SIEM Use-Case Engineer
3 weeks ago
Job Description:
Primarily accountable for overseeing the engineering, development and maintenance / continuous improvement of threat detection use-cases scenarios within the SIEM (Splunk ES). Additionally, involved in the engineering and development of custom rules in the EDR (CrowdStrike) to swiftly detect potential threats attacks. Another responsibility involves creating transparency of existing detection capabilities by mapping them to the MITRE ATT&CK framework.
- Support in planning and executing regional IT Infrastructure strategy and aligned with company strategy.
- Proactively create, test and tune new detection use-cases in the SIEM and custom rules in the EDR.
- Review and enhance existing detection use-cases using e.g., Machine Learning or User & Entity Behavior Analytics (UEBA).
- Map the detection use-cases to the MITRE ATT&CK framework to determine the SIEM monitoring coverage.
- Perform regular updates to threat detection engineering playbooks, processes, and documentations.
- Work closely with the SOC to challenge detection and prevention capabilities.
- Identify and implement SIEM use-cases that address blind spots.
- Coordinate with log onboarding team and SIEM architect to validate new log-sources on-boarded for compliancy, improve performance on SIEM backend
- Collaboration with Service Operations team to address challenges, process fulfillment, documentations etc, and improvement of Service Operations Quality.
- Provide governance on topic which related to operational stability.
Qualification:
Specific Knowledge
- Intense knowledge in using Splunk Enterprise Security (ES)
- Intense knowledge in developing and tuning detection use-cases (Correlation Searches) in Splunk based on Data Models
- Experience in Machine Learning and Risk Based Monitoring in Splunk is an advantage
- Ability to analyse and interpret security logs and events to identify potential threats and attack patterns
- Experience in validating data source compliant using the common interface model (CIM)
- Experience of setting up and utilize data models in Splunk
- Deep understanding of cyber security concepts to create detection use-cases targeting various phases of attack lifecycle
- Understanding of MITRE ATT&CK framework and detections of various tactics and techniques
- Experience and capable of creating interactive dashboards, alerts, reports in Splunk
Experience:
- At least 3 years of experience with demonstrable skillsets in SIEM use-case engineering, with over 5 years of experience in cybersecurity.
- Previous relevant experience working in a security operational role, ideally within a Corporate, Military, or Police environment; engaging with and responding to a diverse array of internal stakeholders, including senior management.
- Have good emotional intelligence and is a proven team player
- Rational and calm under pressure
- Fluency in the English language
- Effective oral and written communication skills
- Good timekeeping ability to cope with a tight deadline and achieve operational objectives
- Self-motivated with the ability to carry out assigned tasks with minimum supervision
-
Professional Services Senior Engineer
1 week ago
Singapur, Singapore Recorded Future Full timeWith 1,000 intelligence professionals, over $300M in sales, and serving over 1,800 clients worldwide, Recorded Future is the world’s most advanced, and largest, intelligence company!Reporting to the Professional Services Manager APJ, the Senior Solution Engineer is a function of our Professional Services group, your primary responsibility will be...
-
Senior Security Engineer
3 weeks ago
Singapur, Singapore Ensign InfoSecurity Full timeEnsign is hiring !Key ResponsibilitiesPerform implementation, maintenance, support and operation of the project's security monitoring use cases Maintain understanding of the architecture and work with security team to understand the use cases to be created. Identity, evaluate and recommend new areas of improvements for the implementation. Adhere to...
-
Cloud Operations Security Architect
3 weeks ago
Singapur, Singapore ITCAN Full timeJob Responsibilities:Experience in design / design review of Elastic stack for business requirement , reference architecture, data best practices and sizing methodologyDiscovery and consulting experience migrating to Elastic stack or Elastic CloudExperience in reviewing of requirements: use, response times, SLA, uptime, capacity, search results and...
-
Case & Project Manager, Singapore
2 weeks ago
Singapur, Singapore Gilead Sciences Singapore Pte. Ltd. Full timeDescription The Case & Project Manager is responsible for monitoring all activities and successfully facilitating a patient’s case from enrollment to the program through case completion while providing an exceptional customer experience throughout the entire process. This role will also be working closely with internal cross-functional team members...
-
Data Engineer using DBT
3 weeks ago
Singapur, Singapore Unison Consulting Pte Ltd Full timeResponsibilities: Engage in both exploratory data analysis to identify trends and data patterns Perform data preparation and data cleaning part of data migration project. Understand Source data and support Source to Target mapping rules Design and implement the ETL framework for the data warehouse Build and maintain DBT pipelines to transform source data...
-
Security Operation Center
3 weeks ago
Singapur, Singapore Shopee Full timeSecurity Operation Center (SOC) Engineer - Digital Bank (Campus Recruitment) DepartmentEngineering and TechnologyLevelEntry LevelLocationSingapore The Engineering and Technology team is at the core of the Shopee platform development. The team is made up of a group of passionate engineers from all over the world, striving to build the best systems with the...
-
Cybersecurity Technical Lead
3 weeks ago
Singapur, Singapore ST Engineering Full timeTitle: Cybersecurity Technical Lead Job ID: Location: ST Engineering Jurong East Bui, SG Description: ST Engineering is a global technology, defence and engineering group with offices across Asia, Europe, the Middle East and the U.S., serving customers in more than countries. The Group uses technology and innovation to solve real-world...
