Talent.com
This job offer is not available in your country.
L2 SOC ANALYST LEAD

L2 SOC ANALYST LEAD

YY SMART TECH PTE. LTD.Singapore, Pedra Branca, Singapore
11 days ago
Job description

Job Overview

We are seeking an L2 SOC Analyst Lead with active threat hunting, incident response, and team leadership experience to manage a 5-8 member SOC team serving government and critical infrastructure sectors.

Operating in 24 / 7 shifts, you will perform advanced triage, conduct forensic investigations, front client engagements, and maintain active cyber community involvement for real-time threat intelligence.

This role requires SC clearance and deep expertise in GovTech IM8 / CSA requirements.

Duties and Responsibilities

Threat Operations Leadership :

  • Lead daily shift operations with accountability for incident SLA adherence (MTTR
  • Mentor L1 analysts in alert validation, triage techniques, and playbook execution.
  • Conduct purple team exercises quarterly to validate detection capabilities.

Advanced Security Operations :

  • Perform deep-dive investigations (memory / disk forensics, malware analysis) using tools :
  • EDR (CrowdStrike / SentinelOne)
  • SIEM (Splunk ES / QRadar with SOAR integration)
  • Network analysis (Wireshark, Corelight)
  • Lead proactive threat hunts using MITRE ATT&CK frameworks and threat intelligence.
  • Develop custom detection rules (YARA, Sigma) for APT groups targeting SEA.

    • Client & Governance :

  • Front incident response briefings for customers & stakeholders.
  • Present monthly SOC reports to clients (threat trends, gap analysis, KPIs).
  • Ensure compliance with IM8, NIST 800-53, and CSA Cybersecurity Act.

    • Threat Intelligence Integration

    Maintain participation in :

  • ASEAN CERT communities
  • Threat intel platforms (MISP, ThreatConnect)
  • Industry groups (ISC2 Singapore, ACSC Partnership Program)
  • Disseminate actionable IOCs to team during shifts.

    • Requirements

    Technical Competencies

    Must-Have Tools Expertise :

  • Incident Response - Velociraptor, Autopsy, SIFT Workstation
  • Threat Hunting - Atomic Red Team, Kestrel analytics, ELK stack
  • Forensics - Volatility, Rekall, FTK Imager
  • CTI Management - MISP taxonomies, STIX / TAXII feeds, OpenCTI

    • Certifications :

  • Required : CISSP, GCIH / GCFA, SC Security Clearance

    • Leadership & Experience :

  • 5+ years in SOC roles with 2+ years leading teams in 24 / 7 environments.
  • Proven track record.
  • Managed ≥200 critical incidents annually
  • Reduced false positives by ≥40% through detection engineering
  • Led threat hunts uncovering ≥3 advanced persistent threats
  • Government project experience (IM8, CSA Cyber Essentials, or equivalent).

    • Shift & Engagement Requirements

  • Willingness for 12-hour rotational shifts (including nights / weekends).
  • Monthly presentation of SOC reports to client CISOs.
  • Quarterly threat briefings at events (e.g., GovWare, Cyber Security ASEAN).

    • J-18808-Ljbffr

    Create a job alert for this search

    Soc Analyst • Singapore, Pedra Branca, Singapore