Cyber Incident Responder

We are currently hiring a Cyber Incident Responder to join our APAC Production Security (CSIRT / SOC) team in Singapore.

Role Overview

• Note: We are NOT looking for SOC analysts or monitoring staff as primary skills who can't code or be autonomous on incident response.

The role focuses on Security Incident Response, Detection Engineering, and SIEM/SOAR enhancement, supporting a 24/7 regional SOC and global security initiatives.

Key Responsibilities

Lead security incident response and investigation activities

Design and enhance security detection use cases (MITRE ATT&CK–based)

Strengthen SIEM/SOAR capabilities and SOC detection posture

Perform threat hunting, log analysis, and incident reporting

Collaborate with global and APAC CSIRT, business, and security teams

Contribute to continuous improvement of security processes and playbooks

Required Skills & Experience

7+ years in Cybersecurity / Incident Response

Strong experience in SIEM (ELK preferred; Splunk acceptable)

Hands-on incident investigation, threat hunting, and use‑case development

Good knowledge of Linux (RedHat / Ubuntu)

Scripting knowledge: Python / Java / PowerShell / Bash

Familiarity with MITRE ATT&CK framework

Strong communication skills (English required)

Nice to Have

Experience in banking or financial services

Certifications: CISSP / SANS / OSCP

Exposure to DevSecOps / automation mindset