Search by job, company or skills

C

Technical Cyber Engineer

cornerstone global partners pte. ltd.
Anson, Singapore
5-7 Years
SGD 6,000 - 10,000 per month
Save
new job description bg glownew job description bg glownew job description bg svg
  • Posted 8 hours ago
  • Be among the first 10 applicants
Early Applicant

Job Description

Lead / Principal Technical Cyber Engineer (SOC Tech Lead)

Overview

The SOC Tech Lead is the technical authority for security monitoring and detection platforms within the Cybersecurity Operations Centre. This role drives architecture, engineering quality, and continuous improvement of detection capabilities, tooling, and automation.

You will bridge detection engineering with operational execution, ensuring analysts are equipped with high-fidelity signals and efficient, scalable tooling.

Key Responsibilities

Detection Engineering & Use Case Development

  • Own the design, development, and quality assurance of detection rules and correlation logic across SIEM and EDR platforms
  • Develop and review detection rules using KQL, SIGMA, and platform-native query languages
  • Translate threat intelligence and attack frameworks into actionable detection use cases
  • Optimise alert fidelity to minimise false positives while maintaining strong detection coverage
  • Maintain a detection coverage matrix and prioritise gaps

Platform Architecture & Integration

  • Lead architecture and optimisation of SOC platforms (SIEM, SOAR, EDR, threat intelligence tools)
  • Design and maintain data ingestion pipelines, ensuring proper parsing, normalisation, and enrichment
  • Manage integrations across security tools and broader IT infrastructure
  • Evaluate and onboard new technologies through proof-of-concepts and technical assessments
  • Define data retention and storage strategies aligned with compliance needs

SOAR & Automation Engineering

  • Design and maintain automation playbooks for triage, enrichment, and incident response
  • Establish engineering standards for automation logic and auditability
  • Identify automation opportunities to improve efficiency and reduce response times
  • Integrate workflows with ticketing, communication tools, and external intelligence sources

Technical Standards & Governance

  • Define and enforce standards for detection engineering, automation, and platform configuration
  • Conduct regular health checks on detection rules and platform performance
  • Maintain a technology risk register, including technical debt and system vulnerabilities
  • Ensure proper version control, documentation, and change management

Analyst Enablement & Leadership

  • Mentor analysts in detection engineering, threat hunting, and investigation techniques
  • Support onboarding and training on SOC tools and workflows
  • Collaborate with cross-functional teams on planning and improvements
  • Ensure tooling and dashboards are aligned with analyst workflows
  • Represent the SOC in technical discussions and vendor engagements

Threat Hunting & Continuous Improvement

  • Lead proactive threat hunting using intelligence-led approaches
  • Convert findings into production-ready detection rules
  • Track key metrics such as detection coverage, automation rate, MTTD, and MTTR
  • Conduct post-incident reviews to strengthen detection capabilities

Requirements

  • Degree in Computer Science, Engineering, Data Science, or related field
  • Hands-on experience with SIEM platforms (e.g., Microsoft Sentinel)
  • Proficiency in KQL exposure to SIGMA is advantageous
  • Experience with EDR platforms (e.g., CrowdStrike or equivalent)
  • Experience building SOAR playbooks and automation workflows
  • Understanding of network security controls (firewalls, WAF, DNS, proxies)
  • Knowledge of cloud security monitoring (Azure, AWS)
  • Scripting skills (Python and/or PowerShell) for automation and integrations
  • Familiarity with threat intelligence platforms and ATT&CK framework mapping
  • Experience with CI/CD or detection-as-code practices is a plus
  • At least 5 years in cybersecurity, with 3+ years in SOC engineering or detection-focused roles
  • Relevant certifications (e.g., security operations, cloud security, or GIAC equivalents) preferred

Key Competencies

  • Strong communication and stakeholder engagement skills
  • Structured, detail-oriented problem solver
  • Ability to balance operational demands with long-term engineering improvements
  • Comfortable working under pressure in high-severity incident environments


If you believe you fit the requirements for the role,please submit yourapplication below or drop us an email directly quoting thejob title.

Due to an anticipated high volume of applicants, we regret that onlyshortlisted candidates will be notified. The information provided is forrecruitment purposes only.

Know someone who would be a great fit for this role Refer them to us and get rewarded.

Cornerstone Global Partners (EA License Number:19C9859) is an affirmative equal-opportunity employer and recruitment firm. Weevaluate qualified applicants without regard to race, colour, religion, creed,gender, sexual orientation, gender identity, marital status, national origin,age, veteran status, disability, or any other protected class.

Eugene Then
[Confidential Information]

EA Registration Number: R22104742.

Cornerstone Global Partners Pte Ltd (EA License:19C9859)

More Info

Job Type:
Permanent Job
Industry:
Other
Function:
Cybersecurity
Employment Type:
Full time

Job ID: 146958917

Jobs by Skill - IT
Jobs by Skill - Non IT
International Jobs
Last Updated: 05-05-2026 06:09:12 PM
Homejobs in AnsonTechnical Cyber Engineer

Similar Jobs

Cybersecurity Engineer, Threat Management

intellipro singapore pte. ltd.
I

SOC Product Lead

cornerstone global partners pte. ltd.
C

Risk Analyst Lead (REIT, Financial Risk)

Triton AI Pte Ltd

Full Stack Engineer / Specialist (Golang, .NET/.NET Core, Python / Tampines) )

trust recruit pte. ltd.
T

SOC Analyst

flintex consulting pte. ltd.
F