95 Cyber Intelligence jobs in Singapore

Join to apply for the
Cyber Intelligence Malware Analyst
role at
Internal Security Department
1 week ago Be among the first 25 applicants
Get AI-powered advice on this job and more exclusive features.
What The Role Is
ISD confronts and addresses threats to Singapore’s internal security and stability. For over 70 years, ISD and its predecessor organisations have played a central role in countering threats such as those posed by foreign subversive elements, spies, racial and religious extremists, and terrorists. A fulfilling and rewarding career awaits those who want to join in ISD’s critical mission of keeping Singapore safe, secure and sovereign for all Singaporeans.
What You Will Be Working On
As a Cyber Intelligence Malware Analyst, you will develop and apply your skills in one or more of the following areas to support the organization’s mission:
Malware analysis:
Dissect malware to discover its unique characteristics and functionalities, so as to uncover the motivation and modus operandi behind a cyber-attack or adversary operation, with the goal to attribute them.
Capability development:
Apply programming and coding skillsets to build new or enhance existing toolkits to automate investigative and analysis processes.
What We Are Looking For
Degree/Diploma in Computer Science, Computer/Electrical Engineering, Infocomm Security, Information Systems or equivalent competencies (applicants with no experience may apply).
Strong interest and passion in Cyber Security
Good foundation in programming (C/C++/C#/Python/PHP/BASH/Javascript/Powershell/Go Lang)
Familiarity with major Operating Systems (Microsoft Windows/Linux)
Familiarity with Assembly Language and its application to Reverse Engineering of malware
Good analytical skills – able to think critically and laterally to distil complex technology concepts and implementations
Good interpersonal and communication skills (written/oral)
Team player who takes initiative and can work collaboratively with peers
Relevant experience in cyber security is advantageous
Professional certification (e.g., GREM) is advantageous
Hands-on experience with tools such as sandboxes, IDA Pro, OllyDBG, x64 debugger, SysInternal suite, Remnux is advantageous
Only Singaporeans need apply
Additional Information
Seniority level: Entry level
Employment type: Full-time
Job function: Information Technology
Industries: Government Administration and Industrial Machinery Manufacturing
Referrals increase your chances of interviewing at Internal Security Department by 2x.
Get notified about new Malware Analyst jobs in
Singapore, Singapore .
#J-18808-Ljbffr

