The role involves maintaining security monitoring systems, fine-tuning SIEM configurations, developing detection methods for threats, and supporting overall security operations within a SOC environment.
Ensign is hiring !
Key Responsibilities
- Perform implementation, maintenance, support and operation of the project's security monitoring use cases
- Maintain understanding of the architecture and work with security team to understand the use cases to be created.
- Identity, evaluate and recommend new areas of improvements for the implementation.
- Adhere to established change management process and other service management process in day-to-day tasks
- Create, finetune and maintain SIEM data sources, use cases, correlation rules and security alerts classifications
- Review, propose and generate dashboards and reports to automate monitoring of systems and log and threat intelligence feed ingestion, and reduce low value event escalations
- Build rules and intelligence to detect threats in all monitored assets
- Implement and devise detection method of such threats in our security operations through SIEM use cases etc
- Perform periodic analysis of security events, network traffic, and logs to engineer new detection methods, or create efficiencies when available
- Review and update data enrichment, including use of threat intelligence to enhance fidelity of detection
- Review and maintain UEBA data sources and use cases
Requirements
- At least 3 years of experience in security operations in a SOC environment
- At least 2 years of experience in creating, finetuning and maintaining correlation rules and SIEM dashboards
- Working experience in Regex and/or scripting
- Strong critical thinking / contextual analysis abilities
- Strong investigative and analytical problem solving skills
- Stakeholder management
- Meticulous with an eye for details
- Product certification such as Splunk Enterprise Certified Administrator or equivalent
- Professional certification such as SANS (such as SANS GCDA, GCIA, GDSA, GMON) would be an advantage
- Good understanding of whole of government environment would be an advantage
Top Skills
Regex
Scripting
SIEM
Splunk
Ensign InfoSecurity Singapore Office
30A Kallang Place, #08-01, Singapore, Singapore , Singapore, 339213
Similar Jobs
Artificial Intelligence • Fintech • Payments • Financial Services • Generative AI
Manage and define product vision and roadmap for onboarding at Airwallex, collaborating with teams to enhance customer satisfaction and efficiency.
Top Skills:
Data AnalysisProduct DesignUser Research Methodologies
Artificial Intelligence • Fintech • Payments • Financial Services • Generative AI
As a Staff Product Manager, you will define products, drive payment capabilities for platforms, and work across teams to implement solutions.
Top Skills:
Embedded FinancePayments Acquiring
Artificial Intelligence • Fintech • Payments • Financial Services • Generative AI
Lead the development of Airwallex's Payment Applications, defining product vision, strategy, and execution to enhance merchant payment solutions globally.
Top Skills:
CommerceFintechPaymentsSaaS
What you need to know about the Singapore Tech Scene
The digital revolution has driven a constant demand for tech professionals across industries like software development, data analytics and cybersecurity. In Singapore, one of the largest cities in Southeast Asia, the demand for tech talent is so high that the government continues to invest millions into programs designed to develop a talent pipeline directly from universities while also scaling efforts in pre-employment training and mid-career upskilling to expand and elevate its workforce.