78 Security Analysis jobs in Singapore
Manager (Penetration Test & Vulnerability Assessment)
Posted today
Job Viewed
Job Description
MINDEF
Permanent
Closing on 21 Sep 2025
What the role is
You will play a pivotal role in safeguarding Singapore's defence and security interests by conducting comprehensive Penetration Testing (PT), Vulnerability Assessments (VA), and Source Code Security Reviews on IT assets, including infrastructure, web applications, and military applications.
What you will be working on
- Conduct comprehensive Penetration Testing (PT), Vulnerability Assessments (VA), and Source Code Security Reviews on IT assets, including infrastructure, web applications, and military applications
- Develop tailored security assessment tools and scripts to enhance testing capabilities and address evolving threat vectors
- Document findings, conduct analysis, and prepare detailed technical reports, including executive summaries for various stakeholders
- Collaborate with security engineers, developers, and other stakeholders to provide actionable guidance on remediating identified security risks and vulnerabilities
- Provide expertise in the design and implementation of security controls across applications, infrastructure, and network systems
- Develop and deliver specialised training and awareness programs to elevate the cybersecurity capabilities of the SAF personnel, with opportunities for growth in leadership and knowledge-sharing in the military cybersecurity context
- Maintain up-to-date knowledge of emerging threats, security best practices, and industry-standard frameworks
Challenge(s) - Maintaining consistent quality under time pressure
- Quickly learning and troubleshooting various tools and platforms
What we are looking for
- Education in Information Security, Computer Science, IT or a related field
- Industry-recognised certifications such as CREST CRT, GPEN, or OSCP
- At least 1 year of hands-on experience in conducting PT and VA, with a strong preference for experience in military or government-focused penetration testing
- Experience conducting security assessments on application infrastructure, networks, and cloud-based systems
- Strong understanding of web application, infrastructure, and network security architecture
- Excellent communication and presentation skills, with a focus on conveying complex security findings to both technical and non-technical stakeholders
- Ability to work independently and collaboratively within cross-functional teams
- Highly analytical, self-driven, and committed to continuous learning and skill enhancement
- Proficiency in scripting languages, such as Python, PowerShell, JavaScript, VBScript, Ruby, or Perl
- Track record of identifying and disclosing vulnerabilities or recognition in Capture-The-Flag (CTF) competitions
- Proficiency with tools such as BurpSuite, Metasploit, Nexpose, Nessus, and other industry-standard penetration testing and vulnerability assessment tools
Appointment will be commensurate with your experience.
Only shortlisted candidates will be notified.
About MINDEF
The mission of MINDEF and the Singapore Armed Forces is to enhance Singapore's peace and security through deterrence and diplomacy, and should these fail, to secure a swift and decisive victory over the aggressor.
The Defence Executive Officer (DXO) scheme is the non-uniformed career scheme of MINDEF that offers myriad opportunities in various job functions, such as corporate communications, cyber security, data analytics and visualisation, defence policy, finance, HR, psychology, and more. Embodying the same level of commitment towards defence, DXOs work together with their military counterparts to contribute to MINDEF/SAF's mission and ensure Singapore's security and stability. United by this common cause, our lines of defence complement each other to secure the prosperity and progress of our nation.
About your application process
This job is closing on 21 Sep 2025.
If you do not hear from us within 4 weeks of the job ad closing date, we seek your understanding that it is likely that we are not moving forward with your application for this role. We thank you for your interest and would like to assure you that this does not affect your other job applications with the Public Service. We encourage you to explore and for other roles within MINDEF or the wider Public Service.
Mobile Threat Analysis Specialist
Posted today
Job Viewed
Job Description
We are seeking a skilled Android Reverse Engineer to join our team of experts in the field of mobile threat analysis.
The ideal candidate will have hands-on experience with reverse engineering code, preferably of malicious applications, and be able to read, comprehend and analyze source code. Additionally, they should have experience with Java or Kotlin, as well as exposure to JavaScript, Flutter, and/or other mobile software languages.
