Lead / Principal Technical Cyber Engineer (BH ID: 701427), Singapore

Join a dynamic team as a Security Operations Center (SOC) Tech Lead, where you'll spearhead the enhancement and optimization of security monitoring capabilities while mentoring analysts to foster a culture of continuous improvement.

• Lead the architecture and optimization of core SOC platforms, including SIEM, SOAR, and threat intelligence tools.
• Design and oversee data ingestion processes, ensuring log sources are parsed and enriched for analysis.
• Develop and maintain detection rules and threat scenarios against SIEM and EDR platforms.
• Define fidelity standards for alerts, tuning rules to reduce false positives while ensuring true positive detection.
• Drive the creation of SOAR playbooks for incident triage and escalation, establishing engineering standards for playbook functionality.
• Conduct post-incident reviews to identify gaps in detection and reinforce monitoring methods.
• Mentor analysts on detection engineering and advanced investigation techniques.
• Track key metrics, including detection coverage, alert conversion rates, and automation performance.

• Bachelor’s degree in Computer Science, Computer Engineering, Data Science, or a related technical field.
• Minimum of 5 years’ experience in cybersecurity, including at least 3 years in detection engineering or SOC roles.
• Proficiency in Microsoft Sentinel and experience with KQL; knowledge of SIGMA rules is a plus.
• Familiarity with security technologies like CrowdStrike Falcon, and experience integrating tools into existing IT infrastructures.
• Knowledge of cloud security services within Azure and AWS, with skills in onboarding cloud-native log sources.
• Experience developing automation scripts using Python and/or PowerShell.
• Strong analytical and problem‑solving skills with attention to accuracy in detection logic.
• Relevant certifications such as Microsoft Certified, GIAC Certified Detection Analyst, or any ISACA certification are preferred.