Responsibilities: -

• 24 x 7 triage, short-turn analysis of real-time security alerts & generate tickets, or escalation to L2 Security Analysts that are not in the Automation Runbook.
• 24 x 7 escalation to resolver upon receiving automated generated incident tickets on the health of SOCaS infrastructure, IT/OT managed security devices, or from the website defacement restorer activation alert.
• 24 x 7 manage problems till closure which include:
• Ensure that Service Level Agreements are met.
• Liaising with customers with regards to information security incidents
• Provision and performance of remedial actions to enhance customers' network security posture

Requirements:

• Fresh graduate/1 year working experience in IT Infrastructure Operation and/or Support.
• Willing to work with 24/7 shift pattern that includes weekend work.
• Sound fundamental knowledge on Internet technologies, such as TCP/IP, HTTP, SSL, DNS, OWASP Top10 and web servers (e.g. Apache, IIS, Nginx, etc.).
• Understanding of firewalls, endpoint detection and response (EDR), IDS/IPS, WAF, etc.

Desired Qualifications:

• Bachelor’s degree / Polytechnic Diploma in Computer Science, Information Technology or Information System.
• Experience in scripting (e.g. shell scripting, Macro, PHP, Perl, Java, etc.) and/or Regular Expression.
• Experience with TCP/IP packet analysis / network debugging with tcp dump or similar.
• Experience with web security concepts and technologies such as web application firewall, proxy.
• Experience general security technologies, processes, and concepts.
• Industry recognized security certifications (GCIA/GCIH, CISSP, CISA, CEH, etc.).
• Experience writing/decoding exploit, vulnerability, and attack detection signatures.
• Experience working with a SOC team is an advantage.

As a Security Analyst, you will play a crucial role in our mission to secure our clients' digital environments. Your responsibilities will include:

1. SIEM Expertise: Extensive experience with Security Information and Event Management (SIEM) tools, with a particular focus on Elastic Stack and Wazuh. You will be responsible for configuring, managing, and optimising these SIEM solutions to detect and respond to security incidents effectively.

2. System Administration: Serve as a system administrator to install, configure, maintain and secure various operating systems, including Windows, MacOS, and Linux. You would also be managing servers, setting up of accounts, permissions and ensuring system health and security. Experience with virtualization technologies (e.g., VMware, Hyper-V) to manage virtual machines efficiently will be necessary. Your expertise will be vital in ensuring the stability and security of our clients' infrastructure.

3. Scripting and Programming: Proficiency in scripting and programming languages such as BASH, PoweShell, Python, and C++ is essential. You will use these skills to automate tasks, create custom security tools, and analyse and develop solutions for complex security challenges.

4. Systems Architecture and Networking: Possess a strong background in systems architecture and networking to design and implement secure network infrastructures. This includes configuring firewalls, VPNs, and intrusion detection/prevention systems (IDS/IPS). You would also need to understand network protocols, IP addressing, subnetting, routing, and the ability to configure and troubleshoot network devices.

5. Security Incident Response: Be prepared to investigate and respond to security incidents, conduct forensic analysis, and develop incident response plans to mitigate future threats.

Qualifications:

To be successful in this role, the ideal candidate should have the following qualifications:

- Bachelor's degree / Masters in Computer Science, Information Technology, or a related field. Relevant certifications (e.g., CISSP, CEH, CompTIA Security+) are a plus.

- Proven experience (2 years) working with SIEM tools, like Splunk, Elastic Stack and Wazuh are a plus.

- Proficiency in system administration for various operating systems, including Windows, MacOS, and Linux.

- Strong coding skills in BASH, PowerShell Python, and C++, with the ability to develop and modify scripts and tools for security-related tasks.

- In-depth knowledge of systems architecture and networking, including firewalls, routers, switches, and VPNs.

- Excellent problem-solving and critical-thinking skills, with the ability to analyse complex security issues and develop effective solutions.

- Strong communication skills and the ability to work collaboratively within a team and communicate complex technical concepts to non-technical stakeholders.

- A passion for staying updated with the latest cybersecurity trends, threats, and best practices.

About the Role

As a Junior SIEM Engineer, you will play a crucial role in the development and tuning of our SIEM-based product. You will work closely with our team of experienced engineers, cybersecurity experts, and data scientists to enhance the efficiency, accuracy, and reliability of our security monitoring and threat detection capabilities. This is an excellent opportunity to gain hands-on experience in the cybersecurity, artificial intelligence & machine learning industry, and contribute to the protection of our clients' digital assets.

