Elastic Stack Specialist – SIEM Operations

Summary:

The ICT Security Engineer will join the APAC Production Security team in Singapore, responsible for enhancing the Bank's detection and reaction capabilities to cyber threats. This includes deploying, maintaining, and improving the SIEM infrastructure, working closely with the Production Infrastructure and Observability teams. The role offers opportunities to expand the scope of activities within the Production CSIRT/SIEM Engineering team.

Responsibilities:

• Install and administer servers for the SIEM infrastructure.
• Develop automation for tasks and self-service tools.
• Integrate new technology logs into the SIEM system.
• Support logs parsing using custom parsers/GROK development.
• Manage projects related to SIEM implementation and enhancement.
• Actively participate in the activities of the Production CSIRT/SIEM Engineering team.
• Contribute to the implementation of control plans, ensuring compliance with regulatory and internal guidelines.
• Report incidents according to the Incident Management System.

Requirements:

• Hands-on experience with Elastic Stack (Elasticsearch, Logstash, Kibana, Beats) including data ingestion, management, monitoring, and analytics (mandatory).
• In-depth knowledge of Kafka.
• Proficiency in Linux administration (RedHat/Ubuntu).
• Programming skills in Python or Bash are appreciated.
• Experience in production support engineering.
• Platform integration skills, including installation, configuration, and administration of pre-production and production platforms in virtual and physical environments, are a plus.
• Familiarity with automation tools (e.g., Ansible) and DevOps pipelines is advantageous.

Qualifications:

• A minimum of 7 years of overall experience, with at least 4-5 years of expertise in handling the ELK stack for large platforms or architectures.
• Strong problem-solving skills and a positive attitude.
• Ability to work autonomously and manage multiple tasks effectively.
• Strong interpersonal skills and a team player mindset.