206 Dfir Analyst jobs in Singapore

Join to apply for the Digital Forensics & Incident Response (DFIR) Analyst role at OCBC .

We are seeking a skilled and motivated individual to join our cybersecurity team as a Digital Forensics & Incident Response (DFIR) analyst. In this role, you will be responsible for conducting digital forensic investigations, managing, and responding to security incidents. You will play a critical role in identifying, containing, and remediating security incidents.

• Respond promptly to security incidents or escalated alerts, analyze incident data, and provide timely updates of findings, root causes, and recommended remediation measures.
• Collect, preserve, and analyze digital evidence using industry-standard tools and techniques to identify source, scope, and impact of incidents.
• Collaborate with cross-functional teams to develop incident response plans, including containment and remediation strategies.
• Develop and maintain incident response playbooks to ensure effective and consistent response to security incidents.
• Develop and manage current knowledge of tools and best practices in breach investigation and forensics.
• Support proactive threat hunting activities to uncover security threats, vulnerabilities, or gaps within the environment.
• Stay updated with the latest trends and techniques in digital forensics, incident response, and threat hunting, and actively share knowledge within the team.
• Develop forensic and investigative reports.

• 5 or more years of experience in Digital Forensics, Incident Response (DFIR), Threat Hunting, or related fields.
• Strong knowledge of digital forensics principles, tools, and methodologies.
• Familiarity with incident response frameworks.
• Familiarity with threat hunting techniques, tools, and methodologies.
• Strong analytical and problem-solving skills with the ability to think critically and adapt to rapidly evolving situations.
• Certifications such as GIAC Certified Incident Handler (GCIH), GIAC Certified Intrusion Analyst (GCIA), GIAC Certified Forensics Analyst (GCFA), GIAC Certified Network Forensics Analyst (GNFA), or equivalent are preferred.

Join a team committed to safeguarding customer assets and data, leveraging technology and creativity to become a future-ready learning organization. We offer competitive salaries, flexible benefits, professional development opportunities, and a vibrant career environment.

Digital Forensics & Incident Response (DFIR) Analyst

Join to apply for the Digital Forensics & Incident Response (DFIR) Analyst role at OCBC .

We are seeking a skilled and motivated individual to join our cybersecurity team as a Digital Forensics & Incident Response (DFIR) analyst. In this role, you will be responsible for conducting digital forensic investigations, managing, and responding to security incidents. You will play a critical role in identifying, containing, and remediating security incidents.

Responsibilities

• Respond promptly to security incidents or escalated alerts, analyze incident data, and provide timely updates of findings, root causes, and recommended remediation measures.
• Collect, preserve, and analyze digital evidence using industry-standard tools and techniques to identify source, scope, and impact of incidents.
• Collaborate with cross-functional teams to develop incident response plans, including containment and remediation strategies.
• Develop and maintain incident response playbooks to ensure effective and consistent response to security incidents.
• Develop and manage current knowledge of tools and best practices in breach investigation and forensics.
• Support proactive threat hunting activities to uncover security threats, vulnerabilities, or gaps within the environment.
• Stay updated with the latest trends and techniques in digital forensics, incident response, and threat hunting, and actively share knowledge within the team.
• Develop forensic and investigative reports.

Requirements

• 5 or more years of experience in Digital Forensics, Incident Response (DFIR), Threat Hunting, or related fields.
• Strong knowledge of digital forensics principles, tools, and methodologies.
• Familiarity with incident response frameworks.
• Familiarity with threat hunting techniques, tools, and methodologies.
• Strong analytical and problem-solving skills with the ability to think critically and adapt to rapidly evolving situations.
• Certifications such as GIAC Certified Incident Handler (GCIH), GIAC Certified Intrusion Analyst (GCIA), GIAC Certified Forensics Analyst (GCFA), GIAC Certified Network Forensics Analyst (GNFA), or equivalent are preferred.

Join a team committed to safeguarding customer assets and data, leveraging technology and creativity to become a future-ready learning organization. We offer competitive salaries, flexible benefits, professional development opportunities, and a vibrant career environment.

Select how often (in days) to receive an alert:

NCS is a leading technology services firm that operates across the Asia Pacific region in over 20 cities, providing consulting, digital services, technology solutions, and more. We believe in harnessing the power of technology to achieve extraordinary things, creating lasting value and impact for our communities, partners, and people. Our diverse workforce of 13,000 has delivered large-scale, mission-critical, and multi-platform projects for governments and enterprises in Singapore and the APAC region.

As a Security Analyst, this incumbent will perform initial analysis (e.g. analysing and reviewing alerts, eliminating false positives and determining severity of threats) to determine impact of compromise

What will you do?

