320 Cybersecurity Analyst jobs in Singapore

As a Cyber Threat (SOC) Analyst, you are required to use data collected from a variety of cyber defense tools such as intrusion detection system alerts, firewall and network traffic logs, and host system logs to analyse events that occur within the Company’s environment. You are also required to perform 24x7 monitoring on both internal and external sources to maintain current threat condition and determine which security issues may have an impact on the Company and provide accurate evaluation of the incident for escalation.

• Responsible for round-the-clock surveillance of the Company's information assets using various cyber defense tools to monitor internal and external sources.

• Provide timely detection, identification and alerts of possible attacks/intrusions, anomalous activities, and misuse activities, and distinguish these incidents and events from benign activities.

• Use cyber defense tools for continuous monitoring and analysis of system activities to identify malicious activity.

• Analyze and respond to threats, software, and hardware vulnerabilities.

• Develop scripts, fine-tuning SIEM rules and solutions to automate the triage and analysis process.

• Provide incident response (IR) support when required.

• Produce actionable cyber threat intel from various threat intelligence sources, both open and commercial sources.

• Actively hunt for indicators of compromise (IOCs) and threat actor groups and tactics, techniques, and procedures (TTPs) in the environment.

• Degree or Diploma in Computer Science, Computer Engineering, or Information Security related fields.

• At least 2 years of experience working in a Security Operation Centre (SOC) or Computer Emergency Response Team (CERT/CIRT).

• Strong ability to interpret the information collected by network tools (e.g., ping, traceroute, nslookup).

• Security certifications (e.g. GSEC, GCIH, GCIA, GCTI, GCFA, GCFE, GNFA) and scripting capabilities (i.e. Python, Bash or PowerShell) are a plus.

• Working experience with OWASP Top 10, CVSS, MITRE ATT&CK framework, Cyber Kill Chain and DevSecOps strongly preferred.

• Good knowledge of different types of network communication (e.g., Local Area Network, Wide Area Network, Metropolitan Area Network, Wireless Wide Area Network, Wireless local Area Network).

• Good knowledge of incident response and handling methodologies.

• Able to work 12-hours shift but shift patterns may change according to business needs.

(Job ID: )

What You'll Do

Detection Engineering

• Design and fine-tune high-fidelity detection rules across SIEMs (Splunk, Sentinel, Devo, QRadar) and EDR platforms.
• Build custom use cases based on MITRE ATT&CK and red team insights.
• Eliminate false positives, improve alert accuracy, and continuously optimize detection logic.
• Collaborate with red/purple teams to validate and evolve detection strategies.

Threat Hunting & Intelligence

• Proactively hunt for threats across hybrid environments using telemetry from SIEM, EDR, and NDR tools.
• Leverage threat intelligence and frameworks (MITRE, Diamond Model) to build and execute targeted hunting campaigns.
• Analyze and operationalize threat intel to inform detection rules and incident response.

Incident Response

• Lead end-to-end investigations—from triage to recovery—during security incidents.
• Conduct forensic analysis and produce detailed reports with root cause and mitigation plans.
• Develop playbooks, runbooks, and coordinate across teams and clients during major events.

Collaboration & Leadership

• Mentor junior analysts and contribute to process automation and SOP development.
• Engage with customers through regular reviews, briefings, and incident updates.
• Drive continuous improvement through lessons learned, threat trends, and feedback loops.

Requirements

• 8–10+ years in SOC/MSSP environments with deep SIEM (Splunk, QRadar, Sentinel, Devo) and EDR (CrowdStrike, Defender) expertise.
• Hands-on experience with SOAR platforms, malware analysis, scripting (shell, Python), and basic Unix/Linux troubleshooting.
• Strong grasp of threat detection, cyber TTPs, and frameworks like MITRE ATT&CK.
• Excellent communication skills and the ability to lead cross-functional collaboration.
• SANS certification (e.g., GCIH) strongly preferred.

Bonus Points For

• Experience with threat hunting, vulnerability assessments, or DFIR.
• Familiarity with cloud platforms (AWS, Azure, GCP) and network security tools.
• Exposure to threat intel platforms like MISP.

We regret that only shortlisted candidates will be notified. However, rest assured that all applications will be updated to our resume bank for future opportunities.

