This role:
Position: SOC L3 Analyst
Duration: 12 Months ( renewable)
Location: Central Singapore
Job details:
We are looking for SOC L3 Engineer who will be part of our growing Global Operations & Delivery team, which monitors, investigates, and resolves security incidents, violations, and suspicious activities. Our global Operations group takes innovative approaches and uses the most cutting-edge technologies to transform the operations of our customers and secure the security landscape.
Main Responsibilities
- Act as an escalation point for high and critical severity security incidents, and conduct thorough investigations to determine potential impact and understand extend of compromise;
- Analyse attack patterns, Tools,Techniques and Procedures (TTPs) to identify methods of attacks and attack life cycle;
- Provide recommendations on issue resolution activities such as security controls policy configuration changes and security hygiene improvement;
- Provide guidance on mitigating risks associated with security vulnerabilities;
- Hunt for Indicators of Compromise (IOCs) and signs of Advanced Persistent Threats (APTs) within the Client’s environment;
- Conduct threat hunting by means of in-depth log analysis to identify potential threats that may have evaded automated detection;
- Identify gaps and weaknesses in existing security processes and propose enhancements to improve Client’s established incident response methodologies;
- Document and update incident response processes, define outcomes for future references and drive continuous improvement; and
- Participate in regular team meetings,Incident Response war room discussions and executive briefing sessions.
- Resolve, escalate, report, and raise recommendations for resolving and remediating security incidents.
- Be an escalation point for investigations of clients and suggest optimization activities to improve their performance.
- Proactively monitor and review threats and suspicious events from customers participating in the service.
- Handle the advanced monitoring of system logs, SIEM tools, and network traffic for unusual or suspicious activity.
- Set up SIEM solutions and troubleshoot connectivity issues.
- Investigate and resolve security violations by providing post-mortem analysis to illuminate issues and possible solutions.
- Collate security incident and event data to produce monthly exception and management reports.
- Report unresolved network security exposure, misuse of resources, or noncompliance situations using defined escalation processes.
- Assist and train team members in the use of security tools, the preparation of security reports, and the resolution of security issues.
- Develop and maintain documentation for security systems and procedures.
Requirements
- 7- 8 years of experience in SOC with alteast 3 years as a SOC L3 Analyst working as part of a Global SOC team
- Maintain excellent customer relationship through professional, proactive approach
- Experience with SIEM vendors such as QRadar, ArcSight, RSA, and LogRhythm
- Experience in incident response, and in writing procedures runbooks and playbooks
- Ability to work with customer’s IT and security teams