全职 Cybersecurity Operation Engineer 工作, 薪水 up to SGD 3,500, OPENSOURCE TECHNOLOGIES PTE. LTD. Islandwide (Singapore) 公司招聘中 - Ricebowl

Role Overview

The Security Operation Engineer will move beyond passive monitoring to actively manage, maintain, and remediate security events within a dynamic project environment. Unlike a traditional Level 1.5 SOC monitoring role focused solely on escalation, this position requires hands-on engineering, active remediation, vulnerability handling, and security tool management in a cloud environment.

Key Responsibilities & Workflow

Active Tool & Cloud Management: Manage and configure security infrastructure tools, endpoint protection, and Privileged Access Management (PAM) tools within a cloud environment.

Incident Remediation: Take ownership of security alerts and perform active, hands-on remediation tasks (rather than just routing notifications to external desktop or system engineers).

Vulnerability & Audit Management: Execute daily vulnerability assessments, run security scans, handle vulnerabilities, and collaborate/coordinate with third parties to conduct security scans and audits.

Log Analysis & Infrastructure Monitoring: Utilize SIEM and log analysis platforms (such as RSA NetWitness, Splunk, or Elastic Search) to filter, analyze, and investigate security event data across network devices, firewalls, routers, and operating systems.

Technical Qualifications & Competencies

Security Tooling: Proven experience with SIEM platforms (RSA NetWitness, Splunk architecture/forwarders, Elastic Search), PAM tools (e.g., CyberArk), and Endpoint/Malware protection suites (e.g., Trend Micro).

Operating Systems & Scripting: * Linux: Solid understanding of Linux environments, including basic bash scripting for file filtering and security frameworks (e.g., Metasploit).

Windows: Advanced Windows administration capabilities, including system configuration, security commands, and directory security.

Investigation Depth: Ability to perform deep, independent investigations of complex scenarios (e.g., intranet/air-gapped environment brute-force attempts) rather than relying strictly on Level 2 escalation.