Security Analyst L2

Why choose Logicalis? As Architects of Change, Logicalis' focus is to design, support and execute clients' digital transformation by uniting their vision with their technology expertise and industry insights. The company, through its deep understanding of key IT industry drivers such as security, cloud, data management and IoT, can address customer priorities such as revenue growth and business, operational efficiency, innovation, risk and compliance, data governance and sustainability. We strengthen our purpose: to design, support, and execute our customers' digital transformation by converging their vision with our technological expertise and knowledge of the industry. The brand refresh underpins both the evolution of Logicalis’ positioning as well as our strategic vision for growth. The role is part of our Global SOC team, tasked to deliver Managed Security Services (MSS) and help customers achieve their business goals & objectives by re-imagining cybersecurity as one of its business enablers. The role reports to SOC vertical based in Singapore. It is a great opportunity to put your past experiences in building a world-class SOC and address cybersecurity challenges of organizations in the region. It provides exposure to a wide variety of security technologies, and provides opportunity for the candidate to pioneer in developing SOC and build new MSS offerings. Accountabilities:

1. Work in a 24x7 shift environment to handle security incidents and provide level two (L2) support during analysis & investigations to identify the root cause.
2. Provide detailed remediation recommendations to customers for the incidents within agreed SLAs, and if required assist them during remediation implementation.
3. Execute SOC playbooks and knowledge base to minimize the security incident impact and perform detailed investigation on the infected assets.
4. Escalate critical incidents to the 3rd level support team for further analysis & investigations, and demonstrate excellent collaboration skills for timely resolution to minimize impact to customers.
5. Review 3rd party threat intel feeds and integrate them into MSS platforms to provide value to our customers.
6. Prepare SOC monthly reports, which include customization based on business requirements, and present them to customers during monthly meetings, highlighting risks and mitigation plans.
7. Enable regional L1 Security Analysts to deliver seamless L1 support by developing SOC playbooks and relevant knowledge base.

1. Candidate should have at least 3 years of experience working in SOC and MSS environments, with a Bachelor’s degree in Computer Science/IT/Information Security.
2. Excellent hands-on experience on incident analysis using SIEM platforms such as Microsoft Sentinel and IBM QRadar.
3. Hands-on experience on any Endpoint Protection (EPP) or Endpoint Detection Response (EDR) technologies. Preferred if Microsoft Defender or CrowdStrike.
4. Exposure to firewall technologies such as Cisco, Palo Alto, Checkpoint, and Fortinet.
5. Good understanding of WIN and LINUX environments and well versed with basic LINUX commands and troubleshooting, with proven Unix (Solaris, Linux, BSD) experience.
6. Knowledge of any shell scripting language, and to apply them to automate mundane operational tasks.
7. Candidate should have at least one cybersecurity industry certification such as CEH or CHFI.
8. Good understanding of basic network concepts and advantage if exposure to cloud technologies.
9. Lateral thinking combined with excellent troubleshooting skills, preferably with experience following ITIL standards.