Join to apply for the
Cyber Intelligence Vice President, Threat Intelligence
role at
JPMorganChase
1 day ago Be among the first 25 applicants
Join to apply for the
Cyber Intelligence Vice President, Threat Intelligence
role at
JPMorganChase
Get AI-powered advice on this job and more exclusive features.
Job Description
Harness your expertise to shape robust cybersecurity strategies and safeguard critical assets. Your leadership will be pivotal in enhancing our resilience against evolving global cyber threats.
Job Description
Harness your expertise to shape robust cybersecurity strategies and safeguard critical assets. Your leadership will be pivotal in enhancing our resilience against evolving global cyber threats.
As a Cybersecurity Intelligence Vice President in Cybersecurity & Tech Controls, you will play a critical role in safeguarding the firm's digital assets and infrastructure from cyber threats. Responsible for identifying, assessing, and mitigating risks, you will inform and influence control measures across the organization. Your expertise in analyzing complex issues and developing innovative solutions, along with your ability to collaborate with diverse teams, will be crucial in enhancing the firm's security posture. As a subject matter expert, you will contribute to strategic cybersecurity initiatives and continuously improve our threat detection and response capabilities. Your work significantly impacts the firm's operations, fiscal management, public image, employee morale, and client relationships.
Job Responsibilities
Implement proactive threat intelligence strategies using advanced analytics and emerging technologies to identify and mitigate risks
Research and develop novel methodologies and capabilities to uncover unique threat intelligence, working with large data sets using data analysis tools and/or programming languages. Innovation is key
Hunt and track groups of highly sophisticated threat actors, and their current and evolving tactics, techniques and procedures (TTPs), using open and closed source tools
Maintain detailed threat actor profiles on adversaries of interest/relevance to the firm and wider financial industry, covering TTPs, intent, goals, and strategic objectives
Build and maintain strong relationships with stakeholders, sharing threat intelligence and best practices to achieve operational goals and improve cybersecurity operations
Track and understand the wider global, technology, and geopolitical landscapes, and assess their influence on cyber threats and security opportunities, particularly within the financial industry
Required Qualifications, Capabilities, And Skills
Bachelor’s Degree in Computer Science, Cybersecurity, Data Science, or related disciplines
5+ years of experience in Cyber Threat Intelligence, Red Team, Penetration Testing or other relevant experience in Cyber Operations disciplines
Foundational understanding of cybersecurity concepts, common enterprise IT infrastructure components, operating system internals, logging mechanisms and networking.
Data acumen - ability to efficiently interrogate large amount of data, and extract intelligence from semi- or un-structured data. This includes automating data collection and processing using analytical tools and/or scripting languages (e.g. Python).
Adoption of an always-improving and efficient mindset; leveraging repeatable query syntax or automating repeatable security tasks
Demonstrated knowledge or keen interest in prominent cyber threat actor groups, campaigns and TTPs
Experience employing objective analysis and effectively communicating (written and verbal) findings to both technical and non-technical audiences
Preferred Qualifications, Capabilities, And Skills
Having technical curiosity towards all things Cyber; always experimenting, always innovating
Experience in implementing software systems for big data collection, ingestion, and processing
Experience in the intelligence community / an international institution conducting cyber or security / intelligence related work
Knowledge and experience in hands-on offensive security disciplines such as Red Team, Penetration Testing, and Bug Bounty Research
ABOUT US
J.P. Morgan is a global leader in financial services, providing strategic advice and products to the world’s most prominent corporations, governments, wealthy individuals and institutional investors. Our first-class business in a first-class way approach to serving clients drives everything we do. We strive to build trusted, long-term partnerships to help our clients achieve their business objectives.
We recognize that our people are our strength and the diverse talents they bring to our global workforce are directly linked to our success. We are an equal opportunity employer and place a high value on diversity and inclusion at our company. We do not discriminate on the basis of any protected attribute, including race, religion, color, national origin, gender, sexual orientation, gender identity, gender expression, age, marital or veteran status, pregnancy or disability, or any other basis protected under applicable law. We also make reasonable accommodations for applicants’ and employees’ religious practices and beliefs, as well as mental health or physical disability needs. Visit our FAQs for more information about requesting an accommodation.
About The Team
Our professionals in our Corporate Functions cover a diverse range of areas from finance and risk to human resources and marketing. Our corporate teams are an essential part of our company, ensuring that we’re setting our businesses, clients, customers and employees up for success.
Seniority level
Seniority level Mid-Senior level
Employment type
Employment type Full-time
Job function
Job function Information Technology
Referrals increase your chances of interviewing at JPMorganChase by 2x
Sign in to set job alerts for “Vice President Information Technology” roles.
Vice President, Data Management & Governance Specialist
VP, Problem & Knowledge Management Lead, SRE & Governance, Group Technology
VP, Team Lead, SRE Engineer, Core Banking Technology, Group Technology
Cybersecurity Consultant, Chief Information Officer Office
Head of Tech Risk and Governance - Group Chief Information Officer
Chief Information Security Officer - MNC (ID: 37089)
Chief Information Security Officer - Fintech
SVP, Head of Non-Human Identity Policy, Information Security Services, Group Technology
Field Chief Information Security Officer (CISO), Asia
Chief Information Security Officer (CISO)
Agency Chief Information Security Officer (ACISO)
Global Chief Information Security Officer (CISO)
Group Chief Information Security Officer (CISO)
Vice President, Platforms And Architecture, Information Technology
Deputy / Assistant Director (Information Technology)
VP, Core Banking Project Management Office, Technology COO, Group Technology
Associate Director Service Management - Group Chief Information Officer
VP/AVP, End User Collaborative Service (Ops), Future Ready Technology, Group Technology
Applications Support Technology Lead Analyst (Vice President)
Cloud Information Security Technology Lead Analyst (Vice President)
We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.
#J-18808-Ljbffr