• Perform initial analysis (e.g. analysing and reviewing alerts, eliminating false positives and determining severity of threats) to determine impact of compromise
• Conduct basic investigations of security events, including malware infections and unauthorized access attempts.
• Determine the nature, mechanisms and scope of incident by performing event correlation and historical searches to determine the extent of a security compromise
• Escalate complex or highly suspicious alerts for further investigation and response.
• Record details of all activities, including investigations performed, findings and remediation steps taken.
• Collects data, evidence, and context necessary for further escalation.
• Perform event correlation across the In-Scope Institutions to identify similar attack pattern and spread of attack.
• Handling case management, generating tickets and reports when required, and tracking open tickets until closure

The ideal candidate should possess:

• Bachelor’s degree in Information Technology, Cybersecurity, Computer Science, or related field.
• Able to commit to permanent night shifts
• Team player and able to work independently.
• Experience in analysing data and review alerts

We are driven by our AEIOU beliefs—Adventure, Excellence, Integrity, Ownership, and Unity —and we seek individuals who embody these values in both their professional and personal lives. We are committed to our Impact: Valuing our clients, Growing our people, and Creating our future .

Together, we make the extraordinary happen .

Learn more about us at ncs.co and visit our LinkedIn career site.

Security Analyst (Night Shift only) to perform initial analysis (e.g. analyzing and reviewing alerts, eliminating false positives and determining severity of threats) to determine impact of compromise

L1 - Security Analyst (Night Shift)

Responsibilities

• Perform initial analysis (e.g. analyzing and reviewing alerts, eliminating false positives and determining severity of threats) to determine impact of compromise.
• Conduct basic investigations of security events, including malware infections and unauthorized access attempts.
• Determine the nature, mechanisms and scope of incident by performing event correlation and historical searches to determine the extent of a security compromise.
• Escalate complex or highly suspicious alerts for further investigation and response.
• Record details of all activities, including investigations performed, findings and remediation steps taken.
• Collects data, evidence, and context necessary for further escalation.
• Perform event correlation across the In-Scope Institutions to identify similar attack pattern and spread of attack.
• Handling case management, generating tickets and reports when required, and tracking open tickets until closure.

Requirement

• IT or security-related educational background is required).
• Understanding of networking, system administration, and security concepts.
• Familiarity with security frameworks and standards (NIST, ISO 27001, CIS Controls, etc.).
• Experience with security tools such as SIEMs, endpoint protection, vulnerability scanners.

Select how often (in days) to receive an alert:
NCS is a leading technology services firm that operates across the Asia Pacific region in over 20 cities, providing consulting, digital services, technology solutions, and more. We believe in harnessing the power of technology to achieve extraordinary things, creating lasting value and impact for our communities, partners, and people. Our diverse workforce of 13,000 has delivered large-scale, mission-critical, and multi-platform projects for governments and enterprises in Singapore and the APAC region.
As a Security Analyst, this incumbent will perform initial analysis (e.g. analysing and reviewing alerts, eliminating false positives and determining severity of threats) to determine impact of compromise
What will you do?
Perform initial analysis (e.g. analysing and reviewing alerts, eliminating false positives and determining severity of threats) to determine impact of compromise
Conduct basic investigations of security events, including malware infections and unauthorized access attempts.
Determine the nature, mechanisms and scope of incident by performing event correlation and historical searches to determine the extent of a security compromise
Escalate complex or highly suspicious alerts for further investigation and response.
Record details of all activities, including investigations performed, findings and remediation steps taken.
Collects data, evidence, and context necessary for further escalation.
Perform event correlation across the In-Scope Institutions to identify similar attack pattern and spread of attack.
Handling case management, generating tickets and reports when required, and tracking open tickets until closure
The ideal candidate should possess:
Bachelor’s degree in Information Technology, Cybersecurity, Computer Science, or related field.
Able to commit to permanent night shifts
Team player and able to work independently.
Experience in analysing data and review alerts
We are driven by our
AEIOU beliefs—Adventure, Excellence, Integrity, Ownership, and Unity —and we seek individuals who embody these values in both their professional and personal lives. We are
committed to our Impact: Valuing our clients, Growing our people, and Creating our future .
Together, we
make the extraordinary happen .
Learn more about us at ncs.co and visit our LinkedIn career site.
#J-18808-Ljbffr

