SOC Analyst

at  Singapore Technologies Engineering Ltd

Job ID: 15432
Location:ST Engineering Jurong East Bui, SG
Description:
We are seeking motivated and dedicated Cyber Analyst to join our 24/7 Security Operations Center (SOC). The successful candidate will focus on continuous monitoring of security events, initial incident response, and vulnerability management. Ideal candidate should have 1-2 years of experience in cybersecurity, a basic understanding of networking and IT domains, and a keen interest in continuous learning and professional growth.

QUALIFICATIONS

Educational Background:

• Relevant certifications such as CISSP, CISM, CEH, CompTIA Security+, or SANS/GIAC are highly preferred.

Experience:

• 1-2 years of experience in cybersecurity, focusing on incident detection and response.
• Experience with Security Information and Event Management (SIEM) systems.

Technical Skills:

• Basic understanding of security technologies and network security.
• Skills in vulnerability management and mitigation.
• Ability to read and understand cyber advisories from government source.
• Familiarity with different cybersecurity and IT domains.
• Basic scripting and automation skills for security tasks.
• Experience in managing and securing endpoints.

Analytical and Problem-Solving Skills:

• Strong analytical skills to identify and mitigate security threats.
• Excellent problem-solving abilities to address complex security issues.

Communication and Training Skills:

• Ability to convey complex security information clearly and effectively.
• Willingness to participate in and conduct training programs for continuous improvement.

Adaptability and Continuous Learning:

• Commitment to staying current with cybersecurity trends and advancements.
• Motivation to learn and grow within the cybersecurity field.

Attention to Detail and Collaborative Skills:

• Keen observation skills to detect subtle security threats.
• Ability to work effectively in a team-oriented environment.

DESIRED TECHNICAL SKILLS

• SIEM Proficiency: Skilled in using SIEM tools such as IBM QRadar or Splunk for security event monitoring and analysis.
• Network Security: Experience with network security tools like Fortinet and Palo Alto firewalls.
• Automation Tools: Familiarity with Palo Alto XSOAR automation tools.
• ITSM: Knowledge of IT Service Management (ITSM) tools like ServiceNow.
• IT Domains: Basic understanding of Windows and Linux operating systems.
• Scripting and Automation: Basic proficiency in scripting for automating security tasks.
• Advisory Skills: Ability to understand and act upon cybersecurity advisories.

• Continuously monitor security events and alerts using SIEM tools and other security technologies.
• Perform initial triage of security incidents and escalate as necessary.
• Conduct basic analysis to identify and mitigate potential security threats.
• Read, understand, and act upon cyber advisories from government source, following SOPs and instructions closely.
• Verify advisory requirements, check inventory, and communicate with system owners to confirm tool usage.
• Check old advisory emails and SharePoint records to prevent redundant inquiries.
• Collaborate with Tier 2 and Tier 3 analysts for complex incident resolution.
• Provide incident response phone support following SOPs and workflows.
• Conduct health checks for various SOC systems, ensuring they are functioning correctly.
• Maintain detailed records of security incidents and actions taken.
• Participate in shift rotations to ensure 24/7 coverage.
• Perform regular updates, checks, and removal of outdated Handover and Takeover (HOTO) emails to ensure all 24/7 analysts are in sync.
• Provide support for vulnerability assessments and remediation efforts.
• Stay current with the latest cybersecurity trends, threats, and best practices.