Security Monitoring & Detection Engineer

Assurity Trusted Solutions (ATS) is a wholly owned subsidiary of the Government Technology Agency (GovTech). As a Trusted Partner over the last decade, ATS offers a comprehensive suite of products and services ranging from infrastructure and operational services, authentication services, governance and assurance services as well as managed processes. In a dynamic digital and cyber landscape, where trust & collaboration are key, ATS continues to drive mutually beneficial business outcomes through collaboration with GovTech, government agencies and commercial partners to mitigate cyber risks and bolster security postures.

Responsibilities:

• Design and implement security controls and detection logic across platforms including Google Workspace (GWS), Azure, and others.
• Configure and optimize logging, alerting, and telemetry pipelines from cloud and SaaS platforms to the SIEM (e.g., Elastic, DataDog etc.).
• Develop or adapt detection rules and queries tailored to business-relevant use cases.
• Collaborate with the Incident Response Manager to triage and investigate alerts, provide context, and refine detections post-incident.
• Work closely with the Application Security Officer and Infrastructure Security Specialist to tune monitoring coverage and reduce noise.
• Maintain an inventory of log sources, validate ingestion and parsing, and ensure coverage of key threat surfaces.
• Keep abreast of threat intelligence and emerging TTPs to evolve detection logic accordingly.

• Strong understanding of cloud-native and SaaS platform logging (GWS, Azure, Microsoft 365, etc.).
• Experience with SIEM integration, log normalization, and detection rule frameworks (e.g. Sigma, MITRE ATT&CK mappings).
• Proficient in at least one query language
• Understanding of security telemetry, signal fidelity, and how alerts drive investigations.
• Familiarity with incident response workflows and how detection informs containment and remediation.
• Comfortable working across security, infrastructure, and DevOps teams to enable effective detection.
• Hands-on experience with Microsoft Sentinel, Chronicle, Elastic, or similar platforms.
• Experience with custom parser creation, enrichment pipelines, or SOAR tools.
• Exposure to Threat Hunting, Purple Teaming, or detection-as-code practices.
• Certifications like GCDA, GCTI, SC-200, or AZ-500 are a plus.

Join us and discover a meaningful and exciting career with Assurity Trusted Solutions!

The remuneration package will commensurate with your qualifications and experience. Interested applicants, please click "Apply Now".

We thank you for your interest and please note that only shortlisted candidates will be notified.

By submitting your application, you agree that your personal data may be collected, used and disclosed by Assurity Trusted Solutions Pte. Ltd. (ATS), GovTech and their service providers and agents in accordance with ATS’s privacy statement which can be found at: https://www.assurity.sg/privacy.html or such other successor site.

• A wholly-owned subsidiary of GovTech.
• We promote a learning culture and encourage you to grow and learn.