Please kindly refer to the Privacy Policy of Good Job Creations for your reference: Personnel Name: Ong Kang Quan Ryan

EA Personnel Registration Number: R

EA License No.: 07C5771

Overview
As a Cyber Threat (SOC) Analyst, you are required to use data collected from a variety of cyber defense tools such as intrusion detection system alerts, firewall and network traffic logs, and host system logs to analyse events that occur within the Company’s environment. You are also required to perform 24x7 monitoring on both internal and external sources to maintain current threat condition and determine which security issues may have an impact on the Company and provide accurate evaluation of the incident for escalation.
Responsibilities
Responsible for round-the-clock surveillance of the Company's information assets using various cyber defense tools to monitor internal and external sources.
Provide timely detection, identification and alerts of possible attacks/intrusions, anomalous activities, and misuse activities, and distinguish these incidents and events from benign activities.
Use cyber defense tools for continuous monitoring and analysis of system activities to identify malicious activity.
Analyze and respond to threats, software, and hardware vulnerabilities.
Develop scripts, fine-tuning SIEM rules and solutions to automate the triage and analysis process.
Provide incident response (IR) support when required.
Produce actionable cyber threat intel from various threat intelligence sources, both open and commercial sources.
Actively hunt for indicators of compromise (IOCs) and threat actor groups and tactics, techniques, and procedures (TTPs) in the environment.
Requirements
Degree or Diploma in Computer Science, Computer Engineering, or Information Security related fields.
At least 2 years of experience working in a Security Operation Centre (SOC) or Computer Emergency Response Team (CERT/CIRT).
Strong ability to interpret the information collected by network tools (e.g., ping, traceroute, nslookup).
Security certifications (e.g. GSEC, GCIH, GCIA, GCTI, GCFA, GCFE, GNFA) and scripting capabilities (i.e. Python, Bash or PowerShell) are a plus.
Working experience with OWASP Top 10, CVSS, MITRE ATT&CK framework, Cyber Kill Chain and DevSecOps strongly preferred.
Good knowledge of different types of network communication (e.g., Local Area Network, Wide Area Network, Metropolitan Area Network, Wireless Wide Area Network, Wireless local Area Network).
Good knowledge of incident response and handling methodologies.
Able to work 12-hours shift but shift patterns may change according to business needs.
#J-18808-Ljbffr

Professional Officer (All Levels) (Cybersecurity Analyst) – Singapore Institute of Technology

Join to apply for the Professional Officer (All Levels) (Cybersecurity Analyst) role at Singapore Institute of Technology .

Job Description

Job Description

Posting Start Date: 21/08/2025

Schemes of Service: Professional Officers

Division: Professional Officers

Employment Type: Fixed Term

The Professional Officers Division (POD) houses a centralized pool of academic staff under the Professional Officers scheme. Professional Officers come with specialised and deep technical skills acquired through extensive industry experience. They form the talent pool which brings a much-needed industry perspective to student learning. They facilitate applied learning and applied research in SIT, complementing the academic expertise of the faculty to bring industry practices and applications into the curriculum.

Professional Officers leverage on their industry experiences to create authentic learning environments, where discovery and innovation take place. They act as coaches and mentors to students during practical learning activities such as laboratory sessions, Capstone Projects and the Integrated Work Study Programme (IWSP). Professional Officers could also lead or work with faculty on industry innovation projects to provide solutions to the industry.

In addition to their role in applied learning and applied research, Professional Officers manage the centralised laboratory facilities and resources in SIT. With Technical Officers, laboratory safety professionals, and administrators in POD, they jointly develop central policies and processes for the safe and seamless operation of laboratories in SIT.

• Design and teach labs & practice modules.
• Mentor students in Capstone Projects and the Integrated Work Study Programme (IWSP).
• Lead or co-lead innovation projects with industry.
• Manage labs and equipment to support academic programmes and applied research.
• Ensure safety in labs.

