Senior SOC Engineer (GTS - Command Centre) at Oversea Chinese Banking Corp
Singapore, Singapore, Singapore -
Full Time


Start Date

Immediate

Expiry Date

11 Sep, 26

Salary

0.0

Posted On

13 Jun, 26

Experience

5 year(s) or above

Remote Job

Yes

Telecommute

Yes

Sponsor Visa

No

Skills

SIEM, SOAR, EDR, XDR, UEBA, Python, PowerShell, Bash, MITRE ATT&CK, Incident Response, Detection Engineering, REST APIs, JSON, Network Traffic Analysis, Security Log Analysis, Threat Intelligence

Industry

Banking

Description
WHO WE ARE: As Singapore’s longest established bank, we have been dedicated to enabling individuals and businesses to achieve their aspirations since 1932. How? By taking the time to truly understand people. From there, we provide support, services, solutions, and career paths that meet their individual needs and desires. Today, we’re on a journey of transformation. Leveraging technology and creativity to become a future-ready learning organisation. But for all that change, our strategic ambition is consistently clear and bold, which is to be Asia’s leading financial services partner for a sustainable future. We invite you to build the bank of the future. Innovate the way we deliver financial services. Work in friendly, supportive teams. Build lasting value in your community. Help people grow their assets, business, and investments. Take your learning as far as you can. Or simply enjoy a vibrant, future-ready career. Your Opportunity Starts Here. Why Join Protecting our customers' assets and data is at the heart of everything we do at OCBC. As a Cyber Engineering - Risk professional, you'll play a critical role in safeguarding our systems and networks from cyber threats. You'll be part of a team that's shaping the future of cybersecurity in the financial industry. How you succeed The candidate will be part of the Cyber Security Operations team and will be responsible for engineering and enhancing SOC capabilities across threat detection, automation, SOAR playbooks, AI-assisted workflows and SOC tooling. The candidate will support the development of scalable, repeatable and measurable capabilities to improve threat monitoring, investigation efficiency and response readiness. What you do Develop and maintain SOAR playbooks, automation workflows and AI-assisted SOC processes to support alert triage, enrichment, correlation, investigation and response. Design automated enrichment and correlation workflows to improve investigation context and reduce manual analysis. Review detection effectiveness, false positives, coverage gaps and recurring alert patterns, and recommend improvements to prevention, detection and response capabilities. Lead development, validation and finetuning of detection use cases, SOAR playbooks and AI-assisted SOC workflows. Manage integration of SOC tools and data sources to improve alert enrichment, event correlation, investigation context, automation reliability and reporting. Drive troubleshooting of detection issues, broken playbooks, failed automations, data quality issues and platform-related constraints affecting SOC operations. Optimise usage of SOC tools and evaluate new technologies where required. Build repeatable and efficient engineering processes to support monitoring, detection, analysis, escalation and remediation of potential cyber security incidents. Track and report effectiveness of SOC engineering enhancements such as playbook adoption, automation rate and analyst effort reduction. Provide technical guidance to SOC analysts on effective use of SOC tools, detection logic, SOAR playbooks and AI-assisted investigation workflows. Identify opportunities where automation, AI-assisted triage or agentic workflows can safely reduce manual effort, improve investigation consistency and accelerate response. Identify opportunities for SOC improvements, including metrics definition, playbook enhancements, detection optimisation, workflow automation and analyst capability uplift. Prioritise tasks appropriately and formulate clear responses or recommendations to stakeholders in a fast-paced environment. Who you are 5 or more years of experience in a SOC environment, security engineering, detection engineering, incident response or related cybersecurity field. Strong hands-on experience with SOC tools such as SIEM, SOAR, EDR, XDR or UEBA. Experience developing and maintaining SOAR playbooks or automation workflows. Experience designing, developing, deploying and finetuning security monitoring use cases based on frameworks such as MITRE ATT&CK. Experience developing threat detection content, SIEM correlation rules, EDR queries, dashboards and alert tuning recommendations. Strong proficiency in SIEM, network traffic, host event and security event log analysis. Good understanding of Windows, Linux, Active Directory, identity compromise, network protocols, cloud/SaaS logs, endpoint artefacts and common attacker techniques. Experience working with threat intelligence, IOCs and TTPs to support detection and response capability development. Experience with REST APIs, JSON, webhooks and other tool integration. Proficiency in Python, PowerShell, Bash or similar scripting is preferred. Ability to write clear technical documentation, workflow diagrams, implementation guides and analyst-facing procedures. Ability to prioritise effectively, manage competing operational demands and make sound technical recommendations. Familiarity with AI-assisted security operations, SOC copilots, automated enrichment, agentic workflows or machine-assisted triage is a plus. Experience in banking, financial services, critical infrastructure or highly regulated environments is a plus. Relevant certifications such as GCIH, GCIA, GCFA, GNFA, GREM, OSCP, CISSP, Splunk, Microsoft Sentinel, SOAR-related certifications or equivalent are preferred. Who we are As Singapore's longest established bank, we have been dedicated to enabling individuals and businesses to achieve their aspirations since 1932. How? By taking the time to truly understand people. From there, we provide support, services, solutions, and career paths that meet their individual needs and desires. Today, we're on a journey of transformation. Leveraging technology and creativity to become a future-ready learning organisation. But for all that change, our strategic ambition is consistently clear and bold, which is to be Asia's leading financial services partner for a sustainable future. We invite you to build the bank of the future. Innovate the way we deliver financial services. Work in friendly, supportive teams. Build lasting value in your community. Help people grow their assets, business, and investments. Take your learning as far as you can. Or simply enjoy a vibrant, future-ready career. Your Opportunity Starts Here. What we offer: Competitive base salary. A suite of holistic, flexible benefits to suit every lifestyle. Community initiatives. Industry-leading learning and professional development opportunities. Your wellbeing, growth and aspirations are every bit as cared for as the needs of our customers. Let’s build the bank we need for the future we want. Find the best version of yourself in a friendly, supportive team. Build lasting value in your community. Help people grow their assets, business, and investments. Take your learning as far as you can. Or simply enjoy a vibrant, future-ready career. Your Opportunity Starts Here Introduce yourself to our recruiters and we'll get in touch if there's a role that seems like a good match. As the longest established Singapore bank, formed in 1932 from the merger of three local banks, we have grown from strength to strength to become a regional financial services group. With a deep history in Asia, we offer the most comprehensive coverage across ASEAN and Greater China, complemented with a presence in the leading economies of New York, London and Sydney. We are the second largest financial services group in Southeast Asia by assets with one of the world’s highest credit rating (Aa1 by Moody’s and AA- by both Fitch and S&P). We offer private banking services through our wholly-owned subsidiary, Bank of Singapore, which operates on a unique open-architecture product platform to source for the best-in-class products to meet its clients’ goals. Our insurance subsidiary, Great Eastern Holdings, is the oldest and most established life insurance group in Singapore and Malaysia.

How To Apply:

Incase you would like to apply to this job directly from the source, please click here

Responsibilities
The role focuses on engineering and enhancing SOC capabilities through the development of SOAR playbooks, AI-assisted workflows, and automated threat detection. It involves managing SOC tool integrations and optimizing detection use cases to improve investigation efficiency and response readiness.
Loading...