You will have the opportunity to influence customers to re-engage the company for additional projects or change requests and will be financially compensated for such.

Role and Responsibilities

The candidate is expected to perform the following duties:

• Assist in the design, development, deployment and implementation of SIEM-based features and functionalities for our security platform solution.
• Collaborate with senior engineers, data scientists and Universities partners to configure and optimise SIEM rules, alerts, and correlation rules to improve threat detection accuracy.
• Participate in the analysis and investigation of security events, providing timely incident response and remediation support.
• Support the research and development of new defensive techniques against the latest cybersecurity attacks.
• Contribute to the development and maintenance of SIEM documentation, including standard operating procedures and best practices.
• Monitor and analyse security logs, network traffic, and system events to identify potential security breaches or vulnerabilities.
• Stay updated with the latest trends and technologies in cybersecurity, AI, and ML to propose innovative solutions for continuous product improvement.

Experience and Personality Ideals

• 3+ years of experience in IT project management experience.
• Familiar with Office productivity tools for Scope of Work document writing, tender submissions and customer presentations.
• Have a passion for customers to be successful.
• Excellent customer problem management and problem-solving skills.
• Strong communication skills and the ability to establish and maintain strong customer relationships through effective interpersonal skills.
• Results oriented, great in collaboration and a self-starter who is highly motivated to support others to succeed
• Good objection handling and negotiating ability.
• Able to multi-task and manage multiple streams of work and opportunities simultaneously.
• Resourceful and able to manage own workload with minimal supervision.

Qualifications and Education Requirements

• Diploma / degree in Cyber Security, Computer Science, Information Security, or a related field from a recognized institution.
• Strong interest and knowledge in cybersecurity principles, methodologies, and technologies.
• Familiarity with SIEM concepts and tools (e.g., Splunk, Elastic Stack (Elastic / Elasticsearch / ELK), QRadar, Wazuh) is a bonus.
• Knowledge of vulnerability assessment and penetration testing, with certifications is a bonus.
• Basic understanding of networking protocols, systems administration, and cloud computing (e.g., AWS, Azure, GCP).
• Proficiency in one or more programming languages, such as Python, Java, or C++.
• Excellent analytical and problem-solving skills, with the ability to analyse and interpret security-related data.
• Good communication and collaboration skills to work effectively within a team environment.
• Eagerness to learn and adapt to new technologies and industry trends.
• Fresh graduates are welcomed to apply

Benefits

• Competitive salary and benefits package.
• Opportunity to work in a dynamic and fast-growing cybersecurity firm.
• Exposure to cutting-edge technologies, AI, and ML in the field of cybersecurity.
• Ongoing training and professional development opportunities.
• Collaborative and inclusive work environment.
• Chance to make a significant impact on the security posture of SMEs.

Company background:

Focus Computer Pte Ltd has been operating since 1989, and is an established leader in the IT hardware and software fulfilment space in Singapore. We have provided a stable environment for our employees since our inception and we believe in taking care of our employees through thick and thin. We have established Focus Digitech Pte Ltd in order to meet the growing demands for digital transformation by our customers. Your entry point into the company does not limit the potential you have to rise within the company to other roles as your aspirations and attitudes may propel you towards. We believe that paper qualifications can only tell us so much, and we believe in hiring people with the right skills and not just certifications (although we will accord due credit if you have them). So, come on and discover your full potential with us as we take Focus Digitech to the next level of leadership in digital technologies!

About the Role

As a Junior SIEM Engineer, you will play a crucial role in the development and tuning of our SIEM-based product. You will work closely with our team of experienced engineers, cybersecurity experts, and data scientists to enhance the efficiency, accuracy, and reliability of our security monitoring and threat detection capabilities. This is an excellent opportunity to gain hands-on experience in the cybersecurity, artificial intelligence & machine learning industry, and contribute to the protection of our clients' digital assets.

You will have the opportunity to influence customers to re-engage the company for additional projects or change requests and will be financially compensated for such.

Role and Responsibilities

The candidate is expected to perform the following duties:

· Assist in the design, development, deployment and implementation of SIEM-based features and functionalities for our security platform solution.

· Collaborate with senior engineers, data scientists and Universities partners to configure and optimise SIEM rules, alerts, and correlation rules to improve threat detection accuracy.

· Participate in the analysis and investigation of security events, providing timely incident response and remediation support.