1 day ago Be among the first 25 applicants

• Responsible to ensure accurate and rapid response to security events
• Analyze security logs, SIEM alerts, and incident reports to identify and mitigate risks.
• Respond to and investigate security incidents, including breaches, malware outbreaks, and phishing attacks. Monitor networks and systems for security breaches, alerts, and anomalous activity.
• Conduct root-cause analysis to prevent future incidents and develop incident response procedures.
• Provide analysis and trending of security log data from various security devices
• Configure and maintain SIEM tools to align with the organization’s security objectives and threat landscape.
• Create custom SIEM dashboards and reports for different stakeholders to visualize critical security metrics and incident data.
• Develop and optimize SIEM content, including rules, alerts, and correlation logic, to improve threat detection and response.
• Regularly review and tune SIEM rules to reduce false positives, enhance event correlation, and maintain relevance to evolving threats.
• Document and update SIEM processes and configurations, ensuring a high level of data accuracy and availability.
• Perform regular vulnerability scans and assist in patch management processes. Work with IT teams to prioritize and remediate them.
• Recommend solutions to mitigate risks in any activity that may potentially impact security of existing IT and inform management
• Ensure compliance with industry regulations (e.g. GDPR, ISO 27001) and company policies.
• Assist in the development, implementation, and maintenance of security policies, standards, and guidelines.
• Assist in training staff on security best practices, including phishing awareness and data protection.
• Help develop educational materials and conduct periodic security awareness training.
• Advise and consult internal/ external customers on risk assessment, threat modelling and vulnerability management.
• Perform risk assessments and recommend security measures to mitigate potential risks.
  
  

• 12 months contract
• Work location: Bendemeer
  
  

• Responsible to ensure accurate and rapid response to security events
• Analyze security logs, SIEM alerts, and incident reports to identify and mitigate risks.
• Respond to and investigate security incidents, including breaches, malware outbreaks, and phishing attacks. Monitor networks and systems for security breaches, alerts, and anomalous activity.
• Conduct root-cause analysis to prevent future incidents and develop incident response procedures.
• Provide analysis and trending of security log data from various security devices
• Configure and maintain SIEM tools to align with the organization’s security objectives and threat landscape.
• Create custom SIEM dashboards and reports for different stakeholders to visualize critical security metrics and incident data.
• Develop and optimize SIEM content, including rules, alerts, and correlation logic, to improve threat detection and response.
• Regularly review and tune SIEM rules to reduce false positives, enhance event correlation, and maintain relevance to evolving threats.
• Document and update SIEM processes and configurations, ensuring a high level of data accuracy and availability.
• Perform regular vulnerability scans and assist in patch management processes. Work with IT teams to prioritize and remediate them.
• Recommend solutions to mitigate risks in any activity that may potentially impact security of existing IT and inform management
• Ensure compliance with industry regulations (e.g. GDPR, ISO 27001) and company policies.
• Assist in the development, implementation, and maintenance of security policies, standards, and guidelines.
• Assist in training staff on security best practices, including phishing awareness and data protection.
• Help develop educational materials and conduct periodic security awareness training.
• Advise and consult internal/ external customers on risk assessment, threat modelling and vulnerability management.
• Perform risk assessments and recommend security measures to mitigate potential risks.
  
  

• Bachelor Degree or Advanced Diploma in Computer Science, Information Technology, Cybersecurity from a recognized university or related field (or equivalent experience)
• At least 1-3 years in a cybersecurity role, with hands-on experience in SIEM content management, network security, threat monitoring, or incident response.
• Strong knowledge of cybersecurity principles, practices, and technologies.
• Expertise in SIEM tools and content management, including rule creation, alert tuning, and report customization.
• Proficiency with security tools like firewalls, IDPS, antivirus, and vulnerability scanners.
• Knowledge of scripting (Python, PowerShell) for automation within the SIEM environment is a plus.
• Ability to analyze and interpret security data to identify vulnerabilities and potential threats.
• Excellent communication skills, with the ability to explain complex security concepts to non-technical stakeholders.
• Strong analytical skills and attention to detail.
• Experience in the application of threat modelling or other risk identification techniques
• Detailed knowledge of system security vulnerabilities and remediation techniques, including penetration testing and the development of exploits
• Breadth of knowledge in information security space with emphasis on TCP/IP network security, operating system security, common attack patterns and exploitation techniques
• Relevant certifications (e.g., CompTIA Security+, Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), GIAC Security Essentials (GSEC)) are a plus
• Effective leadership skills and a team player
• Strong sense of ownership and drive
• Ability to work on-call or off-hours as needed to respond to security incidents.
• May require occasional travel for training or workshop.
  