• Education & Certifications:
  • Bachelor’s or Master’s Degree in Cybersecurity, Information Security, or related fields from a recognized University.
  • Industry certifications like OSCP, CISSP, or CEH are a plus.
• Experience:
  • At least 5+ years of experience in security analyst, preferably with exposure to cybersecurity applications.
  • Proven experience as a Certified Security Analyst or in a related role, with a strong understanding of industry best practices, cybersecurity frameworks, IoT Security, OT Security, and Mobile Security.
  • Strong understanding of cryptography, including symmetric and asymmetric cryptographic primitives, protocols, and PQC.
  • Experience with adversarial machine learning techniques and defenses.
  • Clear understanding of information security principles and the cyber technology landscape.
  • Ability to develop and enforce security policies, conduct security awareness training, and stay updated on emerging cyber threats and hacker methodologies.
  • Experience in developing and enhancing frameworks or standard operating procedures (SOPs) for handling cybersecurity incidents in different industries.
• Soft Skills & Mindset:
  • Passionate about cybersecurity, technically hands-on, willing to learn, and curious about the inner workings of Enterprise/OT/Telecommunications technologies and exploiting their vulnerabilities.
  • Strong interest in supporting research and academic projects, with the ability to adopt and manage new security technologies.
  • Willingness to pursue professional certifications in cybersecurity governance, such as CISSP, OSCP, CSSP (Industry certifications are an added advantage).
  • Actively participate in cybersecurity-related projects or organizations, such as CSIRT (Computer Security Incident Response Team), ISACA, or ISC2.

Note: The original document contained additional sections and headings that were not directly relevant to the core responsibilities and qualifications. This refinement retains the essential information about the role and responsibilities.

The IT Compliance & Risk unit within SeaMoney is responsible for managing the Information Technology and Cyber Security risk profiles, including risk identification, management and mitigation across the group (including overseas countries).

• Establish and oversee the implementation of cyber security and information technology risk policies, technology and tools, and governance processes to create solutions for minimizing losses from cyber security issues, failed internal processes, inadequate controls, emerging risks and regulatory breaches
• Support security and technology compliance to internal policies, processes, and controls, as well as compliance to external regulations while proactively evaluating existing control environment for enhancement opportunities
• Work effectively with business, operations, engineering, security and infrastructure teams on evaluating, recommending, delivering and managing security/ IT solutions across Cyber and IT domains
• Manage audit/ regulatory reviews including coordination, communications, and required actions with internal auditors, external auditors, regulators and internal stakeholders as appropriate

• Bachelor's degree or above in computer science, technology, finance, accountancy or related disciplines
• Strong interest / experience in the following technology categories:
  • Information Security
  • Infrastructure Security
  • Application and Data Security
  • CI/CD, containerisation security
• Possess solid understanding on banking-related applications and technologies in terms of products and supporting services, system and business operation procedures, risk management, regulatory compliance, etc.
• Knowledge of information security standards (ISO 27001, PCI, NIST, CIS). For IT Risk applicants, knowledge and expertise of industry Information Security Standards and relevant certifications (CISA, CISSP or equivalent); IT audit background is a plus
• Strong communication skills with English and Mandarin proficiency
• Self-driven, positive attitude and team player striving for team success; resourceful and able to adapt in a dynamic environment

• Associate

• Full-time

• Information Technology and Accounting/Auditing

• IT Services and IT Consulting and Technology
• Information and Internet

IT Compliance & Cybersecurity Analyst - Financial Service
Overview
The IT Compliance & Risk unit within SeaMoney is responsible for managing the Information Technology and Cyber Security risk profiles, including risk identification, management and mitigation across the group (including overseas countries).
Job Description
Establish and oversee the implementation of cyber security and information technology risk policies, technology and tools, and governance processes to create solutions for minimizing losses from cyber security issues, failed internal processes, inadequate controls, emerging risks and regulatory breaches
Support security and technology compliance to internal policies, processes, and controls, as well as compliance to external regulations while proactively evaluating existing control environment for enhancement opportunities
Work effectively with business, operations, engineering, security and infrastructure teams on evaluating, recommending, delivering and managing security/ IT solutions across Cyber and IT domains
Manage audit/ regulatory reviews including coordination, communications, and required actions with internal auditors, external auditors, regulators and internal stakeholders as appropriate
Requirements
Bachelor's degree or above in computer science, technology, finance, accountancy or related disciplines
Strong interest / experience in the following technology categories:
Information Security
Infrastructure Security
Application and Data Security
CI/CD, containerisation security
Possess solid understanding on banking-related applications and technologies in terms of products and supporting services, system and business operation procedures, risk management, regulatory compliance, etc.
Knowledge of information security standards (ISO 27001, PCI, NIST, CIS). For IT Risk applicants, knowledge and expertise of industry Information Security Standards and relevant certifications (CISA, CISSP or equivalent); IT audit background is a plus
Strong communication skills with English and Mandarin proficiency
Self-driven, positive attitude and team player striving for team success; resourceful and able to adapt in a dynamic environment
Seniority level
Associate
Employment type
Full-time
Job function
Information Technology and Accounting/Auditing
Industries
IT Services and IT Consulting and Technology
Information and Internet
#J-18808-Ljbffr

