the more advance one during lull period will be doing research, threat hunting, building up on automation

SOC is mainly waiting for alerts and doing incident response (could include cyber threat attribution, forensics for in-house SOC, not those third party MSSPs).

If got alerts means busy, no alert means wait for shift to be over, that's pretty much the nature of shift work.

Any good SOCs in Singapore?

try fortinet

I m not from Cybersecurity backgroun. To change career path to cyber security, what cert is needed?

What you Wan to do

Pen, soc, si, analyst, pm, maintenance?

Imho, depends on age mostly, below 30yo, companies are more willing to take inexperienced ones. Elsewise go through govt skill change program.

Hope to join Cybersecurity team in MNC or gov. CISSP is sufficient?

CISSP required experience in
Domain 1. Security and Risk Management
Domain 2. Asset Security
Domain 3. Security Architecture and Engineering
Domain 4. Communication and Network Security
Domain 5. Identity and Access Management (IAM)
Domain 6. Security Assessment and Testing
Domain 7. Security Operations
Domain 8. Software Development Security

2 of the 8 for 5 years, 4 with relevant degree, without relevant exp, how are you getting cissp certified? Will only be at associate level until you fulfill your 4/5th year which is not a "true" cissp.

MNC looks more into portfolio and exp, Govt agency looks more into paper cert and local uni.

If you are only looking to get in as a fresh grad or a entry level role, yes.

If you are looking to join as a senior/ management level then no.

normally there 2 path.

1st is tech path where you have a lot of cert or have alot of github development or HTB/ bug bounty kind exp.

2nd is smoke path where you have nothing much but can talk very well. this type of ppl will do in SI kind of cyber company