  

• Seniority level Entry level

• Employment type Contract

• Job function Information Technology
• Industries Staffing and Recruiting

Referrals increase your chances of interviewing at Peoplebank by 2x

Toa Payoh, Central Singapore Community Development Council, Singapore 23 hours ago

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

IT Security Officer

Avensys is a reputable global IT professional services company headquartered in Singapore. Our services include enterprise solution consulting, business intelligence, business process automation, and managed services. With over a decade of success, we are among the top trusted providers in Singapore, serving clients across banking and financial services, insurance, information technology, healthcare, retail, and supply chain.

We are currently hiring an IT Security Officer . This is an exciting opportunity to expand your skills, achieve job satisfaction, and maintain work-life balance. Details are as follows:

Job Type: Long Term Contract

The IT Security Officer should have at least one (1) year of relevant experience and will be responsible for:

• Providing expertise, oversight, and reporting on security and compliance matters within the scope of engagement;
• Investigating, managing, and responding to security incidents;
• Monitoring GITSir Alerts and GCSOC;
• Overseeing vulnerability assessments, audit log activities, baseline compliance, and privilege user account management;
• Conducting yearly security awareness training for internal teams and agencies;
• Validating RFI items and sharing findings with teams during audits;
• Updating and enforcing account security policies, procedures, standards, and guidelines, ensuring compliance among FM and subcontractor personnel;
• Managing security services provided by FM and third parties;
• Reporting security risks and issues to ITSM, covering threat, vulnerability, compliance, and incident management, based on operational reports such as:
• VMS (Nessus) reports
• Monthly security log reviews
• Security reporting services
• Quarterly privilege access reviews
• Monthly Imperva DAM and Carbon Black reports
• Antivirus reports
• Patch and asset management scorecards
• Account reviews and asset inventory reports
• Reporting to the MOH IFC Security team for BAU security functions and issues.

Interested candidates can submit their CVs via email to or apply online.

Consultant Details

Name: Khalid Farooq

Company: Avensys Consulting Pte Ltd

EA License: 12C5759

Privacy Statement: Data collected will be used solely for recruitment purposes and in accordance with data protection laws and our privacy policy.

We are seeking a proactive Cyber Security Analyst to support our ongoing Data Loss Prevention modernization initiative, with a particular focus on advanced capabilities enabled by Microsoft Purview. This role is critical in enhancing our data protection posture through automated classification, labeling, and policy enforcement. This is a 12-month engagement.

• Participate in the implementation and optimization of automated sensitivity labeling across enterprise data assets
• Develop and manage trainable classifiers to improve detection accuracy and reduce false positives
• Configure and maintain manual and auto-application of labels to support regulatory and business requirements
• Collaborate with cross-functional teams to align DLP policies with data governance and compliance objectives
• Monitor and fine-tune DLP rules and workflows to ensure effective coverage and minimal disruption
• Provide technical expertise during the migration and integration of DLP capabilities into Microsoft Purview

• Proven experience in DLP engineering, preferably within enterprise environments
• Hands-on expertise with Microsoft Purview or similar data protection platforms
• Strong understanding of data classification, labeling frameworks, and policy enforcement mechanisms
• Familiarity with regulatory requirements related to data protection (e.g., GDPR, PDPA)
• Excellent problem-solving skills and ability to work independently and collaboratively

We are seeking a skilled Cybersecurity Maintenance Specialist to join our team.

Key Responsibilities:

• Monitor and maintain security tools, firewalls, antivirus software, and IDS/IPS.

• Assist in identifying and responding to security incidents.

• Liaise with technology vendors for escalations.

• Conduct vulnerability assessments and patch management.

• Support security audits and ensure compliance with best practices.

• Collaborate with IT teams to implement security measures.

• Maintain documentation on security procedures and incidents.

• Conduct Proof of Concept for new security solutions.

Skills:

• Diploma/Degree in IT, Computer Science, Engineering, or equivalent.

• 2 – 3 years of experience in cybersecurity maintenance or IT security operations.

• Strong analytical skills and attention to detail.

• Ability to manage multiple tasks independently.

• Excellent written and verbal communication skills.

• Team-oriented with a customer service mindset.

• Experience in cybersecurity domains (e.g., Endpoint Protection, Network Security, IAM).

• Certifications like CompTIA Security+ or CISSP are a plus.

By sending us your personal data and curriculum vitae (CV), you are deemed to consent to Morgan Mckinley Pte Ltd and its affiliates to collect, use and disclose your personal data for the purposes set out in the Privacy Policy available at You acknowledge that you have read, understood, and agree with the Privacy Policy.


Morgan McKinley Pte Ltd
Koh Boon Sien
EA Licence No: 11C5502
EA Registration No. R1110345