L2 SIEM Engineer

Are you ready to get ahead in your career?

We want to empower you to turn your ambitions into achievements.
We thrive in inclusiveness, diversity and embrace close collaborations for you to create impact for yourself and others.
Together, we aim to bring the best of technology to help people, businesses and the nation to be ahead in a changing world.
To realise our vision to become Malaysia’s leading converged solutions company, we are looking for a new talent to innovate and grow with us in a culture that values commitment, performance and possibilities.
Why does this job exist and why is it critical?​

Administer, optimize, and troubleshoot SIEM platforms (Wazuh & FortiSIEM).
• Onboard and manage log sources (firewalls, servers, IPS, WAF and etc).
• Develop, document and tune detection rules, correlation logic, dashboards, and alerts.
• Design, implement and document SOAR / playbooks for incident triage and response.
• Work closely with SOC analyst and all relevant team to understand their workflows and identify opportunities for automation and process involvement.
• Maintain operational documentation, SOPs, architecture diagrams, and use-case catalogues (design → testing → deployment → periodic review).
• Validate alert fidelity and reduce false positives.
• Perform regular detection health checks and coverage reviews and weekly
reporting.
• Track detection effectiveness using KPIs (e.g false positive rate, MTTD contribution)
• Ensure compliance with security standards e.g ISO27001, regulatory requirements, and best practices.
• Operationalize threat intelligence into detections, enrichments, and hunting queries (Collaborate with third party vendor).
• Support SIEM capacity planning, performance tuning, and data growth forecasting.

Required Skills & Experience

• 3-4 years in cybersecurity, SIEM engineering, or detection engineering.
• Hands-on experience with SIEM platforms (Wazuh and FortiSIEM).
• Strong understanding of network protocols, log management, Windows & Linux.
• Strong expertise in log enrichment, parsing, and automation using Python, PowerShell, Bash, Regex, REST APIs, and SOAR platforms.
• Strong knowledge of incident response, security monitoring, and analytics.
• Experience with SOAR platforms such as n8n; experience with other SOAR tools is a plus.
• Familiarity with security tools and frameworks such as MITRE ATT&CK, VirusTotal, MISP, Abuse.ch
• Ability to troubleshoot complex IT, cloud, and hybrid environments.

Preferred Qualifications

• 3-4 years of experience in MSSP or enterprise cybersecurity, with proven expertise in SIEM platforms.
• CompTIA Security+, RedHat, or other Python/scripting certifications for understanding attacker TTPs and enhancing detection engineering.
• Strong scripting/programming skills in Python, PowerShell or JavaScript.
• Strong problem solving skills and analytical skills.
• Excellent written and verbal communication skills for documentation and cross-team collaboration.
• Willingness to participate in on-call rotations or provide support during high-severity incidents (as needed).
• Experience integrating AI‑driven threat intelligence and leveraging AI to enhance adaptive detection models is an added advantage.

What’s next?

Once you’ve applied online, our team will carefully review your application. Due to a high volume of applications, we appreciate your patience to allow for a fair and timely review process.
Should you be shortlisted for the role, we will send you an invitation via email for a digital interview. You can also check on your application status by logging into your candidate account.
Maxis values diverse voices & people. We hire and reward our employees based on capability & performance — regardless of ethnicity, gender, age, education, religion, nationality or physical ability.