Cybersecurity Threat Detection Engineer

Singapore, Singapore

Job Description


We are seeking an experienced security professional responsible for the scoping of prospective Managed Security Services customers\' requirements and provisioning new client services into our MSS systems (On prem and Cloud environment). Post provisioning, you will continue to review the onboarded logs, uses cases and monitoring metrics with the clients. This role may work with multiple clients at any one time and will be instrumental in ensuring new clients are provisioned smoothly and efficiently. You will work closely with the cybersecurity services consultant, service delivery manager and SIEM content developer to be successful in this role.

The candidate is expected to set up, design and formulate the supporting documents and establish a framework of processes and procedures for the day-to-day operations, and conduct continuous improvement for the team.

Responsibilities:

  • Managing and coordinating the technical scheduling for the onboard of MSS services in on-premise and cloud environments
  • Working closely with clients and other stakeholders to expedite service transition
  • Onboarding of logs into the monitoring system which include custom parsing
  • Configure detection rules and monitoring use cases for the customer and achieve signed off
  • Configuring the client end to service end routing, VPN and firewall policies to establish communication to SIEM, including integration between cloud and on-premise environments
  • Troubleshooting routing and firewall policy problems end-to-end as necessary
  • Troubleshooting log collection issues
  • Configuring user authentication and other application systems as necessary
  • After onboarding, maintain and refine the threat detection use cases with feedback from the operation team/customer to reduce false positive rate.
Requirements:
  • Technical expertise with configurations of various logs sending devices, custom parsers and SIEM tools
  • Technical expertise with logs collectors and able to troubleshoot log ingest issues for various logs sending devices
  • Familiarity with cloud infrastructure and cloud-based SIEM, including ingesting log data from cloud storage into the SIEM. (Candidates with related cloud certification i.e AWS certification SysOps Administrator - Associate are preferred)
  • Excellent troubleshooting and analytical skills
  • Attention to detail and ability to communicate well in a professional manner
  • Previous experience with provisioning and integrating environments
  • 3+ years of network security experience working with enterprise clients
  • Ability to interpret the complexity of technical problems
  • Reliability to maintain focus on contracted deliverables at all times
  • Excellent interpersonal, co-ordination and problem solving skills
  • High level of initiative, accountability, professional diligence, attention to detail and ability to follow process
  • Ability to work independently, as well as being able to work as part of a team in a pressured environment
  • Proactive, flexible attitude to work with an open mind to be exposed to different job scopes in varying degrees, and willingness to constantly review and improve skills and process
  • Work location: Ang Mo Kio
  • Singaporeans only

ST Engineering

Beware of fraud agents! do not pay money to get a job

MNCJobz.com will not be responsible for any payment made to a third-party. All Terms of Use are applicable.


Job Detail

  • Job Id
    JD1380619
  • Industry
    Not mentioned
  • Total Positions
    1
  • Job Type:
    Full Time
  • Salary:
    Not mentioned
  • Employment Status
    Permanent
  • Job Location
    Singapore, Singapore
  • Education
    Not mentioned