Senior Detection & Response Engineer (APAC)

Sopra Steria is a listed European technology leader specializing in Consulting, Digital Services, and Software. With over 51,000 employees worldwide across Europe, North America and Asia, the Group supports organizations in driving their digital transformation and delivering sustainable business value.

In Asia Pacific, Singapore serves as the regional headquarter for Sopra Steria’s Infrastructure, Cloud and Cybersecurity services.

• Lead technical activities (security usecase definition, design, implementation & enrichment) in the team of IT Production Security Investigation & Incident Response based on real-world attack scenarios and framework like MITRE ATT&CK, ensuring robust security detection posture across various layers.
• Understand ongoing security threats in the wild and propose security usecase to detect and when possible, protect or mitigate.
• Be autonomous on technical activities (definition, R&D/threat hunting) in the team of IT Production Security Investigation & Incident Response and oversee the detection capabilities of the 24/7 regional IT Production SOC
• Respond to Cyber / IT security incidents and evaluates the type and severity of security events.
• Identify recurring security issues and risks and develops mitigation plans and recommends process improvements.
• Partner with global, regional and local stakeholders to ensure organizational and procedural efficiency and readiness for detection of suspicious events and reaction
• Continuously improve the processes to strengthen the current SOC framework via review of policies and operational playbooks

Contributing Responsibilities:

• Partner with the APAC Business CSIRT for integrated security monitoring and alert/incident handling operations.
• Contribute to local security incident response outside the direct scope of responsibilities (i.e.,local IT production in some APAC business entities)
• Contribute to the Bank compliance with regulatory requirements and internal policies
• Contribute to the reporting of all incidents according to the Incident Management System
• Contribute to the control frameworks in day‐to‐day business activities, such as Control Plan;
• Participate to Audit interview and provide the require evidence

Technical Requirements:

• Requires a minimum of 7 or more years of experience as security professional
• Experience in security usecase design/development with understanding of Java language.
• Good working knowledge of Linux (RedHat/Ubuntu).
• Working knowledge to interpret security logs or instructions into threat models. SecOPS-DevOPS mindset & skills.
• Experience and knowledge in investigating incidents, remediation, tracking and follow-up for incident closure with concerned teams, stakeholders.
• Thorough understanding of technologies and security concepts, with knowledge & hands on experience in SIEM Product and Security Incident Management
• Experience on incident response activities (threat hunting, event analysis, incident investigation, reporting)
• Comfortable working with and making the most of large data sets (collection, analysis, response), creating content/use cases/models and bringing an automation mindset.

Personal Attributes

• Strong problem-solving skills
• Good communication skills (English is MUST, French is added advantage)
• Positive attitude, willing to upskill and carry out in-depth troubleshooting
• Has the ability to work autonomously and think on feet, be-proactive.
• Good interpersonal skills and team player
• High energy level coupled with a desire to take on responsibility
• Able to multi-task & deliver within agreed deadlines.

Qualifications:

• Candidate MUST have 7 or more years of experience on overall cybersecurity incident response with 4+ years specifically on security usecase design, development, coding.
• Experience in SIEM on ELK(Elastic Logstash Kibana) stack is a plus
• Professional credentials in one of the relevant IT Security disciplines is a plus (SANS / CISSP / OSCP)
• Experience in common scripting languages such as Python, PowerShell, Bash, SQL is a plus

•Work-life balance: Hybrid working mode and Work-from-Abroad benefits, 18 days of Annual leave
•Health & insurance: Comprehensive coverage including General Practitioner, hospitalization, dental, and optical
•Performance incentives: Annual bonus based on individual performance
•Learning & development: Training programs, certification opportunities, and training incentives to support career growth
•Team culture: Regular team-building activities and social events