Responsibilities include:
- Deep dive analysis of Android applications to understand their codebase, architecture, and functionality
- Employing reverse engineering techniques to extract information from android applications
- Identifying user and device risk, data leakage, and malicious code execution within Android apps
- Conducting security assessments of Android applications to identify potential risks
- Reviewing apps and providing the latest malware trends
- Collaborating with security researchers, developers, and other stakeholders to share findings, provide recommendations, and contribute to the development of secure software
- Staying updated on the latest Android security threats, vulnerabilities, and reverse engineering techniques
Requirements include:
- Hands-on experience with analyzing or reverse engineering code, preferably of malicious applications
- Ability to read, comprehend and analyze source code
- Experience with Java or Kotlin
- Exposure to JavaScript, Flutter, and/or other mobile software languages
- Query languages such as SQL
Additional requirements include:
- Understanding of Android Fundamentals such as Android activity lifecycles, common Android API usage, AOSP, and how an android application is created
- Java and/or Kotlin Programming Language
- Fundamentals of Network traffic security
If you are passionate about staying up-to-date with the latest developments in the field of mobile threat analysis, we encourage you to apply for this exciting opportunity.
Cybersecurity Analyst
Posted today
Job Viewed
Job Description
The scope includes the following:
- Maintain and administer security toolsets (such as IAM, DAM, and Key Management), ensuring the tools are functioning according to the security management plan.
- Respond and perform triaging of security alerts generated from the security toolsets in a timely manner according to SLA.
- Perform security scanning and testing by using the Vulnerability Assessment tools.
- Reporting and tracking vulnerabilities and risks, and ensuring timely patching is completed to comply with the stipulated resolution time.
- Assess the applicability of newly published security vulnerabilities to components used within the environment, track and report the status until they are closed.
- Co-develop process documents and participate in initiatives to fine-tune and streamline security operations.
- Skills:
- 1-3 years hands-on experience of using common security tools like IAM (eg.IBM ISAM), DAM (eg. IBM Guardium) and Vulnerability Assessment tool (eg. Tenable Nessus)
- Security certifications and AWS Cloud certified is preferable but not a must.
- Proficient in security control principles including SOD.
- Good attitude and passionate with discovery of security gaps and actively participate in problem-solving process.
Cybersecurity Analyst
Posted today
Job Viewed
Job Description
A Cybersecurity Analyst works in a team to monitor and protect an organisation from security breaches and vulnerabilities.
The scope includes the following:
- Maintain and administer security toolsets (such as IAM, DAM, and Key Management), ensuring the tools are functioning according to the security management plan.
- Respond and perform triaging of security alerts generated from the security toolsets in a timely manner according to SLA.
- Perform security scanning and testing by using the Vulnerability Assessment tools.
- Reporting and tracking vulnerabilities and risks, and ensuring timely patching is completed to comply with the stipulated resolution time.
- Assess the applicability of newly published security vulnerabilities to components used within the environment, track and report the status until they are closed.
- Co-develop process documents and participate in initiatives to fine-tune and streamline security operations.
- Skills:
- 1-3 years hands-on experience of using common security tools like IAM (eg.IBM ISAM), DAM (eg. IBM Guardium) and Vulnerability Assessment tool (eg. Tenable Nessus)
- Security certifications and AWS Cloud certified is preferable but not a must.
- Proficient in security control principles including SOD.
- Good attitude and passionate with discovery of security gaps and actively participate in problem-solving process.
Information Security
Security Operations
Remediation
Cyber Security
Key Management
Scripting
Security Management
Operating Systems
Windows
Threat Intelligence
Vulnerability Assessment
Network Security
DNS
Linux
CISSP
Firewalls
Senior Cybersecurity Analyst
Posted today
Job Viewed
Job Description
Responsibilities:
Cyber Incident and Forensic Investigation
- Lead and conduct thorough cyber incident investigations, ensuring proper analysis of threats and breaches.
- Perform forensic analysis to understand the scope of security incidents and assist in data recovery, evidence preservation, and reporting
SOC Incident Monitoring and Investigation
- Oversee Level 2/3 SOC operations to ensure the timely identification and resolution of security threats.
