Cyber Security Engineer - SIEM

CYBER SECURITY ENGINEER - SIEM

Important Information

Location: Singapore

REQUIREMENT

• Strong hands-on SIEM implementation (Elastic / ELK Stack / Elastic Security preferred, Splunk / QRadar / Microsoft Sentinel acceptable) including architecture design, log onboarding, parsing, index management, correlation rule creation, dashboards, tuning, scaling, HA setup and production rollout.
• SIEM engineering beyond SOC monitoring, including detection rule development, custom queries (KQL / SPL / Elastic DSL), performance tuning and log pipeline optimization
• Log source integration across firewalls, endpoints, servers, Active Directory, cloud platforms and security tools
• Threat detection engineering aligned to frameworks (e.g., MITRE ATT&CK), false positive reduction and rule optimization
• Security solution rollout from POC to full deployment, including UAT execution and vendor coordination
• Managing security incidents including zero-day threats, log gaps and misconfigurations through engineering response, root cause analysis and rule refinement (not SOC escalation only)
• Cloud log integration (AWS / Azure) and ingestion into Elastic / SIEM platforms
• Strong networking fundamentals, Unix/Linux knowledge and scripting (regex, shell, PowerShell) for log troubleshooting and integration
• Elastic / SIEM-related certifications preferred
• Self-driven, able to work independently, strong stakeholder collaboration

About Encora

Encora is a global company that offers Software and Digital Engineering solutions. Our practices include Cloud Services, Product Engineering & Application Modernization, Data & Analytics, Digital Experience & Design Services, DevSecOps, Cybersecurity, Quality Engineering, AI & LLM Engineering, among others.

At Encora, we hire professionals based solely on their skills and do not discriminate based on age, disability, religion, gender, sexual orientation, socioeconomic status, or nationality

.