-
(Senior) Security Operations Engineer
3 weeks ago
Singapur, Singapore Funding Societies | Modalku Group Full timeFunding Societies | Modalku is the largest SME digital financing platform in Southeast Asia. We are licensed in Singapore, Indonesia, Thailand, and registered in Malaysia. We are backed by Sequoia India and Softbank Ventures Asia Corp amongst many others and provides business financing to small and medium-sized enterprises (SMEs), which is crowdfunded by...
-
Cyber Maintenance Engineer
4 weeks ago
Singapur, Singapore NCS Group Full timeResponsibilities: Perform research on latest vulnerabilities Provide technical consulting and advisory on cyber security and firewall products Provide post-installation troubleshooting and technical support Keeping up-to-date with the latest news and threats in the security industry Requirements: Degree in Computer Science, Computer...
-
Cyber Maintenance Engineer
4 weeks ago
Singapur, Singapore NCS Full timePRIMARY PURPOSE To provide maintenance support to clients. The Cyber Maintenance Engineer will play a key part in Technology Services Delivery team to ensure security solution maintained at the highest quality and standard. Responsibilities: Perform research on latest vulnerabilities Provide technical consulting and advisory on cyber security...
-
Consultant Managed Cyber Ops
3 weeks ago
Singapur, Singapore NCS Full timeJob DescriptionProactively 'hunt' for potential malicious activity and incidents across the environment using advanced threat network and host-based tools adopting Mitre Attack Framework.Perform hunting for malicious activity across the network, endpoint, and Critical Assets.Create hunting hypothesis and perform IOCs & TTPs based threat hunting and share...
-
Senior/Engineer, Pre-sales
4 weeks ago
Singapur, Singapore M1 Full timeJob Responsibilities/Requirements: Responsibilities: Manage end-to-end Telcom & ICT solutioning Responsible for RFP document development and preparation, and ensure that high quality proposals are submitted on time Perform effective engagement with bid stakeholders, customers and partners for bid submission Work closely with sales team to...
-
SOC Engineer
3 weeks ago
Singapur, Singapore NCS Group Full timeResponsibilities: Provide engineering supporting an SOC environment. Plan, test and deploy patches for SOC systems. Work with Dev Ops and SOC team to plan for developmental work. Manage lifecycle of security log sources, including onboarding, modifying, and decommissioning of log sources. Perform data engineering to extract, transform, load...
-
Splunk Officer
3 weeks ago
Singapur, Singapore Nityo Infotech Full timeSeeking a Splunk Officer for the design, plan, installation, maintenance, configuration of Splunk distributed/cluster deployment, and integration with infrastructure tools, security devices and application software. This person will specifically drive collaboration with peers to manage efforts with our Splunk solutions. •Manage and maintain all Splunk...
-
Singapur, Singapore JPMorgan Chase & Co. Full timeTake on a crucial role where you'll be a key part of a high-performing team delivering secure software solutions. Make a real impact as you help shape the future of software security at one of the world's largest and most influential companies. As a Lead Security Engineer at JPMorgan Chase within the Cyber Security and Technology Controls you are an...
-
Chemical Process Technicians
4 weeks ago
Singapur, Singapore U3 Full timeSolarwinds Engineer Must have ITIL, Solarwinds (NPM, NCM, SAM ) Certifications : ITIL, Solarwinds (NPM, NCM, SAM ) Knowledge in Infrastructure monitoring tools such as BMC TSIM, Solarwinds Knowledge in Application monitoring tools such as Cisco AppDynamics. Knowledge in SIEM/Log management tools such as RSA Netwitness Knowledge in Patch management...
-
Applications Development Engineer
4 weeks ago
Singapur, Singapore 3160 KLA-Tencor (Singapore) Full timeDescription Characterization of next-generation, state-of-the art semiconductor wafer inspection products. Develop and review feature requirements, design test plans, collect data, perform analysis, publish results and recommendations in the form of applications notes and best-known methods. Conduct new tool demonstrations to showcase...
-
Cloud Engineer
3 weeks ago
Singapur, Singapore GovTech Singapore Full time[What the role is] As a Cloud Engineer, you will work with various project teams to design and deploy appropriate cloud-based solutions in ITE Azure Cloud Infrastructure. [What you will be working on] This will involve the evaluation and implementation of both new initiatives and migration of existing on-premises applications to the cloud. In supporting day...
-
Engineer
2 weeks ago
Singapur, Singapore ST Engineering Full timeTitle: Engineer Job ID: Location: ST Engineering Jurong East Bui, SG Description: ST Engineering is a global technology, defence and engineering group with offices across Asia, Europe, the Middle East and the U.S., serving customers in more than countries. The Group uses technology and innovation to solve real-world problems and improve lives...
-
Singapur, Singapore GovTech Singapore Full time[What the role is] NYP-Microsoft Centre for Applied AI is a specialist technology and training centre, jointly established by NYP and Microsoft with funding support from SkillsFuture Singapore. The centre aims to drive and accelerate the adoption of Artificial Intelligence (AI) technologies and solutions by Singapore’s industry, especially the SMEs in the...