Our client, a leading entity in the Cyber Security and IT sector, is currently seeking a Security Platform Engineer to join their team on a contract basis in Kuala Lumpur. This role is crucial for engineering, integrating, and maintaining security tools and platforms essential for cyber defence operations.
Key Responsibilities:
- Engineer, deploy, and maintain security platforms across hybrid environments (cloud and on-prem).
- Ensure platforms provide actionable telemetry to support SOC and IR teams in detecting and responding to threats.
- Integrate security platforms within detection and response pipelines (SIEM, SOAR, data lakes) to enable effective threat detection.
- Optimise platform configurations, fine-tune for performance, and ensure platform health.
- Collaborate with CDC operations teams to develop and implement detection and response use cases.
- Contribute to automation, scripting, and infrastructure-as-code efforts to enhance platform operations.
- Evaluate and onboard new security tools, focusing on vendor-agnostic solutions and platform capabilities.
- Maintain documentation, runbooks, and operational playbooks to ensure smooth platform operation and troubleshooting.
Job Requirements:
- Experience in information security and cyber security.
- Strong understanding of log telemetry, data pipelines, and detection use cases.
- Experience with platform integration across hybrid cloud and on-prem environments.
- Ability to troubleshoot complex platform or integration issues.
- Hands-on experience with security platforms (e.g., EDR, email security, Threat Intel Platforms, CASB).
- Proficiency in scripting (e.g., Python, PowerShell) and automation frameworks.
- Familiarity with security operations workflows and detection frameworks (e.g., MITRE ATT&CK, NIST CSF).
- Strong collaboration skills across technical and operational teams, including SOC, IR, and TI.
- Bachelor's degree in Computer Science, Information Security, Cyber Security, Engineering, or Information Technology OR equivalent experience in security platform engineering, SOC tooling, or cyber defence roles.
Preferred Qualifications:
- Microsoft security platform experience, including Microsoft Sentinel (SIEM) and Microsoft Defender (Endpoint, Identity, Cloud Apps, Email).
- Microsoft security certifications such as SC-200 (Security Operations Analyst), SC-300 (Identity and Access Administrator), and AZ-500 (Azure Security Engineer).
- Experience operating in hybrid or cloud-first enterprise environments.
If you possess significant expertise in security platform engineering and are eager to contribute to a dynamic and global team, we would love to hear from you. Apply now to join our client's esteemed team in Kuala Lumpur.
