Job Description

Are you ready to get ahead in your career?

• We want to empower you to turn your ambitions into achievements.
• We thrive in inclusiveness, diversity and embrace close collaborations for you to create impact for yourself and others.
• Together, we aim to bring the best of technology to help people, businesses and the nation to be ahead in a changing world.
• To realise our vision to become Malaysia’s leading converged solutions company, we are looking for a new talent to innovate and grow with us in a culture that values commitment, performance and possibilities.

Why does this job exist and why is it critical?​

Administer, optimize, and troubleshoot SIEM platforms (Wazuh & FortiSIEM).
• Onboard and manage log sources (firewalls, servers, IPS, WAF and etc).
• Develop, document and tune detection rules, correlation logic, dashboards, and alerts.
• Design, implement and document SOAR / playbooks for incident triage and response.
• Work closely with SOC analyst and all relevant team to understand their workflows and identify opportunities for automation and process involvement.
• Maintain operational documentation, SOPs, architecture diagrams, and use-case catalogues (design → testing → deployment → periodic review).
• Validate alert fidelity and reduce false positives.
• Perform regular detection health checks and coverage reviews and weekly
reporting.
• Track detection effectiveness using KPIs (e.g false positive rate, MTTD contribution)
• Ensure compliance with security standards e.g ISO27001, regulatory requirements, and best practices.
• Operationalize threat intelligence into detections, enrichments, and hunting queries (Collaborate with third party vendor).
• Support SIEM capacity planning, performance tuning, and data growth forecasting.

Required Skills & Experience

• 3-4 years in cybersecurity, SIEM engineering, or detection engineering.
• Hands-on experience with SIEM platforms (Wazuh and FortiSIEM).
• Strong understanding of network protocols, log management, Windows & Linux.
• Strong expertise in log enrichment, parsing, and automation using Python, PowerShell, Bash, Regex, REST APIs, and SOAR platforms.
• Strong knowledge of incident response, security monitoring, and analytics.
• Experience with SOAR platforms such as n8n; experience with other SOAR tools is a plus.
• Familiarity with security tools and frameworks such as MITRE ATT&CK, VirusTotal, MISP, Abuse.ch
• Ability to troubleshoot complex IT, cloud, and hybrid environments.

Preferred Qualifications

• 3-4 years of experience in MSSP or enterprise cybersecurity, with proven expertise in SIEM platforms.
• CompTIA Security+, RedHat, or other Python/scripting certifications for understanding attacker TTPs and enhancing detection engineering.
• Strong scripting/programming skills in Python, PowerShell or JavaScript.
• Strong problem solving skills and analytical skills.
• Excellent written and verbal communication skills for documentation and cross-team collaboration.
• Willingness to participate in on-call rotations or provide support during high-severity incidents (as needed).
• Experience integrating AI‑driven threat intelligence and leveraging AI to enhance adaptive detection models is an added advantage.

What’s next?

• Once you’ve applied online, our team will carefully review your application. Due to a high volume of applications, we appreciate your patience to allow for a fair and timely review process.
• Should you be shortlisted for the role, we will send you an invitation via email for a digital interview. You can also check on your application status by logging into your candidate account.

Maxis values diverse voices & people. We hire and reward our employees based on capability & performance — regardless of ethnicity, gender, age, education, religion, nationality or physical ability.