Enable job alerts via email!
SOC Analyst L2
UST GLOBAL (SINGAPORE) PTE. LIMITED
Singapore
On-site
SGD 70,000 - 90,000
Full time
Generate a tailored resume in minutes
Land an interview and earn more. Learn more
Job summary
A leading cybersecurity firm in Singapore is seeking a SOC Analyst L2 to enhance their security operations. The role involves deep investigation of security incidents, collaborating with multiple teams, and ensuring effective monitoring through SIEM tools like Splunk and Exabeam. Candidates should have a minimum of 5 years experience in security operations and a strong understanding of incident management. This position offers an opportunity to contribute to vital security policies and training our junior analysts.
Qualifications
- Minimum 5 years of experience in security operations.
- Experience with security event monitoring and incident investigation.
- Ability to adjust SIEM rules for effective operations.
Responsibilities
- Perform deeper analysis and handle escalated incidents.
- Collaborate with teams to resolve security issues.
- Share knowledge and provide training to L1 analysts.
Skills
Tools
SOC Analyst L2/RE is an operational role, focusing on ticket quality and security incident deeper investigation, and will be responsible to handle the escalated incidents from Level 1 team within SLA.
- SOC Analyst L2 would work closely with SOC L1 team, L3 team & customer and responsible for performing deeper analysis and need to interact with client in daily calls and need to take the responsibility of handling the True Positive incidents on time.
- Handle escalated incidents and coordinate with client when required.
- Work closely with Client Duty Officers on any ad-hoc operational requests.
- Collaborate with the Exabeam, Splunk, and Log Source teams to resolve issues as needed.
- Take appropriate action on IOCs received from client when required.
- Fine‑tune and create new detection rules based on client requests.
- Create and manage the Incident handling playbook, process runbooks and ad-hoc documents whenever needed.
- Recommend finetuning for client with logic and threshold, and possibly the query as well for the SIEM.
- Recommend new use cases with logic and threshold, and possibly the query as well for the SIEM.
- Provide data from Splunk/Exabeam during client audit activities.
- Share monthly data to client for internal IMM meetings.
- Share top user-reported malicious emails from Abnormal Security for reward and recognition programs.
- Prepare RCA report when required.
- Share knowledge to other analysts in their role and responsibilities.
- Provide knowledge transfer to L1 such as advance hunting techniques, guides, cheat sheets etc.
- Minimum 5 Years of experience in Security Operations
- Security event monitoring, alert triage, and thorough incident investigation.
- Research and understand log sources for effective security monitoring.
- Isolate issues, respond to incidents, and mitigate threats swiftly.
- Adjust SIEM rules for better alert and incident specifications.
- Optimize SIEM capabilities, aid in audit/logging, and generate timely reports.
- Develop and maintain security operation standards, procedures, and playbooks.
SOC, SIEM Platforms, Splunk, Exabeam, SOAR platform, Google SecOps, Log Source, Security Operations
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
