Role Purpose: Detect, investigate, and respond to threats across cloud, endpoint, identity, network, and SaaS estates before they impact client deliverables or regulated data.

Key Responsibilities:

• Monitor and triage alerts from Microsoft Sentinel/Defender
• XDR Lead incident response, containment, and post-incident reviews
• Develop detection rules mapped to MITRE ATT&CK framework
• Run purple-team drills on document-heavy processes
• Create and maintain playbooks and SOC automation

Preferable Experience:

• 3-5 years in SOC/Incident Response environments
• Strong experience with Microsoft security stack (Sentinel, Defender)
• Log analysis, investigation, and threat-hunting skills
• Scripting for automation (KQL, PowerShell, Python)
• Security+, CySA+, AZ-500 or SC-200 certifications a plus
• You MUST be a Malay National to be considered

Success Measures:

• Detect-to-respond time <60 minutes for high-fidelity alerts
• 100% coverage across endpoints, identities, SaaS and cloud
• Zero material data loss events across K3 brands

Salary Range:

RM 91,000 - 172,000 per year + on-call allowance and competitive benefits package included

Location: Kuala Lumpur, Malaysia (Hybrid with on-call rotation)