Join to apply for the
Cyber Intelligence Analyst (Red Team)
role at
Internal Security Department
ISD confronts and addresses threats to Singapore’s internal security and stability. For over 75 years, ISD and its predecessor organisations have played a central role in countering threats such as those posed by foreign subversive elements, spies, racial and religious extremists, and terrorists. A fulfilling and rewarding career awaits those who want to join in ISD’s critical mission of keeping Singapore safe, secure and sovereign for all Singaporeans.
We are looking for candidates who are critical thinkers with an investigative mindset and have a passion to pursue a career in the field of cyber intelligence. You will be part of the team with unique access to insights of cyber threat activities operating within Singapore's cyberspace, and your role is to attribute cyber threats and assess the potential impact to national security.
What You Will Be Working On
Undertake cyber intelligence operations to identify cyber threats, and derive insights into modus operandi and motivation of cyber attacks
Research into cyber offensive techniques, tools and exploits used by cyber aggressors
Creation of tools to facilitate operations and to aid in investigative and analysis processes
What We Are Looking For
Passionate about cybersecurity and technical research and/or software development
Ability to think critically and laterally to distil complex technology concepts and implementations
Ability to work with cross-functional teams
Relevant experience or knowledge in one or more of the following areas would be advantageous: experience in Capture-The-Flag competitions, familiarity with penetration testing methodology, possess relevant certifications such as GPEN, GXPN, OSCP, OSCE, etc, possess hands-on experience in tools such as Kali Linux, Nmap, IDA Pro and x64 debugger, good foundation in programming and scripting languages
Applicants with no experience may apply
Only Singaporeans need apply
We wish to inform that only shortlisted candidates will be notified.
We are an equal opportunities employer.
#J-18808-Ljbffr

Join to apply for the
Head, Cyber Threat Intelligence
role at
IMDA
This role exists to lead and manage the team in the provision of Cyber Threat Intelligence to secure the Telecommunications and Media sectors and support national cybersecurity efforts within the vision and mission of IMDA.
Responsibilities
Guide the team performing research and analysis of emerging or relevant cybersecurity threats impacting Telecommunications and Media sectors with threat assessment and sectoral impact.
This includes attack techniques, vulnerabilities and exploits, threat detections rules, signatures (e.g., Yara, Snort), recommendations to detect or prevent related threats.
Oversee regular or ad-hoc threat intelligence reports are produced are disseminated to key stakeholders, including advisories or alerts to operators are carried out according to Standard Operating Procedures.
Supervise Security Engineers to ensure implemented systems and technologies support operational capabilities and comply to IT standards.
This includes strategy and planning to build and operate Incident/Alert management system, Threat Intelligence Platform with integration to intelligence sources to synthesize across the sectors for dissemination and response.
Requirements
Information Security/Technology, Computer Science/Engineering related qualification
10 years or more working experience in enterprise cyber security incident investigations digital forensics or cyber threat intelligence related areas and leading such teams
Experience preparing and presenting threat briefings to information security and technology stakeholders in senior management, operations and to customers
Experience publishing cyber threat, campaign or vulnerability exploit research
Knowledge in telecommunications, broadcast, media equipment and technologies, enterprise environments
Relevant professional certifications including GIAC GCFA, GREM, GCFE, GCIH or CREST CCTIM, CRTIA, CPTIA.
Proficiency in Threat Intelligence Platforms deployment
Strong analytical skills with passion to overcome challenges
Strong influencing and communication skills
Only shortlisted candidates will be notified. Position will be commensurate with experience.
Seniority level
Director
Employment type
Full-time
Job function
Information Technology
Government Administration
#J-18808-Ljbffr