- Coordinate and lead incident response efforts across various security systems, managing escalations effectively.
Vulnerability Assessment and Penetration Testing (VA/PT)
- Conduct vulnerability assessments and penetration testing on networks, systems, and applications.
- Provide actionable recommendations for remediation of identified vulnerabilities and ensure security measures are implemented.
Endpoint Security Management
- Implement and manage endpoint security solutions including anti-malware, encryption, and troubleshooting of endpoint devices.
- Ensure that all endpoints are secured in compliance with company security policies.
Ethical Hacking and Security Testing
- Perform hands-on ethical hacking, including penetration testing and vulnerability assessments, to assess and enhance organizational security posture.
Qualifications:
- Certified Ethical Hacker (CEH), Offensive Security Certified Professional (OSCP), or equivalent certifications.
- CISSP (Certified Information Systems Security Professional) or equivalent certification is highly preferred.
- 5+ years of experience in cybersecurity, with hands-on experience in incident response, digital forensics, and security engineering.
- Demonstrated experience in managing security operations within a Level 2/3 SOC environment.
- Proven experience in vulnerability assessments, penetration testing, and remediation strategies.
- Expertise in endpoint security tools and anti-malware solutions.
- Strong experience in ethical hacking and penetration testing practices.
- Deep understanding of common attack vectors and security tools (e.g., SIEM, IDS/IPS, endpoint protection).
- Strong knowledge of encryption protocols and endpoint protection strategies.
- Familiarity with network security principles, firewalls, VPNs, and intrusion detection systems.
- Ability to clearly explain complex security issues and incident findings to non-technical stakeholders.
Senior Cybersecurity Analyst
Posted today
Job Viewed
Job Description
We are seeking an experienced and highly skilled cybersecurity professional to join our dynamic team as a Senior Cybersecurity Analyst / Security Engineering Lead .
In this role, you will be responsible for leading advanced security engineering initiatives and providing oversight of incident monitoring and response activities within a Level 2/3 Security Operations Center (SOC) environment. You will play a critical role in proactively identifying, investigating, and mitigating security threats, as well as driving efforts to ensure robust endpoint protection and overall infrastructure security.
Responsibilities:
Cyber Incident and Forensic Investigation:
- Lead and conduct thorough cyber incident investigations, ensuring proper analysis of threats and breaches.
- Perform forensic analysis to understand the scope of security incidents and assist in data recovery, evidence preservation, and reporting.
SOC Incident Monitoring and Investigation:
- Oversee Level 2/3 SOC operations to ensure the timely identification and resolution of security threats.
- Coordinate and lead incident response efforts across various security systems, managing escalations effectively.
Vulnerability Assessment and Penetration Testing (VA/PT):
- Conduct vulnerability assessments and penetration testing on networks, systems, and applications.
- Provide actionable recommendations for remediation of identified vulnerabilities and ensure security measures are implemented.
Endpoint Security Management:
- Implement and manage endpoint security solutions including anti-malware, encryption, and troubleshooting of endpoint devices.
- Ensure that all endpoints are secured in compliance with company security policies.
Leadership in Security Engineering:
- Lead and mentor the security engineering team, providing guidance on the design, implementation, and maintenance of security systems.
- Oversee the development and deployment of proactive security measures, ensuring the team remains responsive to evolving cyber threats.
Ethical Hacking and Security Testing:
- Perform hands-on ethical hacking, including penetration testing and vulnerability assessments, to assess and enhance organizational security posture.
Requirements:-
Certifications:
- Certified Ethical Hacker (CEH), Offensive Security Certified Professional (OSCP), or equivalent certifications.
- CISSP (Certified Information Systems Security Professional) or equivalent certification is highly preferred.
Experience:
- 5+ years of experience in cybersecurity, with hands-on experience in incident response, digital forensics, and security engineering.
- Demonstrated experience in managing security operations within a Level 2/3 SOC environment.
- Proven experience in vulnerability assessments, penetration testing, and remediation strategies.
- Expertise in endpoint security tools and anti-malware solutions.
