We are seeking a motivated and dedicated Cyber SOC Analyst to join our 24/7 Security Operations Centre (SOC). The successful candidate will focus on continuous monitoring of security events, initial incident response, and vulnerability management. The ideal candidate will have 1-2 years of experience in cybersecurity, a basic understanding of networking and IT domains, and a keen interest in continuous learning and professional growth.
Key Responsibilities
- Continuously monitor security events and alerts using SIEM tools and other security technologies.
- Perform initial triage of security incidents and escalate as necessary.
- Conduct basic analysis to identify and mitigate potential security threats.
- Read, understand, and act upon Cyber advisories from government source, following SOPs and instructions closely.
- Verify advisory requirements, check inventory, and communicate with system owners to confirm tool usage.
- Check old advisory emails and SharePoint records to prevent redundant inquiries.
- Collaborate with Tier 2 and Tier 3 analysts for complex incident resolution.
- Provide incident response phone support following SOPs and workflows.
- Conduct health checks for various SOC systems, ensuring they are functioning correctly.
- Maintain detailed records of security incidents and actions taken.
- Participate in shift rotations to ensure 24/7 coverage.
- Perform regular updates, checks, and removal of outdated Handover and Takeover (HOTO) emails to ensure all 24/7 analysts are in sync.
- Provide support for vulnerability assessments and remediation efforts.
- Stay current with the latest cybersecurity trends, threats, and best practices.
Qualifications
Educational Background:
- Relevant certifications such as CISSP, CISM, CEH, CompTIA Security+, or SANS/GIAC are highly preferred.
Experience:
- 1-2 years of experience in cybersecurity, focusing on incident detection and response.
- Experience with Security Information and Event Management (SIEM) systems.
Technical Skills:
- Basic understanding of security technologies and network security.
- Skills in vulnerability management and mitigation.
- Ability to read and understand Cyber advisories from government source.
- Familiarity with different cybersecurity and IT domains.
- Basic scripting and automation skills for security tasks.
- Experience in managing and securing endpoints.
Analytical and Problem-Solving Skills:
- Strong analytical skills to identify and mitigate security threats.
- Excellent problem-solving abilities to address complex security issues.
Communication and Training Skills:
- Ability to convey complex security information clearly and effectively.
- Willingness to participate in and conduct training programs for continuous improvement.
Adaptability and Continuous Learning:
- Commitment to staying current with cybersecurity trends and advancements.
- Motivation to learn and grow within the cybersecurity field.
Attention to Detail and Collaborative Skills:
- Keen observation skills to detect subtle security threats.
- Ability to work effectively in a team-oriented environment.
Desired Technical Skills
- SIEM Proficiency: Skilled in using SIEM tools such as IBM QRadar or Splunk for security event monitoring and analysis.
- Network Security: Experience with network security tools like Fortin et and Palo Alto firewalls.
- Automation Tools: Familiarity with Palo Alto XSOAR automation tools.
- ITSM: Knowledge of IT Service Management (ITSM) tools like ServiceNow.
- IT Domains: Basic understanding of Windows and Linux operating systems.
- Scripting and Automation: Basic proficiency in scripting for automating security tasks.
- Advisory Skills: Ability to understand and act upon cybersecurity advisories.
Work location: Changi Airport