Job Summary

We are seeking a Security Detection & SIEM Engineer to support and enhance the organization’s security monitoring, detection, and log management capabilities. This role is responsible for SIEM administration, security event analysis, detection engineering, and platform reliability across regional environments.The ideal candidate will have hands-on experience in security monitoring operations, log analysis, behavioral detection, and SIEM platform management, with strong technical troubleshooting and analytical skills.

Key Responsibilities

Security Monitoring & Event Analysis• Perform daily security alert monitoring and analysis, including alert triage, classification, investigation, escalation, and case closure.• Support incident investigation and coordinate with infrastructure and application teams where required.• Prepare weekly security monitoring and alert trend reports, including event summaries, detection metrics, and operational observations.

SIEM Administration & Detection Engineering

• Lead SIEM configuration, log onboarding, rule tuning, and detection optimization across servers, applications, and network infrastructure.• Define and refine detection logic, including correlation rules, behavioral indicators, and monitoring use cases.• Maintain and improve AI-assisted detection and behavioral analysis workflows.

Log Management & Platform Operations

• Deploy and manage log collection agents across Linux, Windows, and network devices to ensure stable and complete log coverage.• Support integration of OS and application logs for monitoring, correlation, and activity analysis.• Ensure platform health, log retention, monitoring coverage, and overall reliability of the SIEM environment.Dashboard & Reporting• Manage dashboards, alert metrics, and reporting to provide visibility into the organization’s security posture.• Support operational reporting and security monitoring performance reviews.

Process Improvement & Automation

• Support security monitoring automation and workflow improvements through scripting and integration initiatives.• Participate in security platform enhancements and operational optimization projects.

Preferred Skills & Qualifications

• Bachelor’s Degree in Information Security, Cybersecurity, Computer Science, or related field.• Minimum 5 years of experience in SIEM administration, security monitoring, or detection engineering.• Hands-on experience with SIEM or logging platforms such as ELK, Wazuh, Splunk, Graylog, QRadar, or similar technologies.• Strong knowledge of Linux and Windows systems administration and security log analysis.• Experience with Python, Shell scripting, or automation tools for log processing and workflow optimization.• Familiarity with security event correlation, behavioral analysis, and detection engineering concepts.• Exposure to API integration, middleware, or AI-assisted analysis solutions is an advantage.• Strong analytical, troubleshooting, and problem-solving skills with attention to detail.• Ability to communicate effectively in English; Mandarin proficiency is an advantage for collaboration with regional stakeholders.

Key Competencies

• Security Monitoring & Incident Analysis• SIEM Administration• Detection Engineering• Log Management & Correlation• Automation & Scripting• Analytical Thinking• Problem Solving• Cross-functional Communication