- Strong experience in ethical hacking and penetration testing practices.
Technical Skills:
- Deep understanding of common attack vectors and security tools (e.g., SIEM, IDS/IPS, endpoint protection).
- Strong knowledge of encryption protocols and endpoint protection strategies.
- Familiarity with network security principles, firewalls, VPNs, and intrusion detection systems.
Leadership & Communication:
- Excellent leadership, communication, and team management skills.
Ability to clearly explain complex security issues and incident findings to non-technical stakeholders.
Only shortlisted candidate will be notified.
Senior Cybersecurity Analyst
Posted today
Job Viewed
Job Description
In this role, you will be responsible for leading advanced security engineering initiatives and providing oversight of incident monitoring and response activities within a Level 2/3 Security Operations Center (SOC) environment. You will play a critical role in proactively identifying, investigating, and mitigating security threats, as well as driving efforts to ensure robust endpoint protection and overall infrastructure security.
Responsibilities:
Cyber Incident and Forensic Investigation:
- Lead and conduct thorough cyber incident investigations, ensuring proper analysis of threats and breaches.
- Perform forensic analysis to understand the scope of security incidents and assist in data recovery, evidence preservation, and reporting.
- Oversee Level 2/3 SOC operations to ensure the timely identification and resolution of security threats.
- Coordinate and lead incident response efforts across various security systems, managing escalations effectively.
- Conduct vulnerability assessments and penetration testing on networks, systems, and applications.
- Provide actionable recommendations for remediation of identified vulnerabilities and ensure security measures are implemented.
- Implement and manage endpoint security solutions including anti-malware, encryption, and troubleshooting of endpoint devices.
- Ensure that all endpoints are secured in compliance with company security policies.
- Lead and mentor the security engineering team, providing guidance on the design, implementation, and maintenance of security systems.
- Oversee the development and deployment of proactive security measures, ensuring the team remains responsive to evolving cyber threats.
- Perform hands-on ethical hacking, including penetration testing and vulnerability assessments, to assess and enhance organizational security posture.
Certifications:
- Certified Ethical Hacker (CEH), Offensive Security Certified Professional (OSCP), or equivalent certifications.
- CISSP (Certified Information Systems Security Professional) or equivalent certification is highly preferred.
- 5+ years of experience in cybersecurity, with hands-on experience in incident response, digital forensics, and security engineering.
- Demonstrated experience in managing security operations within a Level 2/3 SOC environment.
- Proven experience in vulnerability assessments, penetration testing, and remediation strategies.
- Expertise in endpoint security tools and anti-malware solutions.
- Strong experience in ethical hacking and penetration testing practices.
- Deep understanding of common attack vectors and security tools (e.g., SIEM, IDS/IPS, endpoint protection).
- Strong knowledge of encryption protocols and endpoint protection strategies.
- Familiarity with network security principles, firewalls, VPNs, and intrusion detection systems.
- Excellent leadership, communication, and team management skills.
- Ability to clearly explain complex security issues and incident findings to non-technical stakeholders.
Be The First To Know
About the latest Security analysis Jobs in Singapore !
IT CyberSecurity Analyst
Posted today
Job Viewed
Job Description
Responsibilities:
- Perform cybersecurity monitoring for Client's servers, networks, and applications
- Ensures integrity and protection of servers, networks, and applications through monitoring of vulnerability sources
- Analyse and correlate security event log from the in-scoped log source for supporting cybersecurity incident investigation
- Analyse the cyberattack anomalies and supply verdict of analysis
- Evaluate, response, and support cybersecurity incidents by adhering to established procedures including containment, eradication, recovery, and documentation
- Collaborate with infra and application teams to identify, resolve, and mitigate security events and/or an incident by advising appropriate countermeasures
- Perform triage on reported emails by correlating with other cybersecurity platforms and quarantine malicious emails from being intercepted by users
- Support Vulnerability Management practice by keeping track of its status, and advise on actionable remediation
- Understand, execute, and continuously improve Standard Operating Procedures (SOP) and security standards for the IT Security Operations team
- Keep abreast with the latest security advisory, notify respective system owners, and ensure implementation of appropriate cybersecurity measures
- Supply key metrics from various cybersecurity platforms for supporting periodic reporting needs
- Perform regular maintenance of the cybersecurity platform to ensure that it is running in an optimal condition including:
- Software or application patching, updating, or upgrading
- Completeness of ingested log sources
- Maintain IT Security Operations procedures documentation
- Diploma/degree in computer studies
- Min 2-3 years of experience working in a cybersecurity operations, incident response, vulnerability management or related field.
