Security Engineer - Blue Team/SOC

Security Engineer – SOC Operations U.S. Time Zone Support

About The Role:

Sitecore is looking for a dedicated and detail-oriented Security Engineer with a strong focus on Security Operations Center (SOC) functions to support our global cybersecurity operations. Based in KL and working in the U.S. time zone, the Security Engineer will play a critical role in daily SOC activities, including incident triage, investigation, escalation, and reporting.

This position will support our 24x7 SOC operations and will involve rotational weekend coverage. The ideal candidate has experience working with SIEM platforms like Microsoft Sentinel, collaborating with Managed Security Service Providers (MSSPs), and has a strong understanding of threat detection and incident response processes.

Key Responsibilities:

SOC Operations & Incident Management

• Monitor and respond to alerts generated by SIEM and other security platforms in real-time.
• Triage and investigate potential security incidents, escalating as needed per incident response procedures.
• Collaborate with the MSSP to ensure timely and accurate incident detection, analysis, and response.
• Document and track incidents from detection through resolution, including post-incident analysis and reporting.

Threat Detection & Reporting

• Analyze log data and threat intelligence to identify patterns and potential indicators of compromise (IOCs).
• Produce clear, concise, and timely reports on incidents, trends, and operational metrics.
• Participate in daily SOC operations meetings and provide updates on ongoing investigations.

Collaboration & Escalation

• Work closely with internal teams (IT, Product, R&D, GRC) to escalate and resolve security issues.
• Ensure all incidents are properly documented and communicated to stakeholders based on severity.
• Provide input to enhance detection rules, use cases, and playbooks for better coverage.

Tool Management & MSSP Coordination

• Utilize and support SIEM tools like Microsoft Sentinel for detection, correlation, and analysis.
• Work directly with MSSPs to monitor service levels, investigate escalated events, and continuously improve operations.
• Provide feedback and work with the Security Manager to refine SOC processes and improve incident response maturity.

Shift & Weekend Coverage

• Participate in a rotational weekend schedule to support 24x7 SOC coverage.
• Be available for urgent escalations and high-priority incidents during assigned shifts.

 What You Need to Succeed:   

• 3–5 years of experience in a SOC, incident response, or cybersecurity operations role.
• Hands-on experience with SIEM tools, preferably Microsoft Sentinel.
• Familiarity with working alongside MSSPs in a 24x7 monitoring model.
• Strong understanding of incident response lifecycle, threat hunting, and alert triage.
• Good knowledge of network security, log analysis, and common attack techniques.
• Strong communication skills and ability to write clear incident reports and documentation.
• Security certifications such as CompTIA Security+, GCIH, or similar are a plus.
• Ability to work independently, manage time across shifts, and prioritize tasks effectively.

Work Conditions

• Based in KL.
• Work hours aligned to U.S. Central or Eastern time zones.
• Rotational weekend support required as part of 24x7 SOC operations.
• May involve occasional after-hours support for critical security incidents.

Why you should click ‘Apply’:  

• Great team and company culture! You can find out more about our company culture and our commitment to creating a diverse and inclusive workplace, on our YouTube Channel.
• Thanks to the work of every employee globally, Sitecore has been recognized for award-winning Culture by Comparably.