Security Operation Detection Engineer

Mekari is Indonesia's no. 1 Software-as-a-Service (SaaS) company. With our ecosystem of software solutions—including Mekari Jurnal, Mekari Talenta, Mekari Qontak, and Mekari Flex, we aim to facilitate entrepreneurs and leaders as they accelerate the digital transformation of their businesses.

In our 10+ years of journey we have reached over 1 Million platform users, and we're not planning to stop any time soon. We need more people like you: builders and owners with calculated ambition who are ready to #ElevateThroughImpact and raise Indonesia's software standard.

We are looking for a Security Operation Detection Engineer to strengthen our threat detection and response capabilities. You will manage our external L1 SOC, build and tune SIEM detection rules, develop response playbooks, and handle log ingestion and SOAR automation. You will also leverage Security AI capabilities to enhance detection accuracy and streamline operations. This is a hands-on role that requires both technical depth and operational coordination.

Job Descriptions

• Manage the external L1 SOC team, ensuring SLAs are met and coordinating escalations between L1 and internal teams.
• Design and tune SIEM detection rules and alert thresholds.
• Apply AI Security tools for automated threat detection, alert triage, and enrichment to improve accuracy and speed.
• Create and maintain SOC response playbooks, escalation criteria, and triage workflows for L1 analysts.
• Develop log ingestion pipeline including: onboard log sources, build parsers, and troubleshoot data quality issues.
• Manage the SIEM platform and define SOAR workflows to automate response tasks.
• Act as the Security Incident Manager, coordinating incident response across the external L1 SOC and internal teams across divisions.
• Triage escalated SOC alerts, performed investigation, and documented incidents.
  
  

Requirements

• Bachelor’s degree in Computer Science, Information Security, Cybersecurity, or related field (or equivalent experience).
• 2 to 5 years in a Security Operation environment, with at least 2 years in detection engineering or Managing SIEM Platform.
• Experience managing or coordinating with an external/outsourced SOC team.
• Experience with SOAR platforms and AI Security tools for detection and triage automation.
• Knowledge of SOC detection rules and log parsing.
• Scripting skills in Python, PowerShell, or Bash.
• Understanding of network protocols, OS internals (Windows/Linux), and common attack vectors.
• Strong analytical thinking, clear communication, and ability to work across teams.
  
  

Our team will review your application and will be in touch if your application is shortlisted to the next stage. If you do not hear from us in 30 days, we will keep your resume on file in case a relevant opportunity opens up.

Don't forget to check our Recruitment FAQ at https://bit.ly/FAQMekariRecruitment [ENG] or https://bit.ly/FAQRekrutmenMekari [INA] to find the answers to commonly asked questions regarding our recruitment process.

We wish you the best. Hope to see you around soon!