Cyber Cloud Monitoring

**Cyber Cloud Monitoring**

Hi Chinna,

Find below the JD on Cyber cloud monitoring for Singapore location.

1. Pattern of work (WFH/Hybrid/On-location) : Hybrid/but this may become WFO all 5 days soon
2. Exact work location? - 20 Anson Rd, Twenty Anson, Singapore 079912
3. What is the shift pattern? - General shift (Mon to Fri)

We need a local person from Singapore. The cost can be max of **9500SGD/Month**, all-inclusive with CPF. Can you start looking for the profiles & update by EOD?

**Key Job Responsibilities**:
Working as a member of Information Security, the Cyber Cloud Monitoring Analyst is part of the global team that is responsible for providing 24/7 real-time monitoring of the firm's security posture. This team is also responsible for incident identification, documentation, remediation and tracking. More specifically, the Level 2 Associate will support the global Cyber Cloud Monitoring function and have following key responsibilities:
1. Perform investigation and escalation for complex or high severity security threats or incidents

2. Acting as an escalation point for Tier I analysts and further analyzing events of interest

3. Ensures that all identified events are promptly validated and thoroughly investigated

4. Collaborates with technical teams to identify, resolve, and mitigate events

5. Provides advice and guidance on the response action plans for information risk events and incidents based on incident type and severity - Assists with containment of threats and remediation of environment during or after an incident

6. Work with SIEM Engineering and other security partners developing and refining correlation rules

7. Regularly develop new and interesting use cases for future SIEM logic

8. Administer and configure security tools and sensors to alert on certain risk conditions

9. Participate in cyber threat hunts in support of the global cyber operations function

10. Assist with forensics investigations.

11. Participate in the creation, modification and maintenance of all Cyber Monitoring policies and procedures

12. Keep abreast of cyber security trends and the emerging threat landscape in general and as it relates to customer

13. Deliver timely and detailed documentation related to any incident including the findings, review and follow-up activities

Qualifications:
1. 3 - 6 years of experience in security operations canter, technical helpdesk, security operations, network administration, system administration are preferred

2. University Degree. MBA, CISSP, CISM, GCHI, CEH, CCNA, or GIAC are preferred

3. Action-oriented attitude and willingness to roll up sleeves

4. Intermediate knowledge in system security architecture and security solutions - IDS, Splunk, data loss prevention, next generation anti-malware, etc.

5. Intermediate knowledge of networking fundamentals (TCP/IP, Network Layers, etc.)

6. Intermediate knowledge of malware operation and indicators

7. Intermediate knowledge of current threat landscape (threat actors, APT, cyber-crime, etc.)

8. Intermediate knowledge of security related technologies and their functions (IDS, IPS, FW, WAF, SIEM, DLP, Proxy, next gen anti-malware etc.)

9. Intermediate knowledge of Windows and Unix or Linux

10. Intermediate knowledge of Firewall and Proxy technology

11. Intermediate knowledge of malware operation and indicators

12. Intermediate knowledge of penetration techniques

13. Advanced event analysis leveraging SIEM tools

14. Advanced incident investigation and response skill set

15. Advanced log parsing and analysis skill set

16. Strong oral and written communication skills

17. Attention to detail

18. Strong organizational skills

19. Microsoft Sentinel and KQL Queries

20. Strong knowledge of Cloud platforms with a focus on Azure, AWS, GCP

**Salary**: $2,262.35 - $9,573.73 per month

**Experience**:

- Splunk: 1 year (required)
- Sentinel: 1 year (preferred)
- Kusto Query Language (KQL): 1 year (preferred)
- security operations center: 1 year (required)