Summary of the role
The Cyber Threat Intelligence & Fusion Centre Manager is responsible to oversee Marina Bay Sand’s (MBS) Cyber Threat Intelligence and Cyber Fusion Centre program. This vertical is part of Marina Bay Sands’ Cyber Security Operations Centre (CSOC). The mission of MBS CSOC is to protect and defend MBS against cyber-attacks targeting the gaming, retail and hospitality sector.
The candidate builds, leads and supervises daily cyber threat horizon scanning operation for MBS. For every applicable cyber threat, the candidate is expected to lead the operation to assess and coordinate dissemination, track follow up and defensive / mitigative measures, and to provide reporting as per MITRE Cyber Threat Informed Defence framework.
When required, the candidate is also required to provide focused effort and analysis of potential cyber incidents. This position has a local supervisory role and works closely with the global CSOC team in other centers around the world. All duties are to be performed in accordance with the department and Marina Bay Sands’ policies, practices and procedures.
Job Responsibilities
Consistent and regular attendance is an essential function of this job.
Ensure relevant external cyber threat information is detected, responded and / or escalated in a timely fashion.
Ensure external cyber threat information tools / subscriptions are maintained, reviewed and effective in detecting external cyber threat information.
Ensure process runbooks are reviewed and updated timely.
Ensure metrics and trending are collected, reviewed and analyzed timely.
Coordinate with other stakeholders to track and resolve findings, where required.
Performs other related duties as assigned
Job Requirements
Education & Certification
Degree or Diploma in Cybersecurity
Professional cyber related membership and certification is required
Experience
5-10 years of work experience in technical cyber threat intelligence operations, incident response investigation and / or malware analysis.
Other Prerequisites
Proven effective verbal and written communication skills
Abilities
Facilitate continuously updated intelligence, surveillance, and visualization input to common operational picture managers
Identify intelligence gaps and shortfalls
Monitor open source websites for hostile content directed towards organizational or partner interests
Identify cyber threat tactics and methodologies
Identify and characterize intrusion activities against a victim or target
Determine effectiveness of intelligence collection operations
Recommend adjustments to intelligence collection strategies
Develop cyber operations indicators
Coordinate all-source collection activities
Validate all-source collection requirements and plans
Prepare threat and target briefings
Identify intelligence requirements
Modify collection requirements
Determine effectiveness of collection requirements
Monitor changes to designated cyber operations warning problem sets
Report on adversarial activities that fulfill priority information requirements
Prepare cyber operations intelligence reports
Prepare indications and warnings intelligence reports
Assess effectiveness of intelligence production
Assess effectiveness of intelligence reporting
Provide intelligence analysis and support
Notify appropriate personnel of imminent hostile intentions or activities
Determine if intelligence requirements and collection plans are accurate and up-to-date
Knowledge
Intelligence collection capabilities and applications
Intelligence requirements tasking systems and software
Intelligence information repositories
Threat intelligence principles and practices
Operations security (OPSEC) principles and practices
Target development principles and practices
Target research tools and techniques
Priority intelligence requirements
Intelligence fusion
Adversarial tactics principles and practices
Adversarial tactics tools and techniques
Threat vector characteristics
Cyber attack stages
Cyber intrusion activity phases
Malware analysis tools and techniques
Malware analysis principles and practices
Cyber-attack tools and techniques
Denial and deception tools and techniques
Skillset
Conducting non-attributable research
Creating target intelligence products
Conducting deep web research
Performing target analysis
Identifying intelligence gaps
Conducting open-source searches
Converting intelligence requirements into intelligence production tasks
Developing collection strategies
Work Environment
Thrive in a fast-paced, dynamic and global working environment.
Adapt and adjust to priorities quickly as circumstances dictate while completing tasks within established time frames
Establish and maintain cooperative working relationships with fellow Team Members, management, outside contacts, guests and the public.
Meet the basic physical requirements of an office environment including moving freely and frequently about an office, accessing computers and related technologies using peripheral equipment and operating other office equipment.
Maintain composure under pressure and consistently meet deadlines with internal and external stakeholders.
#J-18808-Ljbffr

