumpur(Hybrid)
WHO WE ARE
S-RM is a global intelligence and cyber security 2005wevehelped some of the most demanding clients in the world solve some of their toughest information security challenges.
Wevebeen able to do this because of our outstanding to developingsharp curious driven individuals who want to think critically solve complex problems and achieve success.
But we also know that the lives and careers it helps us proud of thiscultureand we invest in our peoples wellbeing learning and ideas every day.
Wereexcitedyourethinking about joining us.
WORKING IN CYBER AT S-RM
Our Cyber Security division is the fastest-growing part of S-RM. Thecyber sector is always evolving and ourAdvisoryManaged Services andIncident Responsepractices arein moredemand than ever.
Werebuilding a team to meet this respond innovate and too hung up on hierarchy or your ideas are good enoughwellempower you to implement best person to talk to a customeryoullget that opportunity regardless of the title in your email signature. And when you need a hand your team will always have your back.
We alsodontbelievetheresa typical cyber security a team of intelligence analysts technical specialists software developers investigators risk managers and find a range of perspectives andexpertiseto help you learn and grow.
If that sounds like your kind of teamwedlike to hear from you.
THE ROLE
AsSOCEngineer you will drive the technical onboarding of MSSP customers and ensure comprehensive security monitoring coverage through log ingestion and detection engineering. The ideal candidate will have strongexpertisein SIEM administration log source integration anddetectionrule development. Additionally having experience with customer-facing technical roles data parsing and normalization and threat detection frameworks such as MITRE ATT&CK will get you ahead.
Key Responsibilities
- Customer Onboarding & Integration: You will lead the technical onboarding of new MSSP customers including scoping log sourcesdeploying collectioninfrastructureandvalidatingend-to-end data flow. This includesmanaging onboarding timelines coordinating with customer IT teams and ensuring a smooth transition into active monitoring.
- Log Ingestion & Data Engineering: You will implement log ingestion pipelines including parsing normalization andenrichment of diverse log sources. Thisincludes troubleshooting ingestion failures managing data quality andoptimizingvolume and retention across a multi-tenantarchitecture.
- Detection Engineering: You will develop tune andmaintaindetection logic alignedto customer environments and threat landscapes. This includes reducing false positive ratesandimproving detection fidelity based on analyst feedback and emerging threats.
- Documentation & Standardization: You will create andmaintainrunbooks integration guides and onboarding playbooks to ensureconsistent repeatable delivery across customer engagements. You will define and refine standards for log source coverageparsing schemas and detection rule lifecycle management.
- Collaboration & Support: You will work closely with SOC analysts platform engineers threat intelligence teams and clientsuccess managers to understand customer requirements and deliver monitoring solutions that maximize detection coverage. You willprovide technical support and troubleshooting for ingestion and detection-related issues.
- Contributing to Internal Technical Development Initiatives: When the schedule allows you will have opportunities toparticipatein and contribute to internal technical development initiatives.
WHAT WERE LOOKING FOR
Candidates with the following qualifications and experience are likely to succeedin our Managed Servicespracticeat S-RM.
That said if you dont think you meet all of the criteria below but still are interested in the job please checks every boxwerelooking for candidates that are particularly strong in a fewareas andhave some interest and capabilities in others.
We nurture a culture of equality diversity andinclusionand we are dedicated to developing a workforce that displays a variety of talentsexperiencesand perspectives.
Werelooking for:
- Qualifications
- Education: ABachelors or Mastersdegree in a relevant subject (e.g. computer science software engineering systems administration or cybersecurity) or equivalent practical experience. Relevant industry certifications areadvantageous as is demonstrable knowledge such as contributions toopen sourcesoftware or personal projects.
- Experience: 3 years of experience in security engineering detection engineering data engineering or a similar technical role preferably within an MSSP or managed security operations environment.
- Professional Expertise
- Strong problem-solving skills with the ability to troubleshoot complex multi-system issues
- Strong communicationskills particularly in customer-facing and cross-team contexts
- Self-directed with the ability to prioritize tasks and manage workload efficiently across multiple concurrent onboarding engagements
- Technical Expertise
- Strong experience with security tooling such as EDR SIEM and SOAR products
- Strong experience with log management and data pipeline architectures including familiarity with common log source formats (firewall endpoint cloud identity)
- Strong experience writing detection content using query languages such as KQL SPL or SQL
- Familiarity with the MITRE ATT&CK framework and its application to detection coverage mapping
- Experience with customer onboarding or technical integration delivery
- Preferred Expertise
- Experience with CI/CD pipelines and Infrastructure as Code (GitHub Actions Terraform Ansible etc.)
- Proficiencyin programming and scripting languages such as Python Go PowerShell and/or Bash
- Experience with detection-as-code workflows and version-controlled rule management
The successful candidate must have permission to work inKualaLumpurbythe start of their employment.
OUR BENEFITS
We offer thoughtful balanced rewards and support to help our people do their best work and live their lives outside it including:
- 20 days paid holiday each year: in addition to public holidays as well as 1additionalday of leave for every year you work at S-RM up to a maximum of 5 days.
- Flexible working: work a minimum of two days a week in the office and theremainderremotely choose your hours between 7am and 7pm.
- Pension scheme: S-RM contributes to Employees Provident Fund (EPF)in accordance withlegislative requirements.
- Life Insurance: help someone you love should something happen to you.
- Company-paidprivate medical and dental insurance.
- Company-paid maternitypaternityand fertility treatment leave.
- Employee AssistanceProgramme: free access to specialist support services including counselling as well as an online portal of useful articlestipsand tools. Available 24/7 365 daysa year
The role will be based in our office in Kuala Lumpur. However we have flexible working arrangements available.
Please apply to this role via: Job Application for SOC Engineer at S-RM
Required Experience:
IC
About Company
Leading cyber security consultancy and intelligence experts delivering intelligence, resilience, and response solutions to clients worldwide.