Security Operations (SOC) Engineer - Bandung, Indonesia

Description

About the Role

We are seeking a Security Observability Engineer to join our Security team to monitor and protect our systems and applications. In this role, you will be responsible for safeguarding Dropsuite’s cloud and private infrastructure by actively monitoring security events, detecting potential threats, and performing surveillance of our computer systems, applications, networks, and security controls.

This role involves continuously monitoring security alerts, identifying and analysing suspicious activities, and responding in the capacity of a Level 1 SOC engineer. You will be responsible for the timely triage and escalation of security incidents, threats, and vulnerabilities to ensure rapid containment and resolution.

Location – Onsite | Bandung, Indonesia

Work Arrangement

• Full-time position
• Onsite work model
• Initially follow a Monday–Friday, 5-day work week, and will later transition to a shift schedule (Sunday–Wednesday or Wednesday–Saturday) from 7:00 AM to 6:00 PM.
  
  

What You’ll Be Doing

• Monitor security alerts, events, and logs from multiple sources (SIEM, IDS/IPS, EDR, cloud security tools, firewalls, etc.) for potential security threats or anomalous activity.
• Perform first-level triage of security alerts, classify incidents based on severity and criticality, and escalate to engineers of relevant departments as needed.
• Investigate suspicious activities, malware detections, phishing attempts, data loss alerts, or account compromise indicators.
• Execute standard operating procedures (SOPs) for incident response, containment, and remediation at the L1 level.
• Create, update, and track incident tickets to closure, ensuring timely communication with stakeholders and compliance with defined SLAs.
• Collaborate with IT, engineering, and security teams to validate alerts, mitigate risks, and enforce security controls.
• Conduct daily health checks of security monitoring systems and tools to ensure data is collected and processed accurately.
• Assist with vulnerability triage by reviewing scan results and escalating to appropriate teams for remediation.
• Generate and deliver reports on security incidents, trends, and SOC metrics for management review.
• Stay current with emerging cybersecurity threats, tactics, techniques, and procedures (TTPs) through ongoing research and training.
• Contribute to improving SOC workflows, runbooks, and detection use cases for greater operational efficiency.
• Support awareness efforts by documenting and sharing lessons learned from incidents.
  
  

About You

• Diploma or Degree in Computer Science, Cybersecurity, or a related field.
• Minimum 2 years of experience in IT support, SOC, or related security operations environment.
• Familiarity with SIEM platforms (e.g., Splunk, Sentinel, Chronicle, etc) and security monitoring tools (e.g., EDR, IDS/IPS, DLP, CASB, CNAPP, CSPM, etc).
• Basic understanding of networking concepts, firewalls, cloud infrastructure (AWS/GCP), and endpoint security.
• Strong problem-solving, analytical, and investigative skills.
• Ability to differentiate between false positives and true security incidents.
• Knowledge of common attack vectors, MITRE ATT&CK framework, and incident response best practices.
• Strong sense of accountability and urgency in responding to security threats.
• Ability to work on rotational shifts and flexible hours, including nights and weekends.
• Clear communicator, confident, self-sufficient, and disciplined in following processes.
• Knowledge of scripting or automation (Python, PowerShell, etc.) is a plus.
• Security certifications such as CompTIA Security+, CySA+, CC, or equivalent are advantageous.
• Open and candid in discussing security incidents, potential improvements, and solutions.
• A passion for cybersecurity, continuous learning, and adopting SOC/SIEM best practices.
  
  

About Us

NinjaOne unifies IT to simplify work for nearly 40,000 customers in 140+ countries.

The NinjaOne Unified IT Operations Platform delivers endpoint management, autonomous patching, backup, and remote access in a single console to improve efficiency, increase resilience, and reduce spend. By automating IT and managing all endpoints, organizations give employees a great technology experience at work.

NinjaOne is obsessed with customer success and has retained a 98% customer satisfaction score for more than 5 years.

What You’ll Love

• We are a collaborative, kind, and curious community
• We prioritise your work/life balance offering a hybrid work environment and free in-office lunches throughout the week
• We reward your work with opportunity for growth and advancement
• Grow personally and together with one of the fastest growing companies globally
• Develop your skills through our renowned training platform
• Receive competitive compensation 
• Collaborate with an amazing international workforce  
  
  

Additional Information

This position is NOT eligible for Visa sponsorship.

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, genetic information, marital status, veteran status, or any other status protected by applicable law. We are committed to providing an inclusive and diverse work environment.