Join us as we support Singapore’s vision of building a Smart Nation - a nation of possibilities empowered through info-communications technology and related engineering.
You will play a key role in the Government Cyber Defence (GCD) of Cyber Security Group (CSG) as a SOC Specialist.
The SOC Specialist is a Level two (2) role who is responsible for the successful day-to-day operation of the Whole of Government SOC by providing leadership to the team of L1 analysts, as well as measuring and reporting the performance of the SOC operations, and finetuning the SOC processes to improve its performance over time. The successful candidate will also be part of the Incident Management Team to work alongside the Digital Forensics and Incident Response (DFIR) Specialists to investigate and manage cybersecurity incidents till closure.
What you will be working on:
- Provide day-to-day leadership to a team of L1 analysts in SOC operations
- Perform quality review of the L1 analysts to perform daily real-time monitoring of alerts generated by various security technologies, and perform analysis of log data and network traffic as part of the triage process
- Ensure timely security incident detection, classification, escalation and reporting to various stakeholders
- Develop and perform regular tracking and reporting of SOC metrics such as KPIs, SLAs and OLAs to ensure that the SOC continues to function effectively
- Investigate and manage cybersecurity incidents throughout the Incident Response Lifecycle from triage till incident closure
- Develop SOC processes and procedures, and ensure that the SOC operations adhere to them
- Review and enrich the SIEM detection Use Cases to ensure high fidelity detection in the SOC.
- Identify opportunities for continuous improvements of the SOC operations
What we are looking for:
- Bachelor’s Degree in Computer Science/Information Security or equivalent
- Professional certifications, including GMON, CISSP or other relevant certifications
- Preferably 3 years or more in Information Security experience
- Experience with SIEM and SOAR technologies
- Experience in running SOC operations, SOC process development, playbook development or SIEM Use Case development is preferred
- Understanding of operating systems and platform (e.g. Windows, Linux)
- Knowledge of networking concepts (LAN/WAN routing, TCP/IP
- Understanding of current vulnerabilities, attacks and countermeasures
- Knowledge of incident response is preferred
- Ability to perform basic analysis on network and application logs
- Knowledge of cyber kill-chain, MITRE Att&ck framework, threat intelligence and malware analysis is a plus
- Good working knowledge of Cloud and Container technologies is a plus
- Experience with vendor management is a plus
- Familiarity with good security practices
- Ability to multitask, prioritise and solid attention to details
- Demonstrate a high degree of integrity, initiative, energy and endurance
- Ability to learn
- Possess good communication and interpersonal skills
- Singapore Citizen only
We are an equal opportunity employer and value diversity at our company as we believe that diversity is meaningful to innovation. Our employee benefits are based on a total rewards approach, offering a holistic and market-competitive suite of perks. This includes generous leave benefits to meet your work-life needs. We trust that you will get the job done wherever you are, and whatever works best for you – so work from home or take a break to exercise if you need to*. We also believe it’s important for you to keep honing your craft in the constantly-evolving tech landscape, so we provide and support a plethora of in-house and external learning and development opportunities all year round.
*Subject to the nature of your job role that might require you to be onsite during fixed hours