Cyber Monitoring & Detection Specialist


  View Insights


Job Summary

Job Type

Mid (3-5 yrs)

Years of Experience
At least 3 years

Tech Stacks

Job Description

Join us as we support Singapore’s vision of building a Smart Nation - a nation of possibilities empowered through info-communications technology and related engineering.

You will play a key role in the Government Cyber Defence (GCD) of Cyber Security Group (CSG) as Cyber Monitoring & Detection Specialist.

The Cybersecurity Monitoring and Detection Specialist is a Level two (2) role who is responsible for the successful day-to-day operation of the Whole of Government SOC by providing leadership to the team of L1 analysts, as well as measuring and reporting the performance of the SOC operations, and finetuning the SOC processes to improve its performance over time. The successful candidate will also be part of the Incident Management Team to work alongside the Digital Forensics and Incident Response (DFIR) Specialists to investigate and manage cybersecurity incidents till closure.

What To Expect

  • Provide day-to-day leadership to a team of L1 analysts in SOC operations
  • Perform quality review of the L1 analysts to perform daily real-time monitoring of alerts generated by various security technologies, and perform analysis of log data and network traffic as part of the triage process
  • Ensure timely security incident detection, classification, escalation and reporting to various stakeholders
  • Develop and perform regular tracking and reporting of SOC metrics such as KPIs, SLAs and OLAs to ensure that the SOC continues to function effectively
  • Investigate and manage cybersecurity incidents throughout the Incident Response Lifecycle from triage till incident closure
  • Develop SOC processes and procedures, and ensure that the SOC operations adhere to them
  • Identify opportunities for continuous improvements of the SOC operations
How To Succeed

  • Bachelor’s Degree in Computer Science/Information Security or equivalent
  • Professional certifications, including GMON, CISSP or other relevant certifications
  • Preferably 3 years or more in Information Security experience
  • Experience with SIEM and SOAR technologies
  • Experience in running SOC operations, SOC process development, playbook development or SIEM Use Case development is preferred
  • Understanding of operating systems and platform (e.g. Windows, Linux)
  • Knowledge of networking concepts (LAN/WAN routing, TCP/IP
  • Understanding of current vulnerabilities, attacks and countermeasures
  • Knowledge of incident response is preferred
  • Ability to perform basic analysis on network and application logs
  • Knowledge of cyber kill-chain, MITRE Att&ck framework, threat intelligence and malware analysis is a plus
  • Good working knowledge of Cloud and Container technologies is a plus
  • Experience with vendor management is a plus
  • Familiarity with good security practices
Other Requirements

  • Ability to multitask, prioritise and solid attention to details
  • Demonstrate a high degree of integrity, initiative, energy and endurance
  • Ability to learn
  • Possess good communication and interpersonal skills
  • Singapore Citizen only


There are no salaries from GovTech that are similar to this job

View more salaries from GovTech

NodeFlair Insights of GovTech