· Support the research and development of new defensive techniques against the latest cybersecurity attacks.

· Contribute to the development and maintenance of SIEM documentation, including standard operating procedures and best practices.

· Monitor and analyse security logs, network traffic, and system events to identify potential security breaches or vulnerabilities.

· Stay updated with the latest trends and technologies in cybersecurity, AI, and ML to propose innovative solutions for continuous product improvement.

Experience and Personality Ideals

· 3+ years of experience in IT project management experience.

· Familiar with Office productivity tools for Scope of Work document writing, tender submissions and customer presentations.

· Have a passion for customers to be successful.

· Excellent customer problem management and problem-solving skills.

· Strong communication skills and the ability to establish and maintain strong customer relationships through effective interpersonal skills.

· Results oriented, great in collaboration and a self-starter who is highly motivated to support others to succeed

· Good objection handling and negotiating ability.

· Able to multi-task and manage multiple streams of work and opportunities simultaneously.

· Resourceful and able to manage own workload with minimal supervision.

Qualifications and Education Requirements

· Diploma / degree in Cyber Security, Computer Science, Information Security, or a related field from a recognized institution.

· Strong interest and knowledge in cybersecurity principles, methodologies, and technologies.

· Familiarity with SIEM concepts and tools (e.g., Splunk, Elastic Stack (Elastic / Elasticsearch / ELK), QRadar, Wazuh) is a bonus.

· Knowledge of vulnerability assessment and penetration testing, with certifications is a bonus.

· Basic understanding of networking protocols, systems administration, and cloud computing (e.g., AWS, Azure, GCP).

· Proficiency in one or more programming languages, such as Python, Java, or C++.

· Excellent analytical and problem-solving skills, with the ability to analyse and interpret security-related data.

· Good communication and collaboration skills to work effectively within a team environment.

· Eagerness to learn and adapt to new technologies and industry trends.

· Fresh graduates are welcomed to apply

Benefits

· Competitive salary and benefits package.

· Opportunity to work in a dynamic and fast-growing cybersecurity firm.

· Exposure to cutting-edge technologies, AI, and ML in the field of cybersecurity.

· Ongoing training and professional development opportunities.

Collaborative and inclusive work environment.

· Chance to make a significant impact on the security posture of SMEs.

Key Responsibilities:

• Operations Management:

1. Develop and implement operational policies and procedures to optimize efficiency and productivity.
2. Lead and supervise a team of department managers, ensuring effective communication and collaboration across departments.
3. Identify areas for improvement in operations and develop strategies to address them.
4. Monitor and manage budgets and expenses to ensure cost-effectiveness.
5. Establish and maintain relationships with key stakeholders, suppliers, and partners.

• Security Management:

1. Develop, implement, and manage the organization's security policies and procedures.
2. Oversee the security team, including hiring, training, and scheduling.
3. Conduct security risk assessments and develop strategies to mitigate risks.
4. Monitor and respond to security incidents, including incidents involving physical security and information security.
5. Ensure compliance with security regulations and standards.

• Audit Management:

1. Plan and execute internal audits to assess compliance with policies, procedures, and regulations.
2. Develop and maintain an audit schedule and ensure audits are conducted in a timely manner.
3. Prepare audit reports detailing findings, recommendations, and action plans.
4. Collaborate with department heads to address audit findings and implement corrective actions.
5. Stay updated on industry best practices and regulations related to auditing.

• Compliance and Reporting

1. Ensure the organization complies with relevant laws, regulations, and industry standards.
2. Prepare regular reports on operational performance, security incidents, and audit findings for senior management and stakeholders.
3. Provide recommendations for improving compliance and efficiency.

• Team Leadership:

1. Motivate, mentor, and develop a high-performing team.
2. Set clear performance expectations and provide regular feedback and performance evaluations.
3. Foster a culture of continuous improvement and accountability.

Qualifications:

• Bachelor's degree in business administration, security management, audit, or a related field; a master's degree is preferred.
• Proven experience in operations management, security, and audit roles, with at least 10 years in a leadership capacity.
• Strong knowledge of security protocols, audit methodologies, and operational best practices.
• Excellent leadership, communication, and interpersonal skills.
• Analytical and problem-solving abilities.
• Familiarity with relevant laws, regulations, and standards.
• Certification in security management or auditing (e.g., CPP, CISA, CISSP) is a plus.
• Ability to adapt to changing circumstances and work well under pressure.
• Exceptional organizational and time management skills.