Key Responsibilities:
- Provide administration and operations end to end support to SIEM Security Analytics Platform and other security solutions related infrastructure deployed within the bank.
- Onboarding new log sources, enabling new use cases and supporting all existing use cases.
- Develop and support case management workflow, reports and dashboards.
- Manage and support the log management environment.
- Monitor SIEM internal logs to identify and resolve potential performance issues.
- Drive upgrades and migration to ensure solutions and or related platform are maintained in tip-top working conditions with proper documentation and RCA.
- Test and manage application functionalities, system and infrastructure changes, upgrades, enhancements, patches and troubleshooting.
- Work within established practices and handling guidelines to triage device outages.
- Available to respond to any requests and assist with troubleshooting activities along with proper documentation.
- Ability to understand of data generated by infrastructure and application across bank.
- Integrate data feeds into SIEM Solutions from on premise and cloud deployed devices and applications
- Automation development on existing data feed and contextual data so we get different data from various log feeds to one location.
- Manage and coordinate change & Incident process engagement with regards to current security solutions.
Requirements:
- Certified in leading SIEM administrator would be plus
- Professional security related qualification (e.g. SANS GCIA, GCIH etc.) will be favorable although not mandatory
- 5+ years of relevant experience in the area for managing SIEM preferably Splunk/ArcSight
- Hands on experience in Advanced SIEM, Security Analytics solution, Linux and database (MySQL, Oracle/SQL)
- Strong in providing operational support to any SIEM and other security platforms
- Strong knowledge in Syslog log management platform
- Experience in understanding end to end data flow
- Strong knowledge in understanding OS, Proxy, Network and other main-stream Infrastructure, Application, Access and Cloud logs.
- Strong Knowledge in developing custom parsers (regex) required for data ingestion for any infrastructure or application-based data feeds.
- Strong knowledge to optimize performance and outages related to SIEM Solutions.
- Experience in normalize and data preparation to clean the data
- Experience in Data/Device Integration and provide the data back to other platform.
- Knowledge with SOAR platform is an added advantage.
- Experience in Automation using any scripting languages like Python and Shell.
- Knowledge and hands-on experience on implementing Use Cases would be add-on.
Sumit Sambhi
EA License No. – 23C2060
EA Registration No. - R1330510
Disclaimer: The company is committed to ensuring the privacy and security of your information. By submitting this form, you consent to the collection, processing, and retention of the information you provide. The data collected (which may include your contact details, educational background, work experience and skills) will be used solely for the purpose of evaluating your qualifications for the position you're applying for. Your data will be stored securely and retained for the duration necessary to fulfill our hiring process. If you are not selected for the position, your data will be kept on file for a limited period in case future opportunities arise. You have the right to access, correct, or delete your data at any time by contacting us at Quess Singapore | A Leading Staffing Services Provider in Singapore (quesscorp.sg)
