Cyber Threat (SOC) Engineer

Daulfin Grey HR Pte Ltd
Singapore
SGD 80,000 - 100,000
Job description

GENERAL

JOB DESCRIPTION

Position: Cyber Threat (CSOC) Engineer

Department: BCS Security / CSOC

Reporting To: Vice President, CSOC

The following outlines the job responsibilities which are summarized. The JD is subjected to changes over time as the role develops.

About BCS

BCS is NETS’ wholly owned subsidiary and is an entity within the NETS Group. It manages and operates clearing and payment infrastructure for the Singapore Automated Clearing House, including Fast And Secure Transfers (FAST), Inter-bank GIRO (IBG), Cheque Truncation System (CTS), and provides services for PayNow and SGQR Central Repository.

Position Summary

As a Cyber Threat (SOC) Engineer, you are required to use data collected from a variety of cyber defense tools such as intrusion detection system alerts, firewall and network traffic logs, and host system logs to analyze events that occur within the Company’s environments. You are also required to ensure effectiveness and efficiency of the 24x7 monitoring on both internal and external sources to maintain current threat condition and determine which security issues may have an impact on the Company and provide accurate evaluation of the incident for escalation. The incumbent should be familiar with the Cyber Security Act 2018, Cybersecurity Code of Practice (CCoP), MAS Cyber Hygiene and Technology Risk Management Guidelines (TRMG).

Key Responsibilities

  1. Use cyber defense tools for continuous monitoring and analysis of system activities to identify malicious activity, and to ensure analysis and response to threats, software, and hardware vulnerabilities.
  2. Perform reviews on routine monitoring operations to ensure relevancy and sufficiency of the checks.
  3. Implement projects, develop scripts, fine-tune SIEM rules and solutions to enhance and automate the monitoring, triaging and analysis process.
  4. Identify security weaknesses in systems and applications. This includes collaborating with IT teams to prioritize and remediate identified vulnerabilities, track remediation progress, and ensure systems are patched and updated to mitigate potential security risks.
  5. Ensure active hunt for indicators of compromise (IOCs) and threat actor groups and tactics, techniques, and procedures (TTPs) in the environment.
  6. Receive tier 2/3 incident escalation from detection operations and assist with real-time, continuous (24x7) security event monitoring, response, and reporting.
  7. Assist to conduct and perform forensic investigations, collect, preserve, and analyze data and digital evidence.
  8. Prepare detailed reports documenting findings from investigations and incident response activities, including technical analysis, root cause analysis, and remediation recommendations.

Requirements

  1. Degree or Diploma in Computer Science, Computer Engineering, or Information Security related fields.
  2. At least 2 years of experience working in a Security Operation Centre (SOC) or Computer Emergency Response Team (CERT/CIRT), with strong understanding on SIEM/ SOAR operation, and the various defence solutions at host-based or network-based layers.
  3. Exposure/ familiarity with MAS Technology Risk Management Guidelines, MAS Cyber Hygiene Notice and Cybersecurity Code of Practice.
  4. Strong ability to independently interpret the information collected by network tools (e.g., ping, traceroute, nslookup).
  5. Working experience with OWASP Top 10, CVSS, MITRE ATT&CK framework, Cyber Kill Chain and DevSecOps strongly preferred.
  6. Good knowledge of current operating environments (Microsoft, UNIX & Linux).
  7. Good knowledge of different types of network communication (e.g., Local Area Network, Wide Area Network, Metropolitan Area Network, Wireless Wide Area Network, Wireless Local Area Network).
  8. Good knowledge of incident response and handling methodologies.
  9. Scripting capabilities (i.e. Python, Bash or PowerShell), cloud experience and knowledge, are a plus.
  10. Team player with a positive and growth mindset.
  11. Excellent analytical and problem-solving skills, with the ability to investigate complex security incidents and identify root causes.
  12. Resilient, able to work effectively in a fast-paced environment.
  13. Strong communication and presentation skills; must be comfortable with public speaking and presenting findings to others, including the management team.
  14. Certifications such as GSEC, GCIH, GCIA, GCTI, GCFA, GCFE or GNFA are advantageous.

Updated on: April 2024

Get a free, confidential resume review.
Select file or drag and drop it
TrustpilotStars
Rated “Excellent” based on 14,843 reviews
Avatar
Free online coaching
Improve your chances of getting that interview invitation!
Be the first to explore new Cyber Threat (SOC) Engineer jobs in Singapore
Follow us
JobLeads Youtube ProfileJobLeads Linkedin ProfileJobLeads Instagram ProfileJobLeads Facebook ProfileJobLeads Twitter AccountJobLeads Xing Profile
Company
Services
Free resources
Support

© JobLeads 2007 - 2025 | All rights reserved