x
Get our mobile app
Fast & easy access to Jobstore
Use App
Congratulations!
You just received a job recommendation!
check it out now
Browse Jobs
Companies
Campus Hiring
Download App
Browse Jobs
Companies
Campus Hiring
News
Download App
Employers
View All Jobs
Jobs in Singapore
Jobs in Singapore   »   Jobs in Singapore   »   Engineering Job   »   SIEM Engineer - Splunk Enterprise Security
banner picture 1 banner picture 2 banner picture 3

SIEM Engineer - Splunk Enterprise Security

Percept Solutions Pte. Ltd.

Percept Solutions Pte. Ltd. company logo
Job Type   /   Job Level
Full-time   /   Others/Any
Job Location
Singapore, Singapore, Singapore
Salary Offered

Description:

  • Primarily accountable for overseeing the engineering, development and maintenance / continuous improvement of threat detection use-cases scenarios within the SIEM (Splunk ES). Additionally, involved in the engineering and development of custom rules in the EDR (CrowdStrike) to swiftly detect potential threats attacks.
  • Another responsibility involves creating transparency of existing detection capabilities by mapping them to the MITRE ATT&CK framework.
  • Support in planning and executing regional IT Infrastructure strategy and aligned with company strategy.
  • Proactively create, test and tune new detection use-cases in the SIEM and custom rules in the EDR.
  • Review and enhance existing detection use-cases using e.g., Machine Learning or User & Entity Behavior Analytics (UEBA).
  • Map the detection use-cases to the MITRE ATT&CK framework to determine the SIEM monitoring coverage.
  • Perform regular updates to threat detection engineering playbooks, processes, and documentations.
  • Work closely with the SOC to challenge detection and prevention capabilities.
  • Identify and implement SIEM use-cases that address blind spots.
  • Coordinate with log onboarding team and SIEM architect to validate new log-sources on-boarded for compliancy, improve performance on SIEM backend
  • Collaboration with Service Operations team to address challenges, process fulfillment, documentations etc, and improvement of Service Operations Quality.
  • Provide governance on topic which related to operational stability.

Specific Knowledge:

  • Intense knowledge in using Splunk Enterprise Security (ES)
  • Intense knowledge in developing and tuning detection use-cases (Correlation Searches) in Splunk based on Data Models
  • Experience in Machine Learning and Risk Based Monitoring in Splunk is an advantage
  • Ability to analyse and interpret security logs and events to identify potential threats and attack patterns
  • Experience in validating data source compliant using the common interface model (CIM)
  • Experience of setting up and utilize data models in Splunk
  • Deep understanding of cyber security concepts to create detection use-cases targeting various phases of attack lifecycle
  • Understanding of MITRE ATT&CK framework and detections of various tactics and techniques
  • Experience and capable of creating interactive dashboards, alerts, reports in Splunk
  • At least 3 years of experience with demonstrable skillsets in SIEM use-case engineering, with over 5 years of experience in cybersecurity.

To apply please click the Apply button or send us your updated profile to [email protected]

EA Licence No.:18S9405 / EA Reg. No.:R1330864

Percept Solutions is undergoing a growth phase and are on the lookout for talent. Applicants are encouraged to follow Percept Solutions on LinkedIn @ https://www.linkedin.com/company/percept-solutions/ to stay up to date on our upcoming roles and events.


✱   This job post has expired   ✱

Sharing is Caring

Know others who would be interested in this job?
© 2024 Jobstore. All rights reserved.