Back to All Jobs
Singapore
70 days ago
SOC Analyst L2

SOC Analyst L2/RE is an operational role, focusing on ticket quality and security incident deeper investigation and will be responsible to handle the escalated incidents from Level 1 team within SLA.

Responsibilities:

·       SOC Analyst L2 would work closely with SOC L1 team, L3 team & customer and responsible for performing deeper analysis and need to interact with client in daily calls and need to take the responsibility of handling the True Positive incidents on time.

·       Handle escalated incidents and coordinate with SIA when required.

·       Work closely with SIA Duty Officers on any ad-hoc operational requests.

·       Collaborate with the Exabeam, Splunk, and Log Source teams to resolve issues as needed.

·       Take appropriate action on IOCs received from SIA when required.

·       Fine-tune and create new detection rules based on SIA’s requests.

o   Create and manage the Incident handling playbook, process runbooks and ad-hoc documents whenever needed

o   Recommend finetuning for s with logic and threshold, and possibly the query as well for the SIEM

o   Recommend new use cases with logic and threshold, and possibly the query as well for the SIEM

·       Provide data from Splunk/Exabeam during SIA audit activities.

·       Share monthly data to SIA for internal IMM meetings.

·       Share top user-reported malicious emails from Abnormal Security for reward and recognition programs.

·       Prepare RCA report when required

·       Share knowledge to other analysts in their role and responsibilities

·       Provide knowledge transfer to L1 such as advance hunting techniques, guides, cheat sheets etc

Experience:

•         Minimum 5 Years of experience in Security Operations

•         Security event monitoring, triage, and thorough incident investigation.

•         Research and understand log sources for effective security monitoring.

•         Isolate issues, respond to incidents, and mitigate threats swiftly.

•         Adjust SIEM rules for better and incident specifications.

•         Optimize SIEM capabilities, aid in audit/logging, and generate timely reports.

•         Develop and maintain security operation standards, procedures, and playbooks.

Essential Skills:

·       Knowledge and hands-on experience with SIEM Platforms - Splunk & Exabeam

·       Knowledge and hands-on experience with SOAR platform – Google SecOps

·       Strong verbal and written English communication

·       Strong interpersonal and presentation skills

·       Ability to work with minimal levels of supervision

Certification – good to have

·       AWS Security Specialty

·       CompTIA CySA+

·       CEH (Certified Ethical Hacker)

Show More
Save & Apply Later Applying Later... Click to ApplyI AppliedDidn't Apply
Confirm your E-mail: Send Email
Apply for this job
Next Job »
All Jobs from UST Global Inc
3 UST Global Inc jobs in Singapore 1,469 UST Global Inc jobs in
Next Job »
Search Jobs Ust Global Inc Apply Later
Processing Unique Jobs for You: