Enable job alerts via email!
SOC Analyst L-1 (Malang Based)
Nawatech
Klojen
On-site
IDR 200.000.000 - 300.000.000
Full time
14 days ago
Job summary
A cybersecurity firm in Indonesia is seeking a Security Operations Center (SOC) Analyst to monitor security events using various SIEM platforms. Responsibilities include analyzing security alerts, conducting investigations, and collaborating with teams to mitigate incidents. Ideal candidates will have 1-3 years of experience in cybersecurity, familiarity with SIEM platforms, and strong log analysis skills. This role offers rotational shifts and opportunities for skill development in a dynamic environment.
Qualifications
- 1-3 years of experience in cybersecurity or IT support.
- Familiarity with at least one SIEM platform.
- Basic understanding of TCP/IP and firewalls.
- Strong log analysis and incident troubleshooting skills.
- Foundational knowledge of OWASP Top 10.
Responsibilities
- Monitor security events using SIEM platforms.
- Analyze and triage security alerts.
- Conduct initial investigations of suspicious activities.
- Collaborate with security teams to mitigate incidents.
- Document investigation findings.
Skills
Monitoring security events
Log analysis
Incident troubleshooting
Basic threat hunting
Tools
Microsoft Sentinel
Splunk
Wazuh
Google SecOps
Sysmon
Suricata
Azure Monitor
Job description
What Will You Do
This role operates in two rotational shifts during working days:
- Monitor security events and alerts using SIEM platforms such as Microsoft Sentinel, Splunk, Wazuh, or Google SecOps.
- Analyze and triage security alerts based on severity and potential impact.
- Conduct initial investigations of suspicious activities and potential security incidents.
- Collaborate with other security teams to escalate and mitigate incidents.
- Document investigation findings and assist in incident reporting.
- Support the development and maintenance of SOC playbooks and response procedures.
- Perform basic threat hunting based on Indicators of Compromise (IoCs).
- Assist in system patching and hardening based on security monitoring insights.
- 1–3 years of experience in cybersecurity or IT support.
- Familiarity with at least one SIEM platform (Sentinel, Splunk, Wazuh, or Google SecOps).
- Basic understanding of TCP/IP, firewalls, IDS/IPS, and Windows/Linux systems.
- Strong log analysis and incident troubleshooting skills.
- Foundational knowledge of OWASP Top 10 and MITRE ATT&CK framework.
- Certifications such as CompTIA Security+, SC-200, or CEH.
- Experience with tools like Sysmon, Suricata, or Azure Monitor.
- Basic scripting skills (Python, PowerShell, Bash).
- Exposure to cloud environments (Azure, AWS, GCP).
- Monitoring & Detection: Utilize SIEM to detect anomalies and potential attacks.
- Incident Response: Manage incidents from detection to resolution.
- Log Analysis: Analyze logs from firewalls, endpoints, servers, and applications.
- Threat Intelligence: Leverage threat intel feeds for contextual analysis.
- Reporting: Prepare daily and weekly security status reports.
This role operates in two rotational shifts during working days:
- (Morning): 7:00 AM – 4:00 PM
- (Afternoon): 1:00 PM – 10:00 PM
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
Land a better
job faster
job faster
Follow us
