Enable job alerts via email!
Ops Support Engineer
User Experience Researchers Pte.Ltd
Singapore
On-site
SGD 70,000 - 90,000
Full time
Yesterday
Be an early applicant
Generate a tailored resume in minutes
Land an interview and earn more. Learn more
Job summary
A technology services firm in Singapore is seeking an experienced EDR Operations Specialist to operate and maintain Carbon Black EDR servers on RHEL 8. The role involves monitoring system performance, troubleshooting issues, and ensuring compliance with security protocols. The ideal candidate should have strong skills in RHEL administration, network troubleshooting, and EDR functionalities. A proactive approach in technical support and incident response is essential. Certification in RHCSA is a plus.
Qualifications
- Experience with Carbon Black EDR or equivalent platforms.
- Strong understanding of RHEL system administration.
- Familiarity with PostgreSQL maintenance tasks.
Responsibilities
- Maintain and operate EDR servers on RHEL 8.
- Monitor and troubleshoot sensors and networks.
- Ensure EDR server OS hardening and security compliance.
Skills
Carbon Black EDR usage
RHEL system administration
PostgreSQL maintenance
Network troubleshooting
Endpoint diagnostics
Privileged accounts management
Education
Relevant technical degree or certification
Tools
Carbon Black EDR
RHEL 8
PostgreSQL
Job description
Roles and Responsibilities:
1. EDR Server Operations & Maintenance
- Maintain and operate Carbon Black (CB) EDR servers hosted on RHEL 8.
- Perform scheduled maintenance tasks on Operating System (OS), databases and application (CB) level, including patching, health checks, backups, and service restarts under approved change windows.
- Validate and maintain EDR server application services (web console, CB backend services, Solr, PostgreSQL) and log forwarding services (NXLog, CB event forwarder) to the clients Log Collector.
- Monitor and clear stale services, queues, or indexing issues.
- Manual review of system, security and audit logs of OS, database and application which are not forwarded to the Boards designated plant log collection server.
- Engage OEM to provide troubleshooting solution under software license support, provide professional services for both hardware and software related configuration, integration and troubleshooting works if necessary.
2. Endpoint Sensor Management
- Monitor presence, health, and connectivity of all sensors deployed on monitored endpoints.
- Troubleshoot sensors that are showing offline on the server:
o Validate network paths of sensor communication.
o Inspect sensor local service state, tamper protection status, and logs.
o Collect endpoint diagnostic data. - Support redeployment or recovery of corrupted/missing sensor components.
- Assist in onboarding new hosts into the EDR environment.
- Validate EDR server sensor information against plant asset inventory.
3. Network & Infrastructure Coordination
- Work with appropriate third parties to validate port connectivity, firewall rules, and Carbon Black SSL certificate issues for endpoint integration.
- Assist in troubleshooting endpoints inside air-gapped networks using host mappings and static resolving techniques.
- Support analysis of intermittent or unstable site connectivity.
4. Security & Hardening
- Ensure EDR server OS hardening (RHEL CIS baseline), account permissions, and file system access are maintained according to Client’s Hardening Guides.
- Monitor release of new security patches for OS and application of EDR system, track security vulnerabilities, assess applicability and implement patches or workarounds according to client stipulated timeframe for patching. These changes shall be logged via change requests.
- Quarterly review of User Access for the EDR servers, including but not limited to user/service/privileged accounts and access rights, user activity logs like successful login/logout events and failed login attempts, and inactive user accounts for more than 90 days.
- Annual review of system configuration, including unnecessary services and applications, improper user account and password settings, improper logging and backup settings and improper Windows/network security policy setting. For any configuration weaknesses identified, provide the Board with full details of the actions to be taken to harden or correct the weaknesses and perform risk assessments for hardening that cannot be applied.
- Put up reviews in writing for approval by designated Approving Officer of the Board.
- Maintain a key management system to track and manage the lifecycle of cryptographic keys used in the EDR system.
- Comply with any written instructions on cybersecurity related matters that are issued by the Government and Board from time to time.
5. Technical Support & Incident Response
- Provide technical support for issues escalated by the cybersecurity branch.
- Assist during cybersecurity investigations by retrieving endpoint data, event logs, and sensor telemetry.
- Support forensic or operational queries where EDR data is required.
6. Reporting & Documentation
- Produce maintenance reports after every maintenance cycle. The report shall minimally include:
o Summary status report of completed jobs, ad-hoc support and outstanding jobs;
o Server health checklist;
o Performance measurement (including System Availability, Response Time, Turnaround Time);
o System, security and audit log review and findings;
o Software security patch;
o Tracking of software license subscription expiry;
o Action item on outstanding matters with the Board. - Maintain SOPs, inventory of assets, system configuration notes, and troubleshooting guides.
- Raise change request according to Client’s Change Management for maintenance works and system changes.
- Document system changes, sensor onboarding actions, and backup logs.
Technical Requirements:
Mandatory Technical Skills
- Experience with Carbon Black EDR, or equivalent EDR platforms.
- Strong RHEL system administration knowledge (RHEL 8/9).
- Familiarity with PostgreSQL maintenance tasks (backup, check, restore).
- Understanding of network troubleshooting (TCP, TLS, proxies, firewalls).
- Hands-on experience with endpoint diagnostics for EDR sensors on Windows.
- Understanding of secure operations and handling of privileged accounts.
Good-to-Have
- Experience with CIS Benchmarks for RHEL and Windows.
- Knowledge of log management/SIEM integration.
- Understanding of operational technology networks and remote plant architectures.
Certifications (Preferable but Not Mandatory)
- RHCSA / RHCE
- VMware Certification for Carbon Black EDR
Get your free, confidential resume review.
or drag and drop a PDF, DOC, DOCX, ODT, or PAGES file up to 5MB.
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
Michael Carter
I was stuck sending out resumes with no response until I used JobLeads. They made my resume impossible for recruiters to ignore.
Sophie Reynolds
JobLeads' resume review helped me fix critical mistakes, and I started getting interviews almost immediately!
Daniel Fischer
With JobLeads' resume review, my resume went from overlooked to interview-ready in no time!