Penetration Test & Vulnerability Assessment Specialist
GovTech is the lead agency driving Singapore’s Smart Nation initiatives and public sector digital transformation. As the Centre of Excellence for Infocomm Technology and Smart Systems (ICT & SS), GovTech develops the Singapore Government’s capabilities in Data Science & Artificial Intelligence, Application Development, Smart City Technology, Digital Infrastructure, and Cybersecurity.
At GovTech, we offer you a purposeful career to make lives better where we empower our people to master their craft through robust learning and development opportunities all year round.
Play a part in Singapore’s vision to build a Smart Nation and embark on your meaningful journey to build tech for public good. Join us to advance our mission and shape your future with us today!
Learn more about GovTech at tech.gov.sg.
What you will be working on
Do you want to play a critical role in securing our smart nation initiatives by uncovering weaknesses in various domains of cybersecurity programs even before the real threat actors come to play? And are you up to race against the real threat actors before organisations are compromised?
We are seeking a cybersecurity specialist in penetration testing & vulnerability assessment to join our Cyber Security Group’s Red Team. You will be part of the team that helps to protect our government’s assets from cyber-attacks. In addition, you will also have the opportunities to be involved in assessing the cybersecurity aspects of new developments in our smart nation initiatives, and demonstrate ability to quickly assimilate to knowledge in new technologies. As part of this team, you will perform penetration testing and vulnerability assessment that span across infrastructure, web application, mobile application, source code security review, etc. This role will also involve you in carrying targeted Adversary Simulations.
What you will be working on
Conduct Penetration Testing (PT), Vulnerability Assessment (VA) and Source code security review on IT assets
Support in the documentation of findings, analysis, report preparation and presentation
Develop customised tools to conduct PT and VA
Support stakeholders such as security engineers and developers in providing guidance to remediate security risks from security testing and assessments
Support stakeholders such as security engineers and developers in providing guidance in design and security controls in application, infrastructure, network, etc.
Develop Application Security related awareness programme/training/courses to uplift application security capabilities and competencies of GovTech officers
Familiar with security principles, policies and industry best practices
What we are looking for
Degree in Information Security, Computer Science/Engineering, IT, or equivalent
Passionate in cybersecurity
Good understanding of web application, system and infrastructure architecture
Good communication & presentation skills
Collaborative and team player, self-motivated, creative and versatile
Added advantage if you possess the following:
Penetration testing-specific certifications such as GPEN, CREST, OSCP is an advantage
At least 1-year hands-on experience performing PT/VA
Familiar with scripting language, for example, Perl, Python, VBscript, Javascript or Powershell, Ruby
Public disclosure of vulnerabilities or relevant awards/participations from Capture-The-Flags (CTF) competitions
Experience using tools such as Nexpose/Nessus, BurpSuite, Metasploit, etc.
Experience in security risk assessments on application, infrastructure, network, etc.
GovTech is an equal opportunity employer committed to fostering an inclusive workplace that values diverse voices and perspectives, as we believe that diversity is the foundation to innovation.
Our employee benefits are based on a total rewards approach, offering a holistic and market-competitive suite of perks. These include leave benefits to meet your work-life needs and employee wellness programmes.
We champion flexible work arrangements (subject to your job role) and trust that you will manage your own time to deliver your best, wherever you are, and whatever works best for you.
Learn more about life inside GovTech at go.gov.sg/GovTechCareers.
Stay connected with us on social media at go.gov.sg/ConnectWithGovTech.
Seniority level: Mid-Senior level
Employment type: Full-time
Job function: Quality Assurance
Industries: IT Services and IT Consulting
Note: This description preserves the original job content while presenting it in a clean, accessible format.
#J-18808-Ljbffr

