Position Overview
Reporting to the Team Lead of the Security Operations Center, the candidate will be responsible for monitoring and responding to potential security-related risks targeting the Group. The candidate should possess the background and knowledge necessary to discuss incident response activities internally and support security incident investigations. This position requires 24/7 shift work, including graveyard shifts.
Principal Job Functions
- Cybersecurity Event Monitoring: Monitor global cybersecurity events and escalate to the L2 team if relevant events are observed.
- Security Tool Analysis: Perform monitoring, risk assessment, and analysis on security tools such as anomaly detection systems, firewalls, antivirus systems, and proxy devices.
- Incident Response: Follow predefined actions to handle security alerts, including escalation to the L2 team and other support groups.
- Ad-Hoc Task Execution: Complete daily ad-hoc tasks or lead small projects as necessary.
- Documentation: Participate in daily and ad-hoc documentation-related tasks.
- Operational Reporting: Create and maintain reports for Key Performance Indicators (KPIs), as well as weekly and monthly metrics.
- Vulnerability & Threat Assessment: Perform the assessment phase of the Vulnerability & Threat Management process.
- Threat Intelligence: Receive threat intelligence from subscribed feeds and update the Threat Intel knowledge base.
- Incident Investigation: Support any security incident response investigation within the Group, regardless of location or environment.
- Methodology Improvement: Work closely with the Team Lead to review, provide feedback, and implement improvements in Security Operations methodology.
- Ticket Management: Ensure all logged tickets are closed correctly and in a timely manner.
- Routine Reporting: Submit routine reports on threats, vulnerabilities, and incidents handled by the Security Operations Center.
- Runbook Maintenance: Keep the Security Operations Center’s runbooks and procedures up-to-date.
Recommended Prerequisites
- Experience: 3+ years in security operations, preferably with incident management experience.
- Industry Knowledge: Experience in the banking industry is advantageous.
- Technical Skills:Familiarity with security products and network devices.
Extensive experience with network security practices, including intranet, extranet, and internet access.
Technical experience with operating systems like UNIX, AIX, Linux, and Windows.
Knowledge of TCP/IP, DNS, web, and wireless security architectures and enterprise-grade security solutions.
Knowledge of encryption and authentication methods (e.g., 2FA, DES/AES/RSA, Digital Certificates, SSL/TLS, IPSec) and DMZ development.
Understanding of intrusion detection (deep TCP/IP knowledge and cybersecurity), various operating systems, and web technologies.
Ability to read and analyze packet-level data, manage Network/Host Security products (NIDS/NIPS, firewalls, HIPS, AV, scanners), and understand security events.
Proficiency in vulnerability assessment and management, as well as application penetration testing or forensic analysis.
- Certifications: Preferred certifications include those from EC-Council, GIAC, (ISC)² [e.g., CISSP, CEH, GCIA, CCNA].
- People Skills:Performance-oriented, always aiming to exceed past achievements.
Ability to work under pressure in critical situations.
Collaborative attitude, capable of working effectively with peers.
- Communication Skills:Able to communicate effectively with peers during discussions and meetings.
Interested candidates may apply through the application system. We regret to inform only Shortlisted candidates will be notified.
EA License No. 01C4394 • RCB No. 200007268E •Derrick Tiew Yong Han EA Registration No. R1877971
By sending us your personal data and curriculum vitae (CV), you are deemed to consent to PERSOLKELLY Singapore Pte Ltd and its affiliates to collect, use and disclose your personal data for the purposes set out in the Privacy Policy available at https://www.persolkelly.com.sg/policies. You acknowledge that you have read, understood, and agree with the Privacy Policy.