Search Jobs
Search by job, company or skills
Search by job, company or skills
Key Responsibilities
Install, configure and administer the full SIEM server fleet (Elasticsearch, Logstash, Kibana, Beats).
Build Python/Bash automation and self-service tooling to eliminate manual tasks.
Onboard new log sources: design data pipelines, write custom GROK parsers and tune ingestion.
Provide L2/L3 production support, incident response and root-cause analysis.
Manage small-to-medium security projects end-to-end: scope, plan, deliver and report.
Contribute to the Permanent Control framework and regulatory incident reporting.
Work closely with Infrastructure & Observability teams to test and roll out platform changes.
Required Skills & Experience
7+ years total IT experience, including 45 years hands-on with the Elastic (ELK) stack at enterprise scale.
Strong Linux (RedHat/Ubuntu) administration and Python or Bash scripting.
Production experience with Kafka for high-volume log streaming.
Familiarity with Ansible or similar automation / DevOps tooling.
Solid understanding of the cyber-threat landscape and SIEM use-cases.
Rigorous, solution-oriented and able to work autonomously in a fast-paced financial-services environment.
Nice to Have
Platform integration skills (virtual & bare-metal).
Prior exposure to financial-services regulations (MAS, HKMA, etc.).
Job ID: 143893313
