Cyber Defense Engineer

Client Description:
Job Description:
**Position: Cyber Defense Engineer**
**Employment Type: 1-year Agency Contract (Highly Renewable)**
**Location: Alexandra Road**
**Mode of Work: Hybrid**

**Scope of Work**:
**Responsibilities**:

- Provide administration and operations end to end support to SIEM Security Analytics Platform and other security solutions related infrastructure deployed within the bank.
- Onboarding new log sources, enabling new use cases and supporting all existing use cases.
- Develop and support case management workflow, reports and dashboards.
- Manage and support the log management environment.
- Monitor SIEM internal logs to identify and resolve potential performance issues.
- Drive upgrades and migration to ensure solutions and or related platform are maintained in tip-top working conditions with proper documentation and RCA.
- Work within established practices and handling guidelines to triage device outages.
- Available to respond to any requests and assist with troubleshooting activities along with proper documentation.
- Automation development on existing data feed and contextual data so we get different data from various log feeds to one location.
- Manage and coordinate change & Incident process engagement with regards to current security solutions.
- Communicate effectively with a variety of internal teams and external contacts including technical and executive contacts.

Others:

- Normalization/Parsing the data/logs
- Experience with any insider threat tools
- Follow MIRTE ATT&CK framework and NIST methodology
- Conduct regression testing on existing use cases and future enhancement by adding more new use cases to protect the bank from sophisticated Cyber-attacks.

Job Requirements:
**Education**
- ITC/Diploma/Degree in engineering/Computer Science / IT/Cyber Security from a recognized education institution
- Certified in leading SIEM administrator would be plus
- Professional security related qualification (e.g. SANS GCIA, GCIH etc.) will be favorable although not mandatory

**Technical Skills**
- Overall experience 8+ years of experience.
- 5+ years of relevant experience in the area for managing SIEM preferably Splunk/ArcSight
- Hands on experience in Advanced SIEM, Security Analytics solution, Linux and database (MySQL, Oracle/SQL)
- Very strong troubleshooting skills.
- Strong in providing operational support to any SIEM and other security platforms
- Strong knowledge in Syslog log management platform
- Experience in understanding end to end data flow
- Strong knowledge in understanding OS, Proxy, Network and other main-stream Infrastructure, Application, Access and Cloud logs.
- Strong knowledge to optimize performance and outages related to SIEM Solutions.
- Experience in normalize and data preparation to clean the data
- Experience in Data/Device Integration and provide the data back to other platform.
- Knowledge with SOAR platform is an added advantage.
- Experience in Automation using any scripting languages like Python and Shell.
- Knowledge and hands-on experience on implementing Use Cases would be add-on.

**Soft Skills**
- Good written and verbal communication skills
- Process and procedure adherence
- Strong analytical and problem-solving skills
- Effective time management and organizational skills.

**Other Requirements**
- Willingness to perform on-call duties.

If you are interested in the role above please get in touch directly with Stefan Olsem for further discussion or Click APPLY NOW Below.

Job Reference number 4734
Data provided is for recruitment purposes only.

Tangspac Consulting Pte Ltd
03-02 The Octagon, 105 Cecil Street, Singapore 069534
EA Personnel Name: Olsem Stefanus Emmanuel
EA License: 07C3635 | EA Registration: R2094432