Cyber Security Engineer - SIEM
SingaporeFull-TimeMid-levelSoftware Engineering
REQUIREMENT
- Strong hands-on SIEM implementation (Elastic / ELK Stack / Elastic Security preferred, Splunk / QRadar / Microsoft Sentinel acceptable) including architecture design, log onboarding, parsing, index management, correlation rule creation, dashboards, tuning, scaling, HA setup and production rollout.
- SIEM engineering beyond SOC monitoring, including detection rule development, custom queries (KQL / SPL / Elastic DSL), performance tuning and log pipeline optimization
- Log source integration across firewalls, endpoints, servers, Active Directory, cloud platforms and security tools
- Threat detection engineering aligned to frameworks (e.g., MITRE ATT&CK), false positive reduction and rule optimization
- Security solution rollout from POC to full deployment, including UAT execution and vendor coordination
- Managing security incidents including zero-day threats, log gaps and misconfigurations through engineering response, root cause analysis and rule refinement (not SOC escalation only)
- Cloud log integration (AWS / Azure) and ingestion into Elastic / SIEM platforms
- Strong networking fundamentals, Unix/Linux knowledge and scripting (regex, shell, PowerShell) for log troubleshooting and integration
- Elastic / SIEM-related certifications preferred
- Self-driven, able to work independently, strong stakeholder collaboration
About Encora
- Encora is a global company that offers Software and Digital Engineering solutions. Our practices include Cloud Services, Product Engineering & Application Modernization, Data & Analytics, Digital Experience & Design Services, DevSecOps, Cybersecurity, Quality Engineering, AI & LLM Engineering, among others.
- At Encora, we hire professionals based solely on their skills and do not discriminate based on age, disability, religion, gender, sexual orientation, socioeconomic status, or nationality
- .
