Security Operations Center Lead

Deskripsi pekerjaan

Nice to Meet You! We are Dropsuite, A NinjaOne Company! 

We are seeking a SOC Lead to join our Security Operations team to provide hands-on operational leadership for our Southeast Asia (SEA) coverage. This position reports into global SOC leadership and focuses on execution, quality control, and regional ownership of daily security operations. The SOC Lead works closely with other regional leads to ensure smooth handoffs, consistent standards, and continuous operational coverage. The ideal candidate is a highly competent security operations practitioner who is comfortable leading by example, making escalation decisions, and coaching junior analysts while remaining hands-on in investigations. 

Work Arrangement 

• Full-time position  
• Onsite work model (Monday to Friday, 5-day work week) 
• Eligible to reside and work in Bandung (Indonesian citizenship only) 

This position is open exclusively to candidates who reside in and are authorised to work in Indonesia. Only shortlisted candidates will be contacted. 

Key Accountabilities 

• Act as the senior on-shift security operations lead for SEA coverage 
• Serve as the primary escalation point for Tier 1 analysts in the region 
• Ensure consistent, high-quality alert triage, investigation, and documentation 
• Review and validate high-risk, ambiguous, or complex alerts before escalation 
• Perform hands-on investigations alongside analysts when needed 
• Own shift handoffs with EMEA and US leads to ensure continuity of operations 
• Maintain situational awareness of ongoing investigations and regional risk 
• Coach and mentor 1–2 SOC analysts, improving investigation quality and decision-making 
• Ensure playbooks, runbooks, and escalation paths are followed correctly 
• Identify recurring alert quality issues, false positives, and process gaps and raise them to global SOC leadership 
• Contribute to improving detection quality, operational workflows, and documentation 

Tanggung jawab

Nice to Meet You! We are Dropsuite, A NinjaOne Company! 

We are seeking a SOC Lead to join our Security Operations team to provide hands-on operational leadership for our Southeast Asia (SEA) coverage. This position reports into global SOC leadership and focuses on execution, quality control, and regional ownership of daily security operations. The SOC Lead works closely with other regional leads to ensure smooth handoffs, consistent standards, and continuous operational coverage. The ideal candidate is a highly competent security operations practitioner who is comfortable leading by example, making escalation decisions, and coaching junior analysts while remaining hands-on in investigations. 

Work Arrangement 

• Full-time position  
• Onsite work model (Monday to Friday, 5-day work week) 
• Eligible to reside and work in Bandung (Indonesian citizenship only) 

This position is open exclusively to candidates who reside in and are authorised to work in Indonesia. Only shortlisted candidates will be contacted. 

Key Accountabilities 

• Act as the senior on-shift security operations lead for SEA coverage 
• Serve as the primary escalation point for Tier 1 analysts in the region 
• Ensure consistent, high-quality alert triage, investigation, and documentation 
• Review and validate high-risk, ambiguous, or complex alerts before escalation 
• Perform hands-on investigations alongside analysts when needed 
• Own shift handoffs with EMEA and US leads to ensure continuity of operations 
• Maintain situational awareness of ongoing investigations and regional risk 
• Coach and mentor 1–2 SOC analysts, improving investigation quality and decision-making 
• Ensure playbooks, runbooks, and escalation paths are followed correctly 
• Identify recurring alert quality issues, false positives, and process gaps and raise them to global SOC leadership 
• Contribute to improving detection quality, operational workflows, and documentation 

Kualifikasi

Qualifications and Competencies 

• 5+ years of experience in SOC, security operations, or security monitoring roles 
• Prior experience as a senior analyst, shift lead, or acting lead in a SOC environment 
• Strong hands-on experience with: 
• Security alert triage and investigation 
• Incident severity assessment and escalation decisions 
• Coordinating investigations during active incidents 
• Strong understanding of: 
• Networking fundamentals (TCP/IP, DNS, HTTP/S) 
• Windows and macOS endpoint behavior 
• Cloud and SaaS logging concepts 
• Common attack techniques (phishing, credential abuse, malware, persistence) 
• Experience working with: SIEM platforms (Splunk, Panther, Sentinel, QRadar, etc.), EDR/XDR tools, and Cloud platforms (AWS, Azure, GCP) in a security operations context 
• Strong written and verbal English communication skills 
• Comfortable working in a distributed, global SOC environment 

Preferred Qualifications 

• Experience acting as an escalation point in a 24/7 or follow-the-sun SOC 
• Familiarity with the MITRE ATT&CK framework 
• Experience improving SOC playbooks, triage guidelines, or operational processes 
• Experience with ticketing and case management systems (Jira, ServiceNow, etc.) 
• Security certifications such as: Security+, SSCP, GCIH / GCIA / similar, Cloud security certifications (one or more preferred, not required) 

Key Skills 

• Strong operational judgment and decision-making 
• Calm and methodical approach during high-severity or high-ambiguity incidents 
• Ability to lead by example in hands-on investigations 
• Clear and structured written communication 
• Coaching and quality-focused mindset 
• Strong sense of ownership and accountability