Search by job, company or skills

E

Security Analyst L2

ensign infosecurity (cybersecurity) pte. ltd.
Singapore, Kallang
6-8 Years
SGD 5,000 - 8,000 per month
Save
new job description bg glownew job description bg glow
  • Posted 2 days ago
  • Be among the first 10 applicants
Early Applicant

Job Description

Responsibilities

  • Monitor client environments using SIEM platforms to detect, triage, and respond to cybersecurity threats in accordance with agreed SOPs and industry best practices
  • Analyse and investigate security alerts perform deep-dive log analysis across system and OS layers to establish baselines and identify anomalous behaviour
  • Map threat tactics, techniques, and procedures (TTPs) to the MITRE ATT&CK framework and construct plausible attack-path hypotheses to inform containment actions
  • Produce escalation reports and notes manage triage workflow and identify improvements to automation playbooks
  • Conduct IOC-based reactive threat hunts against limited TTPs
  • Operate SIEM, SOAR, EDR, and wider security tooling within the scope of the service engagement
  • Perform indicator of compromise (IOC) searches and triage incoming threat intelligence to assess relevance to client assets
  • Coordinate with vendors, external CERTs, and internal business stakeholders during incident response activities
  • Manage detection use cases, dashboards, and SOAR playbooks: author and tune detection rules, validate existing content, and implement automation to streamline triage and response
  • Manage the full incident ticket lifecycle, including creation, updates, closure, hygiene, and MITRE ATT&CK mapping
  • Respond to incidents and critical alerts outside of office hours when required
  • Any other tasks as assigned

Requirements

  • Degree in Computer Science, Information Security, or a related discipline
  • Minimum 6 years of experience in cybersecurity operations or a Security Operations Centre (SOC) environment
  • Hands-on experience with SIEM platforms and solid understanding of network, Windows, and Linux infrastructure
  • Hands-on experience with EDR platforms for endpoint detection, investigation, and response
  • Demonstrated ability to triage, investigate, and respond to security incidents independently, with accurate escalation judgement
  • Experience mapping threats to MITRE ATT&CK and conducting IOC-based threat hunts
  • Clear written and verbal communication able to produce structured escalation reports and brief senior stakeholders
  • GIAC Certified Incident Handler (GCIH), EC-Council ECIH, or equivalent incident handling certification required

Preferred Skills / Qualities

  • Experience with SOAR platforms, playbook development, or automation scripting
  • Knowledge of cloud infrastructure security (AWS, Azure, or GCP)
  • Familiarity with Threat Intelligence Platforms and IOC management workflows
  • Experience with next-generation SIEM, NDR, or ITSM/incident management platforms
  • Exposure to OT security monitoring or regulatory frameworks such as NIST CSF, ISO 27001, or GDPR
  • CrowdStrike certifications (e.g., CCFA, CCFR) or other vendor product certifications are a plus

Other Special Working Conditions

  • Able to perform 12-hour shift duties (2 days work with 2 off-days). Working hours: AM - 8:30am to 8:30pm PM - 8:30pm to 8:30am. Shift patterns and duration may vary from time to time

More Info

Job Type:
Permanent Job
Industry:
Other
Function:
Cybersecurity
Employment Type:
Full time

Job ID: 148656109

Jobs by Skill - IT
Jobs by Skill - Non IT
International Jobs
Jobs in Top Cities
Popular Jobs
Last Updated: 03-06-2026 05:04:31 PM
Homejobs in SingaporeSecurity Analyst L2