Security Operations (SOC) Engineer - Bandung, Indonesia

NinjaOne • Full-time • Bandung Wetan, Kota Bandung • 3d ago

Why This Job is Featured on The SaaS Jobs

Security operations roles are increasingly central in SaaS, where uptime, customer trust, and shared cloud infrastructure create a constant stream of signals to interpret. This listing stands out because it is explicitly anchored in security observability and monitoring across cloud and private environments, reflecting how modern SaaS teams blend traditional SOC practices with platform telemetry from SIEM, EDR, and cloud security tooling.

For a SaaS career, the long-term value here is the repeated exposure to real operational patterns: alert quality, incident triage discipline, and the mechanics of escalation across engineering, IT, and security stakeholders. The work builds fluency in the metrics and workflows that mature SaaS security functions rely on, from ticketing to reporting and runbook iteration. Experience distinguishing false positives from actionable threats also transfers well across SaaS companies that operate at scale and depend on consistent, auditable response processes.

This role is best suited to practitioners who prefer structured execution and clear handoffs, and who gain satisfaction from methodical investigation rather than project-only security work. It will appeal to early to mid career security operators comfortable with onsite presence and, over time, shift based coverage, and to those who want a foundation in SOC fundamentals with room to deepen tooling and automation skills.

The section above is editorial commentary from The SaaS Jobs, provided to help SaaS professionals understand the role in a broader industry context.

Job Description

About the Role

We are seeking a Security Observability Engineer to join our Security team to monitor and protect our systems and applications. In this role, you will be responsible for safeguarding Dropsuite’s cloud and private infrastructure by actively monitoring security events, detecting potential threats, and performing surveillance of our computer systems, applications, networks, and security controls.

This role involves continuously monitoring security alerts, identifying and analysing suspicious activities, and responding in the capacity of a Level 1 SOC engineer. You will be responsible for the timely triage and escalation of security incidents, threats, and vulnerabilities to ensure rapid containment and resolution.

Location – Onsite | Bandung, Indonesia

Work Arrangement:

Full-time position
Onsite work model
Initially follow a Monday–Friday, 5-day work week, and will later transition to a shift schedule (Sunday–Wednesday or Wednesday–Saturday) from 7:00 AM to 6:00 PM.

What You’ll be Doing

Monitor security alerts, events, and logs from multiple sources (SIEM, IDS/IPS, EDR, cloud security tools, firewalls, etc.) for potential security threats or anomalous activity.
Perform first-level triage of security alerts, classify incidents based on severity and criticality, and escalate to engineers of relevant departments as needed.
Investigate suspicious activities, malware detections, phishing attempts, data loss alerts, or account compromise indicators.
Execute standard operating procedures (SOPs) for incident response, containment, and remediation at the L1 level.
Create, update, and track incident tickets to closure, ensuring timely communication with stakeholders and compliance with defined SLAs.
Collaborate with IT, engineering, and security teams to validate alerts, mitigate risks, and enforce security controls.
Conduct daily health checks of security monitoring systems and tools to ensure data is collected and processed accurately.
Assist with vulnerability triage by reviewing scan results and escalating to appropriate teams for remediation.
Generate and deliver reports on security incidents, trends, and SOC metrics for management review.
Stay current with emerging cybersecurity threats, tactics, techniques, and procedures (TTPs) through ongoing research and training.
Contribute to improving SOC workflows, runbooks, and detection use cases for greater operational efficiency.
Support awareness efforts by documenting and sharing lessons learned from incidents.

About You

Diploma or Degree in Computer Science, Cybersecurity, or a related field.
Minimum 2 years of experience in IT support, SOC, or related security operations environment.
Familiarity with SIEM platforms (e.g., Splunk, Sentinel, Chronicle, etc) and security monitoring tools (e.g., EDR, IDS/IPS, DLP, CASB, CNAPP, CSPM, etc).
Basic understanding of networking concepts, firewalls, cloud infrastructure (AWS/GCP), and endpoint security.
Strong problem-solving, analytical, and investigative skills.
Ability to differentiate between false positives and true security incidents.
Knowledge of common attack vectors, MITRE ATT&CK framework, and incident response best practices.
Strong sense of accountability and urgency in responding to security threats.
Ability to work on rotational shifts and flexible hours, including nights and weekends.
Clear communicator, confident, self-sufficient, and disciplined in following processes.
Knowledge of scripting or automation (Python, PowerShell, etc.) is a plus.
Security certifications such as CompTIA Security+, CySA+, CC, or equivalent are advantageous.
Open and candid in discussing security incidents, potential improvements, and solutions.
A passion for cybersecurity, continuous learning, and adopting SOC/SIEM best practices.

About Us

NinjaOne unifies IT to simplify work for nearly 40,000 customers in 140+ countries.

The NinjaOne Unified IT Operations Platform delivers endpoint management, autonomous patching, backup, and remote access in a single console to improve efficiency, increase resilience, and reduce spend. By automating IT and managing all endpoints, organizations give employees a great technology experience at work.

NinjaOne is obsessed with customer success and has retained a 98% customer satisfaction score for more than 5 years.

What You’ll Love

We are a collaborative, kind, and curious community
We prioritise your work/life balance offering a hybrid work environment and free in-office lunches throughout the week
We reward your work with opportunity for growth and advancement
Grow personally and together with one of the fastest growing companies globally
Develop your skills through our renowned training platform
Receive competitive compensation 
Collaborate with an amazing international workforce

Additional Information

This position is NOT eligible for Visa sponsorship.

All qualified applicants will receive consideration for employment without regard to race,color, religion, sex, sexual orientation, gender identity, national origin, age, disability, genetic information, marital status, veteran status, or any other status protected by applicable law. We are committed to providing an inclusive and diverse work environment.