IT Security Operations Center Team Lead

Role Description

This is a full-time on-site role for a SOC Team Lead located in Singapore. As a SOC Team Lead, you will be responsible to:

• Plan monthly duty roster for site team.
• Cover shift function if there are any shift resources are absent.
• Generate report dashboarding for technical analysis.
• Proficient in Microsoft excel/Power BI.
• Will run operation and work the SOP to ensure the 24X7 Security operations support services operate effectively.
• Responsible for site monthly report and documentations submissions.
• Onboarding/off boarding of manpower resources (1 month).
• Submit monthly timesheet and monthly service report as part of billing documentation timely.
• Work with Main Contractor to ensure security devices or apps are patched and firmware versions are upgraded in accordance with IM8 requirements.

Responsibilities:

• Monitoring and analyzing security events, identifying potential threats, conducting investigations, and responding to security incidents
• Work closely with the end client SOC team to ensure the timely and effective detection, containment, and mitigation of security incidents
• Support security developments (such as evolving threats, new or enhanced security controls or changes to the technical infrastructure).
• Ensure that all Infrastructure related procedures, operation guide, architecture diagram, hardening baselines, security metrics, etc documents shall be reviewed annually or updated whenever there are changes within a month.
• Be responsible for strengthening Customer’s cyber security posture against cyber threats through vulnerability management, incident response and analysis, threat hunting and security operations.
• Manage Customer’s Cyber security operation and manage the reporting and handling of cyber security incidents.
• Perform Vulnerability Management leveraging on MVMS.
• Perform daily checks on the Endpoint Detection Response/Database Activity Monitoring dashboard for any abnormalities.
• On boarding of subscribed servers and infrastructure devices to MVMS.
• Provide supporting documents for audits.
• Perform Monthly Vulnerability Assessment, Quarterly Vulnerability Assessment for servers and network equipment.
• Work with application and infrastructure team to ensure compliance and regulatory requirements and industry standards.

Requirements:

• Diploma/degree in computer studies
• 2 years of experience working in a security operation, incident response, vulnerability management or related field.
• Demonstrated experience in network security, server security, endpoint security, web security etc.
• Strong knowledge of security principles, technologies, and industry best practices.
• Experience with log analysis, malware analysis, and network traffic analysis.
• Excellent analytical and problem-solving skills, with the ability to quickly identify and respond to security incidents, analyze complex security issues and develop effective solutions.
• Hands-on experience in security appliances such as IBM Guardium, MMVS, Carbon Black, Cyber Ark is a definite advantage.
• Experience in IT security/support operations with willingness to learn above mentioned tools are encouraged to apply. Experienced candidates will be considered for team lead role.
• Independent and capable of working in a high-pressure environment.
• Willing to work in rotational shift environment (including weekends and night shift).