Bitsight is a cyber risk management leader transforming how companies manage exposure, performance, and risk for themselves and their third parties. Companies rely on Bitsight to prioritize their cybersecurity investments, build greater trust within their ecosystem, and reduce their chances of financial loss.
Built on over a decade of technological innovation, its integrated solutions deliver value across enterprise security performance, digital supply chains, cyber insurance, and data analysis.
We invented the cyber ratings industry in 2011
Over 3000 customers trust Bitsight
Over 750 teammates are dispersed throughout Boston, Raleigh, New York, Lisbon, Singapore, and remote
This is a unique and exciting opportunity to join Bitsight’s growing APAC team as a Cyber Threat Intelligence (CTI) Sales Specialist. In this sales overlay role , you will work closely with account executives, sales leadership, and partners to accelerate revenue growth in the CTI vertical across priority APAC markets.
This role reports directly to the General Manager, APAC.
You will play a critical role in driving qualified pipeline generation, influencing deal strategy, and supporting the field with subject matter expertise to effectively position Bitsight’s CTI solutions
Why This Role Matters
CTI is a newly acquired capability and a high-growth, strategic differentiator for Bitsight. As customers increasingly seek proactive, high-fidelity threat insights to manage exposure and prioritize resources, this role is critical in positioning Bitsight as the partner of choice for threat-informed cyber risk management. Your work will help scale the CTI business across APAC and directly contribute to revenue growth, competitive win rates, and strong customer retention.
Location and Language Requirements
Location: Based in Singapore preferred; open to other APAC locations
Languages: English fluency required; Japanese or another regional language is a plus
Job Purpose
Drive new and expansion revenue in the CTI vertical across APAC by working alongside sellers to position, differentiate, and close CTI-related opportunities.
Key Responsibilities
Act as the go-to commercial CTI expert, supporting regional sellers across the full sales cycle - from pipeline generation and discovery to deal closure
Proactively identify and qualify CTI pipeline opportunities in partnership with sales reps, SDRs, and partners
Shape strategy and execution for CTI pursuits within key accounts and priority verticals such as financial services, government, and telecommunications
Lead customer conversations that translate threat intelligence capabilities into business value and use cases (e.g., attack surface reduction, third-party risk)
Lead CTI-specific engagements, including product demos, executive briefings, and thought leadership workshops
Collaborate with marketing and field sales to craft CTI-focused campaigns and messaging to drive awareness and demand
Gather and share competitive intelligence and win/loss insights to refine sales plays and market positioning
Track and report CTI pipeline, forecast progress, and strategic account activity
Facilitate internal sales enablement to upskill sellers on CTI solutions, messaging, and objection handling
Partner with the product and solutions engineering teams to close feature gaps and improve sales alignment
Required Skills and Experience
4 - 8 years of experience in B2B software sales, preferably with a focus on cybersecurity, threat intelligence, or risk management
Minimum 2–3 years of direct experience selling threat intelligence solutions - this is a mandatory requirement
Strong understanding of threat intelligence concepts, value propositions, and buyers (CTI teams, SOC, risk, CISO)
Experience in an overlay or specialist sales role supporting field sellers across regions or segments
Demonstrated success influencing sales pipeline and exceeding revenue targets
Excellent storytelling, presentation, and relationship-building skills
Strong business acumen and the ability to map technical capabilities to customer needs and outcomes
Track record of collaborating cross-functionally with sales, product, marketing, and partner teams
Highly self-motivated, organized, and able to thrive in a fast-paced, distributed team environment
Belonging & Inclusion
.
Bitsight is proud to be an equal opportunity employer. This means we do not tolerate discrimination of any kind and are committed to providing equal employment opportunities regardless of your gender identity, race, nationality, religion, sexual orientation, status as a protected veteran, or status as an individual with a disability.
Culture.
We put our people first. Bitsight offers best in class benefits. We devote the same energy to nurturing our company's inclusive culture as we apply to serving our customers' needs. Working at Bitsight will give you the opportunity to fulfill your professional goals and expand your skills.
Open-minded.
If you got to this point, we hope you’re feeling excited about the job description you just read. Even if you don’t feel that you meet every single requirement, we still encourage you to apply. We’re eager to meet people that believe in Bitsight’s mission and can contribute to our team in a variety of ways.
Bitsight also provides reasonable accommodations to qualified individuals with disabilities or based on a sincerely held religious belief in accordance with applicable laws. If you need to inquire about a reasonable accommodation, or need assistance with completing the application process, please email This contact information is for accommodation requests only, and cannot be used to inquire about the status of applications.
Additional Information for United States of America Applicants :
Bitsight is committed to compliance with all fair employment practices regarding citizenship and immigration status.
Bitsight will not discharge, discipline or in any other manner discriminate against any employee or applicant for employment because such employee or applicant has inquired about, discussed, or disclosed the compensation of the employee or applicant or another employee or applicant.
Massachusetts Applicants:
It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability.
Qualified applicants with criminal histories will be considered for employment consistent with applicable law.
This position may be considered a promotional opportunity pursuant to the Colorado Equal Pay for Equal Work Act.
#J-18808-Ljbffr

Summary of the role

The Cyber Threat Intelligence & Fusion Centre Manager is responsible to oversee Marina Bay Sand’s (MBS) Cyber Threat Intelligence and Cyber Fusion Centre program. This vertical is part of Marina Bay Sands’ Cyber Security Operations Centre (CSOC). The mission of MBS CSOC is to protect and defend MBS against cyber-attacks targeting the gaming, retail and hospitality sector.

The candidate builds, leads and supervises daily cyber threat horizon scanning operation for MBS. For every applicable cyber threat, the candidate is expected to lead the operation to assess and coordinate dissemination, track follow up and defensive / mitigative measures, and to provide reporting as per MITRE Cyber Threat Informed Defence framework.

When required, the candidate is also required to provide focused effort and analysis of potential cyber incidents. This position has a local supervisory role and works closely with the global CSOC team in other centers around the world.
All duties are to be performed in accordance with the department and Marina Bay Sands’ policies, practices and procedures.