• Analyst would be part of 24x7 Cyber Security Operations function to perform security monitoring and incident response, data loss prevention, vulnerability management, threat intelligence and threat hunting.
• Perform monitoring, research, assessment and analysis on alerts from SIEM tools.
• Follow pre-defined actions to investigate possible security incidents or perform incident response actions, including escalating to other support groups.
• Maintains standard operating procedures (SOP), processes and guidelines.
• Ensure proper functioning of systems in the Security Operations Centre.
• Send out emails to L2 and other groups and follow up accordingly.

• - Strong analytical and problem-solving skills, with the ability to quickly identify and resolve security issues.
• - Proven ability to work in a fast-paced environment, prioritize tasks, and meet deadlines.
• - Ability to work in a team and each individual's contribution is crucial to the team's objectives.
• - This is a 24/7 operational work. Able to commit to 12-hour shifts, weekends and public holidays.
• - Excellent communication and interpersonal skills, with the ability to effectively collaborate with cross-functional teams and convey complex security concepts to non-technical stakeholders.
• - Proven ability to work in a fast-paced environment, prioritize tasks, and meet deadlines.

Job Title: Cybersecurity Threat Analyst

We are seeking a skilled Cybersecurity Threat Analyst to join our team. As a key member of our cybersecurity operations center, you will be responsible for monitoring and analyzing security events, identifying potential threats, conducting investigations, and responding to security incidents.

You will work closely with our end-client SOC team to ensure the timely and effective detection, containment, and mitigation of security incidents. This is a full-time on-site role located in Singapore.

• Monitoring and analyzing security events, identifying potential threats, conducting investigations, and responding to security incidents.
• Work closely with the end client SOC team to ensure the timely and effective detection, containment, and mitigation of security incidents.
• Support security developments (such as evolving threats, new or enhanced security controls or changes to the technical infrastructure).
• Ensure that all Infrastructure related procedures, operation guide, architecture diagram, hardening baselines, security metrics, etc documents shall be reviewed annually or updated whenever there are changes within a month.
• Be responsible for strengthening Customer's cyber security posture against cyber threats through vulnerability management, incident response and analysis, threat hunting and security operations.
• Manage Customer's Cyber security operation and manage the reporting and handling of cyber security incidents.
• Perform Vulnerability Management leveraging on MVMS.
• Perform daily checks on the Endpoint Detection Response/Database Activity Monitoring dashboard for any abnormalities.
• On boarding of subscribed servers and infrastructure devices to MVMS.
• Provide supporting documents for audits.
• Perform Monthly Vulnerability Assessment, Quarterly Vulnerability Assessment for servers and network equipment.
• Work with application and infrastructure team to ensure compliance and regulatory requirements and industry standards.

Requirements:

• Diploma/degree in computer studies
• 2 years of experience working in a security operation, incident response, vulnerability management or related field.
• Demonstrated experience in network security, server security, endpoint security, web security etc.
• Strong knowledge of security principles, technologies, and industry best practices.
• Experience with log analysis, malware analysis, and network traffic analysis.
• Excellent analytical and problem-solving skills, with the ability to quickly identify and respond to security incidents, analyze complex security issues and develop effective solutions.
• Hands-on experience in security appliances such as IBM Guardium, MMVS, Carbon Black, Cyber Ark is a definite advantage.
• Experience in IT security/support operations with willingness to learn above mentioned tools are encouraged to apply. Experienced candidates will be considered for team lead role.
• Independent and capable of working in a high-pressure environment.
• Willing to work in rotational shift environment (including weekends and night shift).

Tell Employers What Skills You Have:

• Information Security
• Security Operations
• Dashboard
• Traffic Analysis
• Vulnerability Management
• Cyber Security
• Compliance
• Audits
• Web Security
• Hardening
• Team Lead
• Regulatory Requirements
• Vulnerability Assessment
• Network Security
• CISSP
• Malware Analysis