Senior Systems Engineer - SOC Operations (Cyber Ops & Technology)
- Singapore
- Permanent
- Full-time
- Conduct 24/7 continuous monitoring of security events and alerts using various security tools, such as SIEM and endpoint protection
- Perform initial triage of security alerts to determine their validity and severity, identifying false positives or true positives
- Conduct basic investigations of security events, including malware infections and unauthorized access attempts
- Escalate complex or highly suspicious alerts for further investigation and response
- Maintain details records of all activities, including investigations performed, findings and remediation steps taken
- Collects data, evidence, and context necessary for further escalation
- Analyze security logs, events and perform correlation and historical searches to determine the extent and impact of a security compromise
- Handling case management, generating tickets and reports when required, and tracking open tickets until closure
- Investigate and respond to security alerts escalated, performing root cause analysis, and providing remediation guidance
- Escalate critical cases to incident response team and to provide support where needed.
- Prepare scheduled and ad-hoc reports
- Quality assurance on cases handled and closed by junior SOC analyst
- Develop/strengthen playbook and process for case handling by the SOC team
- Assist in identifying opportunities for tuning to improve detection accuracy and reduce false positives
- Willing to work with 12 hours shift pattern that include weekend and public holiday
- At least 3 to 8 years' of experience working in SOC environment
- Strong knowledge and experience in SIEM tools, EDR, NDR
- Strong experience in SOC environment, monitoring security events and alerts on endpoint and network
- Must be willing to work with 12 hours shift pattern that include weekend and public holiday
- Strong Interpersonal and communication skills