Search by job, company or skills

L

Sr Operation Mgmt Specialist

Lenovo India Private Limited
Singapore
2-4 Years
new job description bg glownew job description bg glownew job description bg svg
  • Posted 3 hours ago
  • Be among the first 10 applicants
Early Applicant

Job Description

Description and Requirements

Key Responsibilities

1. Alert Triage & Continuous Monitoring

  • Real-Time Surveillance: Maintain high vigilance monitoring of the Microsoft Sentinel Incident queue to identify anomalies and potential security breaches.
  • Noise Reduction: Distinguish between benign environmental behaviour and malicious activity to reduce alert fatigue within the SOC.
  • Severity Assessment: Categorize and prioritize incidents based on business impact, asset criticality, and the MITRE ATT&CK framework.

2. Initial Investigation & Hunting

  • KQL Proficiency: Utilize Kusto Query Language (KQL) to perform deep-dive log analysis across Security Event, Sign in Logs, and Office Activity tables.
  • Root Cause Analysis: Conduct forensic to reconstruct timelines to validate the legitimacy of alerts.
  • Evidence Gathering: Correlate data across the Microsoft 365 Defender stack (Endpoint, Identity, Cloud Apps) to build a comprehensive picture of the threat actor's movements.

3. Playbook Execution & Containment

  • Automated Response: Execute Azure Logic App Playbooks to perform rapid containment actions, such as revoking AAD sessions or isolating compromised hosts.
  • Standard Operating Procedures (SOPs): Establish SOP to ensure a consistent and compliant response to known threat vectors.
  • Manual Remediation: Perform manual intervention when automated flows are inapplicable, ensuring the Time to Remediate (TTR) is minimized.

4. Incident Documentation & Reporting

  • Audit Trail Management: Maintain meticulous, chronological records of all investigative steps and findings within the ITSM ticketing system (e.g., ServiceNow).
  • Technical Summaries: Draft clear, concise post-incident summaries detailing the scope of the impact and the steps taken for resolution.
  • Knowledge Base Contribution: Update internal wikis or Runbooks with new findings to improve the team's collective response capability.

5. Advanced Escalation & Collaboration

  • Structured Handoffs: Identify complex or high severity true positives and escalate using the SAR (Situation, Assessment, Recommendation) communication model.
  • Collaborative Hunting: Assist senior analysts and security lead in threat hunting exercises by providing localized data and initial telemetry gathered during triage.

6. Health Checks & Platform Maintenance

  • Data Integrity Monitoring: Perform daily checks on Sentinel Data Connectors to ensure continuous log ingestion from Firewalls, Azure Activity, and O365.
  • Agent Health: Monitor the status of the Azure Monitor Agent (AMA) and Log Analytics workspace to identify and troubleshoot data gaps or silent connectors.
  • Workspace Optimization: Monitor ingestion volumes and alert the engineering team of unexpected spikes that may indicate misconfigured assets.

7. Core Technical Skills

  • SIEM Expertise: Minimum of 2-3 years of hands-on experience with Microsoft Sentinel, including workspace configuration, data connector management, and incident investigation.
  • KQL Proficiency: Advanced ability to write and optimize Kusto Query Language (KQL) for hunting, detection rules, and workbook visualization.
  • Microsoft 365 Defender Stack: Strong operational knowledge of the broader Defender suite (Defender for Endpoint, Identity, Office 365, and Cloud Apps).
  • Cloud Infrastructure: Familiarity with Azure Resources, including Virtual Machines, Storage Accounts, and Log Analytics Workspaces.
  • Automation: Experience triggering and troubleshooting Azure Logic Apps (Playbooks) for automated incident response.

8. Professional Experience

  • Onboarding & Engineering: Proven track record of onboarding diverse assets to Sentinel (Syslog, CEF, Azure Activity, and Third-party APIs).
  • Detection Engineering: Experience creating and tuning Analytics Rules to reduce false positives while maintaining high detection coverage.
  • Network Security: Understanding of TCP/IP, DNS, and HTTP/S, with the ability to interpret logs from Firewalls, Proxies, and WAFs.

9. Required Qualifications

  • Bachelor's degree in computer science, Information Technology, Cybersecurity, or a related discipline.
  • Professional certifications such as ECIH, GCIH, CISSP or CISM are preferred.
  • Microsoft certifications such as SC-200: Microsoft Security Operations Analyst Associate, AZ-500: Microsoft Azure Security Technologies, SC-300: Microsoft Identity and Access Administrator Associate would be advantageous.
#LPS

More Info

Job Type:
Permanent Job
Industry:
IT/Computers - Hardware & Networking
Function:
Cybersecurity
Employment Type:
Full time

About Company

Lenovo India Private Limited

Why Work at Lenovo We are Lenovo. We do what we say. We own what we do. We WOW our customers. Lenovo is a US$69 billion revenue global technology powerhouse, ranked #196 in the Fortune Global 500, and serving millions of customers every day in 180 markets. Focused on a bold vision to deliver Smarter Technology for All, Lenovo has built on its success as the world's largest PC company with a full-stack portfolio of AI-enabled, AI-ready, and AI-optimized devices (PCs, workstations, smartphones, tablets), infrastructure (server, storage, edge, high performance computing and software defined infrastructure), software, solutions, and services. Lenovo's continued investment in world-changing innovation is building a more equitable, trustworthy, and smarter future for everyone, everywhere. Lenovo is listed on the Hong Kong stock exchange under Lenovo Group Limited (HKSE: 992) (ADR: LNVGY). This transformation together with Lenovo's world-changing innovation is building a more inclusive, trustworthy, and smarter future for everyone, everywhere. To find out more visit www.lenovo.com , and read about the latest news via our StoryHub .

Job ID: 145622127

Jobs by Skill - IT
Jobs by Skill - Non IT
International Jobs
Last Updated: 11-04-2026 09:37:42 PM
Homejobs in SingaporeSr Operation Mgmt Specialist

Similar Jobs

Software System Engineer

eTeam Inc

IT Manager (Security)

paradigm recruitment pte. ltd.
P

SENIOR DATA SCIENTIST, SMAI OI

micron semiconductor asia operations pte. ltd.

Test Engineer

itcan pte. limited
I

Manager (Systems and Analytics) (3-year contract), PGPP

Singapore Management University