Be wary of WhatsApp messages impersonating Jobline Resources's staff offering job opportunities. Those who encounter suspicious messages can contact Jobline at +65 6339 7198
Responsible to ensure accurate and rapid response to security events
Analyze security logs, SIEM alerts, and incident reports to identify and mitigate risks.
Respond to and investigate security incidents, including breaches, malware outbreaks, and phishing attacks. Monitor networks and systems for security breaches, alerts, and anomalous activity.
Conduct root-cause analysis to prevent future incidents and develop incident response procedures.
Provide analysis and trending of security log data from various security devices
Configure and maintain SIEM tools to align with the organization’s security objectives and threat landscape.
Create custom SIEM dashboards and reports for different stakeholders to visualize critical security metrics and incident data.
Develop and optimize SIEM content, including rules, alerts, and correlation logic, to improve threat detection and response.
Regularly review and tune SIEM rules to reduce false positives, enhance event correlation, and maintain relevance to evolving threats.
Document and update SIEM processes and configurations, ensuring a high level of data accuracy and availability.
Perform regular vulnerability scans and assist in patch management processes. Work with IT teams to prioritize and remediate them.
Recommend solutions to mitigate risks in any activity that may potentially impact security of existing IT and information management
Ensure compliance with industry regulations (e.g. GDPR, ISO 27001) and company policies.
Assist in the development, implementation, and maintenance of security policies, standards, and guidelines.
Assist in training staff on security best practices, including phishing awareness and data protection.
Help develop educational materials and conduct periodic security awareness training.
Advise and consult internal/ external customers on risk assessment, threat modelling and vulnerability management. Perform risk assessments and recommend security measures to mitigate potential risks.
Document risks, vulnerabilities, and remediation strategies in a detailed risk management report.
Maintain up-to-date knowledge of the IT security industry, including awareness of new or revised security solutions, improved security processes and development of new attacks and threat vectors
Manage and optimize security tools, such as firewalls, antivirus software, and intrusion detection/prevention systems (IDPS).
Perform 1st level troubleshooting on servers and network issues with regards to log collection/ security tools
Generate reports on security metrics, incidents, and remediation efforts for management.
Maintain accurate documentation of incidents, security changes, and system configurations.
Any other ad-hoc duties as required or assigned.
Requirements
Bachelor Degree or Advanced Diploma in Computer Science, Information Technology, Cybersecurity from a recognized university or related field (or equivalent experience)
At least 1-3 years in a cybersecurity role, with hands-on experience in SIEM content management, network security, threat monitoring, or incident response
Strong knowledge of cybersecurity principles, practices, and technologies
Expertise in SIEM tools and content management, including rule creation, alert tuning, and report customization
Proficiency with security tools like firewalls, IDPS, antivirus, and vulnerability scanners
Knowledge of scripting (Python, PowerShell) for automation within the SIEM environment is a plus
Ability to analyze and interpret security data to identify vulnerabilities and potential threats
Excellent communication skills, with the ability to explain complex security concepts to non-technical stakeholders
Strong analytical skills and attention to detail
Ability to work on-call or off-hours as needed to respond to security incidents
May require occasional travel for training or workshop
Experience in the application of threat modelling or other risk identification techniques
Detailed knowledge of system security vulnerabilities and remediation techniques, including penetration testing and the development of exploits
Breadth of knowledge in information security space with emphasis on TCP/IP network security, operating system security, common attack patterns and exploitation techniques
Relevant certifications (e.g., CompTIA Security+, Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), GIAC Security Essentials (GSEC)) are a plus