Search by job, company or skills

Sagl Consulting Pte. Ltd.

SIEM Detection Engineer

Sagl Consulting Pte. Ltd.
Early Applicant
  • 11 days ago
  • Be among the first 50 applicants
Exp: 2-5 Years
6,200 - 8,000 SGD/m
Singapore
Login to check your skill match score

Job Description

Overview:


Our client is seeking a skilled and proactive SIEM Detection Engineer to join their cybersecurity team. This role is critical in the engineering, development, and continuous improvement of threat detection use cases within their SIEM platform. The ideal candidate will be responsible for creating and tuning custom detection rules, mapping existing capabilities to the MITRE ATT&CK framework, and collaborating with the SOC to improve overall detection and prevention measures.

Key Responsibilities:

  • Design, test, and refine new detection use cases within the SIEM platform.
  • Enhance and optimize existing detection use cases using Machine Learning and User & Entity Behavior Analytics (UEBA).
  • Map detection use cases to the MITRE ATT&CK framework to evaluate and ensure comprehensive monitoring coverage.
  • Maintain and update threat detection playbooks, processes, and documentation.
  • Collaborate with the SOC team to continuously improve detection and prevention capabilities.
  • Identify gaps in SIEM coverage and implement new use cases to address blind spots.
  • Work with the log onboarding team and SIEM architect to validate log sources and ensure compliance with CIM standards.
  • Partner with Service Operations to improve processes, documentation, and overall service quality.
  • Provide governance on topics related to operational stability.

Requirements:

  • Minimum of 3 years of experience in SIEM use-case engineering, with 5+ years in cybersecurity.
  • Strong experience working in a security operations role.
  • Proficiency with Splunk Enterprise Security (ES) and developing/tuning detection use cases (Correlation Searches) based on Data Models.
  • Knowledge of Machine Learning and Risk-Based Monitoring in Splunk is a plus.
  • Expertise in analyzing and interpreting security logs to identify potential threats and attack patterns.
  • Experience with the Common Information Model (CIM) for validating data sources.
  • Ability to create and use data models in Splunk for threat detection.
  • Deep understanding of cybersecurity concepts and the attack lifecycle.
  • Familiarity with the MITRE ATT&CK framework and applying it to threat detection.
  • Experience in creating interactive dashboards, alerts, and reports in Splunk.

More Info

Role:Other Software/Hardware/EDP

Industry:Other

Function:IT

Job Type:Permanent Job

Skills Required

Security Operations
threat assessment
threat modeling
Machine Learning
Siem
Splunk
Cyber Security
Threat Analysis
Cyber Security Management

Login to check your skill match score

Login

Date Posted: 13/11/2024

Job ID: 100185877

Report Job

About Company

Sagl Consulting Pte. Ltd.
Follow

Hi , want to stand out? Get your resume crafted by experts.

Similar Jobs

Cyber Defense Engineer SIEM Security Analytics

D L Resources Pte LtdCompany Name Confidential

SIEM Use Case Engineer

Percept Solutions Pte Ltd Company Name Confidential
Last Updated: 19-11-2024 05:25:57 PM
Home Jobs in Singapore SIEM Detection Engineer
Jobs by Skill - IT
Jobs by Skill - Non IT
International Jobs