Opening for L2 SOC Analyst by United Overseas Bank Ltd (UOB)
BrightMinds - UOB BrightMinds - UOB


Grow With UOB

At UOB, we believe people are our greatest asset. This is why your talent and contributions will never go unrecognised. Besides a competitive remuneration which includes an attractive employee care programme comprising comprehensive staff rewards programmes, such as medical care, insurance cover, and a wide array of financial and banking incentives, our employees can also look forward to relaxing holiday facilities in Singapore and abroad.

  • We seek the best
  • We place high calibre people in value-creating roles
  • We build a strong talent bench
  • We provide challenging and rewarding opportunities
  • We create a nurturing environment

Career Progression

BrightMinds - UOB Career Progression

Warning: fmod() expects parameter 1 to be double, string given in /var/www/sites/polyportal/inc/FactoryJobBM.php on line 1516 Warning: number_format() expects parameter 1 to be double, string given in /var/www/sites/polyportal/inc/FactoryJobBM.php on line 1520 Warning: fmod() expects parameter 1 to be double, string given in /var/www/sites/polyportal/inc/FactoryJobBM.php on line 1523 Warning: number_format() expects parameter 1 to be double, string given in /var/www/sites/polyportal/inc/FactoryJobBM.php on line 1526

L2 SOC Analyst

Location: Singapore
Functional area: Group Credit (Retail)
Employment type: Full-time
Job Type: Permanent

The Security Operation Center (SOC) is seeking a L2 SOC analyst. The successful candidate will have experience in incident triage, security threat monitoring, security compliance monitoring and familiar with SOC processes and environment. The analyst will work as the shift lead in a 24x7x365 shift environment and will respond to security incidents in a SLA driven SOC.

  • The analyst will be responsible for performing daily operational real-time monitoring and analysis of security events from multiple sources including but not limited to events from Security Information Monitoring tools, network and host based intrusion detection systems, network infrastructure logs, system logs (Unix & Windows), mainframes, midrange, applications and databases.
  • Perform incident initial identification, classification and prioritization
  • Timely escalation and working closely with stakeholder to ensure rapid response to all reported incidents 
  • Provide support and assistance during the investigation of security incident
  • Proactive monitoring on Cyber threat landscape by performing research and study on latest security threats and vulnerabilities
  • Participate in the periodic review and establishment of stringent service level requirement

·         Generate security reporting and metrics as required
·         Perform daily health check on the system health status
·         Perform as shift lead, shift scheduling and conduct daily shift handover

  • Stay current on the latest threats and vulnerabilities to ensure operational tools and processes are up to date
  • Provide first line response to security incidents (malware infections, unauthorized access, malicious emails, Distributed Denial of Service (DDoS) attacks, etc)
  • Review the analysis and work of the L1 analyst and provide guidance to the L1 analyst team
  • Provide L2 analysis of security alerts and incidents
  • Participate in GSOC workflow and process improvements and re-engineering
  • Enhance and assist in the tuning of the SIEM and NIDS rules to identify security incidents and reduce false positives.
  • Review threat intelligence and investigate indicators of compromise (IOCs).
  • Assisting in evaluating security events and issues, being the escalation point of contact when required. 


  • ITC/Diploma/Degree in Computer Science / IT Security from a recognized education institution
  • Professional security related qualification (e.g. SANS GCIA, GSEC, GCIH) will be favorable although not mandatory
Technical Skills
  • 1 to 4 years of relevant experience in similar capacity but candidates without relevant experience are welcomed to apply. Training will be provided for selected candidates without relevant experience.
  • Strong understanding of basic computer science: algorithms, data 
  • structures, databases, operating systems, networks, and programming
  • Strong understanding of IT operations: help desk, end-point, server management, and networks
  • Strong ability to communicate: write clearly and is able to communicate at all levels – technical and management
  • Good understanding of Cyber security: Cyber kill chain, TTP, threat intelligence, malware triage
  • Good understanding of information security concepts:  defense in depth, BYOD management, data loss protection, risk assessment and security metrics
  • A good knowledge in Internet infrastructure, networking technology and network security (i.e. DNS, DHCP, Firewall, WAF, IDS, IPS, VPN, APT and TCP/IP protocols)
  • Malware triage and analysis capability will be an advantage
  • Working experience with ArcSight or any major SIEM will be an advantage
  • Strong technical knowledge and log analysis for Operating Systems, Database, Security and Network device & application

Soft Skills
  • Good written and verbal communication skills
  • Process and procedure adherence
  • Strong analytical and problem solving skill
Other Requirements
  • Work in a rotational 24/7 SOC environment