Job Responsibilities

• Consistent and regular attendance is an essential function of this job.
• Ensure relevant external cyber threat information is detected, responded and / or escalated in a timely fashion.
• Ensure external cyber threat information tools / subscriptions are maintained, reviewed and effective in detecting external cyber threat information.
• Ensure process runbooks are reviewed and updated timely.
• Ensure metrics and trending are collected, reviewed and analyzed timely.
• Coordinate with other stakeholders to track and resolve findings, where required.
• Performs other related duties as assigned

Job Requirements
Education & Certification

• Degree or Diploma in Cybersecurity
• Professional cyber related membership and certification is required

Experience

• 5-10 years of work experience in technical cyber threat intelligence operations, incident response investigation and / or malware analysis.

Other Prerequisites

• Proven effective verbal and written communication skills

Abilities

• Facilitate continuously updated intelligence, surveillance, and visualization input to common operational picture managers
• Identify intelligence gaps and shortfalls
• Monitor open source websites for hostile content directed towards organizational or partner interests
• Identify cyber threat tactics and methodologies
• Identify and characterize intrusion activities against a victim or target
• Determine effectiveness of intelligence collection operations
• Recommend adjustments to intelligence collection strategies
• Develop cyber operations indicators
• Coordinate all-source collection activities
• Validate all-source collection requirements and plans
• Prepare threat and target briefings
• Identify intelligence requirements
• Modify collection requirements
• Determine effectiveness of collection requirements
• Monitor changes to designated cyber operations warning problem sets
• Report on adversarial activities that fulfill priority information requirements
• Prepare cyber operations intelligence reports
• Prepare indications and warnings intelligence reports
• Assess effectiveness of intelligence production
• Assess effectiveness of intelligence reporting
• Provide intelligence analysis and support
• Notify appropriate personnel of imminent hostile intentions or activities
• Determine if intelligence requirements and collection plans are accurate and up-to-date

Knowledge

• Intelligence collection capabilities and applications
• Intelligence requirements tasking systems and software
• Intelligence information repositories
• Threat intelligence principles and practices
• Operations security (OPSEC) principles and practices
• Target development principles and practices
• Target research tools and techniques
• Priority intelligence requirements
• Intelligence fusion
• Adversarial tactics principles and practices
• Adversarial tactics tools and techniques
• Threat vector characteristics
• Cyber attack stages
• Cyber intrusion activity phases
• Malware analysis tools and techniques
• Malware analysis principles and practices
• Cyber-attack tools and techniques
• Denial and deception tools and techniques

Skillset

• Conducting non-attributable research
• Creating target intelligence products
• Conducting deep web research
• Performing target analysis
• Identifying intelligence gaps
• Conducting open-source searches
• Converting intelligence requirements into intelligence production tasks
• Developing collection strategies

Work Environment

• Thrive in a fast-paced, dynamic and global working environment.
• Adapt and adjust to priorities quickly as circumstances dictate while completing tasks within established time frames
• Establish and maintain cooperative working relationships with fellow Team Members, management, outside contacts, guests and the public.
• Meet the basic physical requirements of an office environment including moving freely and frequently about an office, accessing computers and related technologies using peripheral equipment and operating other office equipment.
• Maintain composure under pressure and consistently meet deadlines with internal and external stakeholders.

