Role: Lead, Cyber Security Incident Response
Location: Singapore
We are partnering with a leading telecom client to hire a Cybersecurity Incident Response SME to lead end-to-end incident detection, investigation, and response across enterprise environments.
Responsibilities
- Own the full cybersecurity incident lifecycle: monitoring, triage, investigation, containment, and closure
- Lead response to malware, data breaches, insider threats, and cloud security incidents
- Perform threat hunting, log analysis, and forensic investigations
- Build, tune, and manage SIEM detections (Elastic / ELK preferred)
- Improve MTTD/MTTR through continuous alert tuning and use-case development
- Collaborate with SOC, CSIRT, IT, Cloud, and external MSSP teams
- Present incident reports, root cause analysis, and remediation plans to stakeholders
Requirements
- 58 years of experience in SOC / Incident Response / Detection Engineering
- Strong hands-on experience with SIEM (Elastic preferred; Splunk acceptable)
- Expertise in incident response, threat hunting, and log correlation
- Solid knowledge of MITRE ATT&CK, malware analysis, and network security
- Exposure to cloud security (AWS / Azure / GCP)
- Scripting skills (Python / Bash / PowerShell) are a plus
- Relevant certifications (CISSP, GCIH, GCIA, CEH, Elastic) preferred
