Why choose Logicalis?
As Architects of Change, Logicalis' focus is to design, support and execute clients' digital transformation by uniting their vision with their technology expertise and industry insights.
The company, through its deep understanding of key IT industry drivers such as security, cloud, data management and IoT, can address customer priorities such as revenue growth, operational efficiency, innovation, risk and compliance, data governance, and sustainability.
We strengthen our purpose: to design, support, and execute our customers' digital transformation by converging their vision with our technological expertise and knowledge of the industry.
The brand refresh underpins both the evolution of Logicalis' positioning as well as our strategic vision for growth.
About the role
The role is part of our Global SOC team, tasked to deliver Managed Security Services (MSS) and help customers achieve their business goals & objectives by re-imagining cybersecurity as one of its business enablers.
The role reports to the SOC vertical based in Singapore.
It is a great opportunity to leverage your past experiences in building a world-class SOC and address cybersecurity challenges of organizations in the region.
The position provides exposure to a wide variety of security technologies and offers the candidate the chance to pioneer in developing SOC and build new MSS offerings.
Job Responsibilities:
Work in a 24x7 shift environment to handle security incidents and provide level two (L2) support during analysis & investigations to identify the root cause (RCA).
Provide detailed remediation recommendations to customers for the incidents within agreed SLAs, and assist them during remediation implementation if required.
Execute SOC playbooks, Standard Operating Procedures (SOP), and knowledge base to minimize the security incident impact and perform detailed investigations on the infected assets.
Escalate critical incidents to the 3rd level support team for further analysis & investigations, demonstrating excellent collaboration skills for timely resolution to minimize impact to customers.
Review 3rd party threat intel feeds and integrate them into MSS platforms to provide value to our MSS customers.
Prepare SOC monthly & QSPR reports, which include customization based on business requirements, and present them to customers during monthly meetings, highlighting risks and mitigation plans.
Coordinate and lead weekly incident review meetings with the customer to assess and discuss ongoing incidents, resolutions, and improvements.
Support the SOC Engineering team in ensuring the health and functionality of SOC tools to prevent incidents from being missed due to tool malfunctions.
Enable regional L1 Security Analysts to deliver seamless L1 support by developing SOC playbooks and a relevant knowledge base.
Minimum Requirements:
At least 4 years of experience working in SOC and MSS environments, with a bachelor's degree in computer science/IT/Information security.
Proven experience in incident analysis using SIEM platforms such as Microsoft Sentinel, Devo, Splunk, IBM QRadar.
Proven experience with any Endpoint Protection (EPP) or Endpoint Detection Response (EDR) technologies, preferably Microsoft Defender, S1, and CrowdStrike.
Exposure to firewall technologies such as Cisco, Palo Alto, Checkpoint, and Fortinet.
Good understanding of WIN, LINUX environments and well-versed with basic LINUX commands and troubleshooting, with proven Unix (Solaris, Linux, BSD) experience.
Knowledge of any shell scripting language, with the ability to apply them to automate mundane operations tasks.
At least one cybersecurity industry certification such as CompTia, CEH, or CHFI.
Ability to communicate verbally in Mandarin, Cantonese, and Bahasa Melayu.#J-18808-Ljbffr