Cyber Threat (CSOC) Engineer

BCS is NETS’ wholly owned subsidiary, and is an entity within the NETS Group. It manages and operates clearing and payment infrastructure for the Singapore Automated Clearing House, including Fast And Secure Transfers (FAST), Inter-bank GIRO (IBG), Cheque Truncation System (CTS), and provides services for PayNow and SGQR Central Repository.

Responsibilities:

• Operate and manage cyber defence tools to continuously monitor and analyse system activities, identifying potential threats, vulnerabilities, and malicious behaviour.
• Review and enhance routine monitoring use cases to ensure effectiveness, relevance, and adequate coverage.
• Develop and implement improvements, including scripting and SIEM/SOAR tuning, to strengthen and automate monitoring, triaging, and analysis processes.
• Identify security weaknesses across systems and applications, and collaborate with IT teams to prioritise remediation, track progress, and ensure timely patching and risk mitigation.
• Perform proactive threat hunting to detect indicators of compromise (IOCs), and identify threat actor tactics, techniques, and procedures (TTPs) within the environment.
• Support 24x7 security operations by handling Tier 2/3 incident escalations, including investigation, response, and reporting of security events.
• Assist in digital forensic investigations, including collection, preservation, and analysis of evidence.

Requirements:

Education and Experience

• Degree or Diploma in Computer Science, Computer Engineering, or Information Security related fields.
• At least 6 years of experience in a Security Operations Centre (SOC), CERT/CIRT, or a similar incident response environment.

Skills and Knowledge

• Strong hands-on experience with SIEM/SOAR platforms and security controls across host and network layers.
• Familiarity with MAS Technology Risk Management Guidelines (TRMG), Cyber Hygiene Notice, and Cybersecurity Code of Practice (CCoP).
• Strong ability to analyse and interpret network diagnostic outputs (e.g. ping, traceroute, nslookup).
• Good understanding of frameworks and standards such as OWASP Top 10, CVSS, MITRE ATT&CK, and Cyber Kill Chain.
• Solid working knowledge of operating systems (Microsoft Windows, UNIX, Linux).
• Understanding of network architectures and communication protocols (LAN, WAN, WLAN, WWAN).
• Proficient in incident response methodologies and best practices.
• Experience in scripting (e.g. Python, Bash, PowerShell) and cloud environments is an advantage.
• Strong analytical and problem-solving skills, with the ability to handle complex security investigations.
• Resilient and able to perform effectively in a fast-paced, high-pressure environment.
• Good communication and presentation skills, including the ability to present findings clearly to stakeholders and management.

Professional Certifications

• Relevant industry certifications (e.g. GSEC, GCIH, GCIA, GCTI, GCFA, GCFE, GNFA) are advantageous.

Banking Computer Services Pte Ltd (a subsidiary of Network for Electronic Transfers (Singapore) Pte Ltd)