We are seeking a skilled and experienced Threat Hunter to work in the Security Operations team. The ideal candidate should be a proactive and resourceful individual with a passion for identifying and neutralizing advanced threats to strengthen the company’s defenses. This role requires a deep understanding of threat hunting methodologies, a strong analytical mindset, and exceptional communication skills. The role is expected to potentially work overtime in the event of responding to Security Incident to accommodate and manage Group’s Threat Intelligence services/program.
Key Responsibilities
Threat Hunting and Analysis
Conduct proactive threat hunting activities across various environments (endpoints, networks, cloud).
Develop and maintain threat hunting hypotheses based on current threat intelligence and organizational risk assessments.
Apply structured threat hunting methodologies leveraging frameworks such as MITRE ATT&CK, PEAK, TAHITI, THMM and Diamond Model to guide hypothesis creation, evidence collection and iterative improvements.
Deep technical knowledge of adversary tactics, malware analysis, intrusion detection and cloud security.
Tooling and Automation
Familiar with EDR/XDR solutions, SIEM platform, data pipeline and threat hunting tooling to detect and disrupt adversary tactics.
Develop custom scripts and tools to automate threat hunting processes and improve efficiency.
Leverage various threat hunting techniques, including but not limited to, YARA rules, IOC analysis, and behavioral based analysis.
Incident Investigation
Analyze security logs, network traffic, and endpoint data to identify malicious activity and potential threats.
Investigate security incidents and provide detailed reports on findings, including root cause analysis and remediation recommendations.
Collaborate with other security teams (incident response, vulnerability management, etc.) to share threat intelligence and coordinate security efforts.
Cyber Threat Intelligence (CTI)
Develop and manage Cyber Threat Intelligence while staying up to date on the latest threat landscape, attack techniques, and emerging technologies.
Map advisory behaviors to ATT&CK techniques and translate findings into actionable intelligence.
Share actionable intelligence with internal teams and external stakeholders.
Present findings and recommendations to technical and executive audiences.
Continuous Improvement
Contributes to the development and improvement of threat hunting strategies, processes and playbooks aligning with PEAK and TAHITI cycles for structural threat hunting.
Develop and maintain a strong understanding of the organization's infrastructure and applications to strengthen awareness of evolving threats and adversary behavior.
Drive maturing of the overall security operations service.
Qualifications & Skills
Required
Bachelor's degree in Computer Science, Cybersecurity, or a related field.
At least 3+ years of experience in cybersecurity, with a minimum of 1-2 years focused on threat hunting.
Strong understanding of various operating systems (Windows, Linux, macOS).
Experience with various security tools and technologies (SIEM, EDR, network monitoring tools).
Proficiency in scripting (Python, PowerShell).
Strong analytical and problem-solving skills.
Excellent communication and presentation skills to translate technical findings into business impact.
Preferred
Experience with threat intelligence platforms, feeds and CTI frameworks.
Relevant security certifications (e.g., SANS GIAC, GNFA, GCFA, Offensive Security, etc)
Experience with cloud platforms (AWS, Azure, GCP) and container security is a plus.
#J-18808-Ljbffr

