Role Purpose: Detect, investigate, and respond to threats across cloud, endpoint, identity, network, and SaaS estates before they impact client deliverables or regulated data.
Key Responsibilities:
- Monitor and triage alerts from Microsoft Sentinel/Defender
- XDR Lead incident response, containment, and post-incident reviews
- Develop detection rules mapped to MITRE ATT&CK framework
- Run purple-team drills on document-heavy processes
- Create and maintain playbooks and SOC automation
Preferable Experience:
- 3-5 years in SOC/Incident Response environments
- Strong experience with Microsoft security stack (Sentinel, Defender)
- Log analysis, investigation, and threat-hunting skills
- Scripting for automation (KQL, PowerShell, Python)
- Security+, CySA+, AZ-500 or SC-200 certifications a plus
- You MUST be a Malay National to be considered
Success Measures:
- Detect-to-respond time <60 minutes for high-fidelity alerts
- 100% coverage across endpoints, identities, SaaS and cloud
- Zero material data loss events across K3 brands
Salary Range:
RM 91,000 - 172,000 per year + on-call allowance and competitive benefits package included
Location: Kuala Lumpur, Malaysia (Hybrid with on-call rotation)
