Skip to main content
Back to jobs

Senior SOC Engineer (GTS - Command Centre)

External
ocbc logoOcbc · Ocbc, Singapore
Full-timeOn-site1w ago
BashDocumentationIncident ResponseLinuxPowerShellPython
Cover LetterConnect

Prepare for this interview

Elite

AI-generated questions, company research, and talking points tailored to this role

About the role

As Singapore's longest established bank, we have been dedicated to enabling individuals and businesses to achieve their aspirations since 1932. How? By taking the time to truly understand people. From there, we provide support, services, solutions, and career paths that meet their individual needs and desires. Today, we're on a journey of transformation. Leveraging technology and creativity to become a future-ready learning organisation. But for all that change, our strategic ambition is consistently clear and bold, which is to be Asia's leading financial services partner for a sustainable future. We invite you to build the bank of the future. Innovate the way we deliver financial services. Work in friendly, supportive teams. Build lasting value in your community. Help people grow their assets, business, and investments. Take your learning as far as you can. Or simply enjoy a vibrant, future-ready career. Your Opportunity Starts Here.

Requirements

  • 5 or more years of experience in a SOC environment, security engineering, detection engineering, incident response or related cybersecurity field.
  • Strong hands-on experience with SOC tools such as SIEM, SOAR, EDR, XDR or UEBA.
  • Experience developing and maintaining SOAR playbooks or automation workflows.
  • Experience designing, developing, deploying and finetuning security monitoring use cases based on frameworks such as MITRE ATT&CK.
  • Experience developing threat detection content, SIEM correlation rules, EDR queries, dashboards and alert tuning recommendations.
  • Strong proficiency in SIEM, network traffic, host event and security event log analysis.
  • Good understanding of Windows, Linux, Active Directory, identity compromise, network protocols, cloud/SaaS logs, endpoint artefacts and common attacker techniques.
  • Experience working with threat intelligence, IOCs and TTPs to support detection and response capability development.
  • Experience with REST APIs, JSON, webhooks and other tool integration.
  • Proficiency in Python, PowerShell, Bash or similar scripting is preferred.
  • Ability to write clear technical documentation, workflow diagrams, implementation guides and analyst-facing procedures.
  • Ability to prioritise effectively, manage competing operational demands and make sound technical recommendations.
  • Familiarity with AI-assisted security operations,

Benefits

How you succeedWhat you doDevelop and maintain SOAR playbooks, automation workflows and AI-assisted SOC processes to support alert triage, enrichment, correlation, investigation and response.Design automated enrichment and correlation workflows to improve investigation context and reduce manual analysis.Review detection effectiveness, false positives, coverage gaps and recurring alert patterns, and recommend improvements to prevention, detection and response capabilities.Lead development, validation and finetuning of detection use cases, SOAR playbooks and AI-assisted SOC workflows.Manage integration of SOC tools and data sources to improve alert enrichment, event correlation, investigation context, automation reliability and reporting.Drive troubleshooting of detection issues, broken playbooks, failed automations, data quality issues and platform-related constraints affecting SOC operations.Optimise usage of SOC tools and evaluate new technologies where required.Build repeatable and efficient engineering processes to support monitoring, detection, analysis, escalation and remediation of potential cyber security incidents.Track and report effectiveness of SOC engineering enhancements such as playbook adoption, automation rate and analyst effort reduction.Provide technical guidance to SOC analysts on effective use of SOC tools, detection logic, SOAR playbooks and AI-assisted investigation workflows.Identify opportunities where automation, AI-assisted triage or agentic workflows can safely reduce manual effort, improve investigation consistency and accelerate response.Identify opportunities for SOC improvements, including metrics definition, playbook enhancements, detection optimisation, workflow automation and analyst capability uplift.Prioritise tasks appropriately and formulate clear responses or recommendations to stakeholders in a fast-paced environment.

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at ocbc? Share your experience

Interested in this role?

Apply on the company's website.

Cover LetterConnect