Job Summary
The Group Operational, Technology and Cybersecurity Risk (OTCR) organisation is instrumental in protecting and ensuring the resilience of Standard Chartered Bank’s data and IT systems by managing technological, information and cyber security (ICS) risks across the enterprise. As a critical function reporting into the Group Chief Risk Officer (CRO), Group OTCR serves as the second line of defence for assuring Operational, Technology and IC controls are implemented effectively and in accordance with the Enterprise Risk Management Framework (ERMF) and the ICT Risk Type Framework, and for instilling a positive culture of Operational, Technology and Cybersecurity risk management within the Bank. As part of the function, the team of OTCR CISO performs a pivotal role as an extension of the OTCR in supporting the Tech and IC risk management strategy, governance, advisory and assurance roles that face off to the Client Businesses, Regions, and Functions. This specific OTCR CISO role has accountability for 2nd Line of Defence oversight over the CISO Global Threat Mgmt and Cyber Defence team. The role therefore requires experience working within such functions and highly sophisticated technical skills across Security Logging and Monitoring, Security Incident Management, Cyber Forensic, Cyber Intelligence and Threat Management.
Responsibilities
Overseeing and challenging 1st line Tech and IC risk proposals and risk-taking activities for Security Logging and Monitoring, Security Incident Management and Cyber Forensic, Cyber Intelligence and Threat Management, and other key IC domains.
Intervening in 1st line activities if they are not in line with existing or adjusted Risk Appetite.
Monitoring of Tech and IC risks and associated remediation plans across business lines using the Threat Scenario Risk Assessment (TSRA) Framework.
Assuring the 1st line implements controls to comply with applicable laws and regulations as defined by the IC Policy, Standards and escalating significant regulatory non‐compliance matters and developments to the Global Head, OTCR, T&O.
Overseeing implementation of the controls to mitigate risks related to Security Logging and Monitoring, Security Incident Management and Cyber Forensic, Cyber Intelligence and Threat Management.
Promoting a healthy Tech and IC risk culture and good conduct within Transformation, Technology & Operations of key IC domains.
People & Talent
Lead through example and build the appropriate culture and values.
Employ, engage, and retain high quality people, with succession planning for critical roles.
Uphold and reinforce the independence of the second line OTCR function.
Provide guidance and training for businesses and functions on managing risks associated with Cyber Operations and Group Threat Management domains.
Risk Management
Support the assessment of Tech and IC risk and reporting by T&O 1st line teams.
Support the OTCR T&O team in the use of the Tech and IC risk frameworks and other techniques from a 2nd line perspective.
Raise visibility of Tech and IC weaknesses to drive improvements and upliftment.
Highlight gaps or control weaknesses against security standards and regulations in the key IC domains.
Create risk mitigation plans calling out where these are ineffective or insufficiently followed.
Perform thematic reviews as required by the OTCR T&O team.
Governance
Work with teams within T&O and participate in work groups and other meetings to understand, advise, and challenge on Tech and IC matters, specifically for Security Logging and Monitoring, Security Incident Management and Cyber Forensic, Cyber Intelligence and Threat Management associated risks.
Report any Tech and IC risks/issues during T&O NFRC which require attention and support.
Ensure consistency of reporting and production of high‐quality documentation and materials.
Provide recommendations and feedback to OTCR teams based on experience with T&O.
Regulatory & Business Conduct
Display exemplary conduct and live by the Group’s Values and Code of Conduct.
Take personal responsibility for embedding the highest standards of ethics, including regulatory and business conduct, across Standard Chartered Bank. This includes understanding and ensuring compliance with, in letter and spirit, all applicable laws, regulations, guidelines and the Group Code of Conduct.
Effectively and collaboratively identify, elevate, mitigate, and resolve risk, conduct and compliance matters.
Key Stakeholders
Group OTCR T&O, IC & Tech Risk Leadership Team
Group T&O Risk Management and Cloud Governance Heads and teams
Group CISO MT
OTCR for Functions, Businesses and Regions
Group Internal Audit
Identified business stakeholders
Other Responsibilities
Embed Here for good and Group’s brand and values in OTCR, CISO & COO team; Perform other responsibilities assigned under Group, Country, Business or Functional policies and procedures within OTCR TTO covering other domains beyond main domains of responsibility.
Our Ideal Candidate
Degree in Information and Cyber Security or Technology or equivalent
10+ years experience in information security or risk management, preferably in Banking and Financial sector, with 5 years hands‐on experience in SIEM, XDR/EDR, SOAR, logging architecture (on‐prem/cloud), MITRE ATT&CK, threat hunting and incident response including forensic, threat intel frameworks.
Strong knowledge of cybersecurity frameworks, standards and principles
Strong knowledge of cloud security best practices and frameworks (e.g., CIS Benchmarks, NIST Cybersecurity Framework)
Professional Certifications such as CISSP/CISM, CRISC, CCSK/CCSP, MITRE ATT&CK Defender, SANS GCTI/GCED are desirable
Excellent written and oral communication and reporting skills, ability to present complex Cyber Operational and Threat Management concepts to non‐technical stakeholders
Role Specific Technical Competencies
Cyber Security frameworks, standards, and principles
Security Logging and Monitoring
Security Incident Management
Threat Management
About Standard Chartered
We’re an international bank, nimble enough to act, big enough for impact. For more than 170 years, we’ve worked to make a positive difference for our clients, communities, and each other. We question the status quo, love a challenge and enjoy finding new opportunities to grow and do better than before. If you’re looking for a career with purpose and you want to work for a bank making a difference, we want to hear from you. You can count on us to celebrate your unique talents and we can’t wait to see the talents you can bring us. Our purpose, to drive commerce and prosperity through our unique diversity, together with our brand promise, to be here for good are achieved by how we each live our valued behaviours. When you work with us, you’ll see how we value difference and advocate inclusion.
What We Offer
Core bank funding for retirement savings, medical and life insurance, with flexible and voluntary benefits available in some locations.
Time‐off including annual leave, parental/maternity (20 weeks), sabbatical (12 months maximum) and volunteering leave (3 days), along with minimum global standards for annual and public holiday, which is combined to 30 days minimum.
Flexible working options based around home and office locations, with flexible working patterns.
Proactive wellbeing support through Unmind, a market‐leading digital wellbeing platform, development courses for resilience and other human skills, global Employee Assistance Programme, sick leave, mental health first‐aiders and all sorts of self‐help toolkits.
A continuous learning culture to support your growth, with opportunities to reskill and upskill and access to physical, virtual and digital learning.
Being part of an inclusive and values driven organisation, one that embraces and celebrating our unique diversity, across our teams, business functions and geographies – everyone feels respected and can realise their full potential.
Recruitment Assessments
Some of our roles use assessments to help us understand how suitable you are for the role you’ve applied to. If you are invited to take an assessment, this is great news. It means your application has progressed to an important stage of our recruitment process.
#J-18808-Ljbffr