Correlation and Automation Engineer

at  Ensign InfoSecurity

Ensign is hiring !
Responsibilities:
Ensure timely response to security incidents, root cause analysis and closure of incident Triage detection alerts, investigate and respond to cybersecurity incidents that may involve log analysis, forensic analysis and incident management, based on technology available to GCSOC Assess cybersecurity threats and vulnerabilities Develop and test incident response playbooks and processes Provide recommendation to fine-tune detection use cases and SOAR playbooks Maintain situational awareness and keep current with cyber security news and threat actor Tactics, Techniques and Procedures (TTPs) Prepare and review SOC reports to update stakeholders
Qualification / Experience:
Professional certifications, including GIAC or other relevant certifications will be preferred Preferably 2 years or more of experience as a full-time SOC analyst or incident response analyst or related discipline
OR
On a case by case basis, personnel who have demonstrated outstanding analytical skills, based on results from Govtech-Ensign L2 assessment conducted, to be discussed and agreed upon by Govtech and Ensign
Technical Expertise:
Understanding of operating systems and platform (e.g. Windows, Linux) Knowledge of computer networking, LAN, and server Ability to analyse network and application logs Good working knowledge of Cloud and Container technologies are a plus Familiarity with good security practices
Other Requirements:
Ability to work under pressure Demonstrate integrity, initiative, energy and endurance Willingness to learn Possess good communication and interpersonal skills Fresh Graduates are welcome to apply Singapore Citizen only

Please refer the Job description for details