Security Detection & SIEM Engineer

We are seeking a Security Detection & SIEM Engineer to support the organization’s security monitoring and log management environment. The role focuses on SIEM administration, security event analysis, detection tuning, and monitoring platform operations.The candidate should possess hands-on experience in security monitoring, log analysis, and SIEM platform management, together with strong troubleshooting and analytical skills.

• Lead SIEM configuration, rule tuning, and onboarding of logs from servers, applications, and network infrastructure.
• Perform daily security alert monitoring and analysis, including alert triage, classification, investigation, escalation, and case closure.
• Prepare weekly security monitoring and alert trend reports, including event summaries, detection metrics, and operational observations.
• Deploy and manage log collection agents across Linux, Windows, and network infrastructure, ensuring stable log coverage and platform reliability.
• Maintain and enhance AI-assisted detection and behavioral analysis workflows, including alert flow stability and detection optimization.
• Define and refine detection logic, including rules, correlation patterns, and behavioral indicators.• Support integration of OS and application logs for monitoring, correlation, and activity analysis.
• Manage dashboards, alert metrics, and reporting to provide visibility into security posture and monitoring operations.
• Support incident investigation and coordinate with infrastructure and application teams where required.
• Ensure platform health, log retention, monitoring coverage, and overall reliability of the SIEM environment.

• Bachelor’s Degree in Information Security, Cybersecurity, Computer Science, or related field.
• Minimum 5 years of experience in SIEM administration, security monitoring, or detection engineering.
• Hands-on experience with SIEM, log management, or security monitoring platforms.
• Strong knowledge of Linux and Windows systems administration and security log analysis.
• Experience with Python, Shell scripting, or automation tools for log processing and workflow optimization.
• Familiarity with security event correlation, behavioural analysis, and detection engineering concepts.
• Exposure to API integration, middleware, or AI-assisted analysis solutions is an advantage.
• Strong analytical, troubleshooting, and problem-solving skills with attention to detail.
• Ability to communicate effectively in English; Mandarin proficiency is an advantage for collaboration with regional stakeholders.