- Demonstrated experience in network security, server security, endpoint security, web security etc.
- Strong knowledge of security principles, technologies, and industry best practices.
- Experience with log analysis, malware analysis, and network traffic analysis.
- Excellent analytical and problem-solving skills, with the ability to quickly identify and respond to security incidents, analyze complex security issues and develop effective solutions.
- Experience in IT security/support operations with willingness to learn above mentioned tools are encouraged to apply.
IT CyberSecurity Analyst
Posted today
Job Viewed
Job Description
We are hiring for IT CyberSecurity Analyst
Responsibilities:
- Perform cybersecurity monitoring for Client's servers, networks, and applications
- Ensures integrity and protection of servers, networks, and applications through monitoring of vulnerability sources
- Analyse and correlate security event log from the in-scoped log source for supporting cybersecurity incident investigation
- Analyse the cyberattack anomalies and supply verdict of analysis
- Evaluate, response, and support cybersecurity incidents by adhering to established procedures including containment, eradication, recovery, and documentation
- Collaborate with infra and application teams to identify, resolve, and mitigate security events and/or an incident by advising appropriate countermeasures
- Perform triage on reported emails by correlating with other cybersecurity platforms and quarantine malicious emails from being intercepted by users
- Support Vulnerability Management practice by keeping track of its status, and advise on actionable remediation
- Understand, execute, and continuously improve Standard Operating Procedures (SOP) and security standards for the IT Security Operations team
- Keep abreast with the latest security advisory, notify respective system owners, and ensure implementation of appropriate cybersecurity measures
- Supply key metrics from various cybersecurity platforms for supporting periodic reporting needs
- Perform regular maintenance of the cybersecurity platform to ensure that it is running in an optimal condition including:
- Software or application patching, updating, or upgrading
- Completeness of ingested log sources
- Maintain IT Security Operations procedures documentation
Requirements;
- Diploma/degree in computer studies
- Min 2-3 years of experience working in a cybersecurity operations, incident response, vulnerability management or related field.
- Demonstrated experience in network security, server security, endpoint security, web security etc.
- Strong knowledge of security principles, technologies, and industry best practices.
- Experience with log analysis, malware analysis, and network traffic analysis.
- Excellent analytical and problem-solving skills, with the ability to quickly identify and respond to security incidents, analyze complex security issues and develop effective solutions.
- Experience in IT security/support operations with willingness to learn above mentioned tools are encouraged to apply.
Information Security
Security Operations
Troubleshooting
Dashboard
Windows 10
Vulnerability Management
Cyber Security
Active Directory
Windows 7
Cybersecurity Framework Application
Compliance
Operating Systems
Windows
Web Security
Regulatory Requirements
Vulnerability Assessment
Network Security
CISSP
Malware Analysis
Technical Support
Senior Cybersecurity Analyst - Threat Hunter
Posted today
Job Viewed
Job Description
Job Opportunity
We are seeking a highly skilled Cyber Security Specialist in Analytics to protect clients' infrastructure and ensure the security of their sensitive data.
This role plays a critical part in safeguarding clients from cyber threats, ensuring compliance with industry regulations and best practices.
You will be responsible for implementing and managing Security Information and Event Management solutions and User Entity Behavior Analytics solutions; conducting threat assessments and providing expertise in mitigating security threats.
Key Responsibilities:
- Deploy and maintain SIEM/UEBA solutions to safeguard clients' endpoints from cyber threats.
- Implement monitoring rules/analytic rules, automated workflows, standards and procedures to ensure compliance with industry regulations and best practices.
- Configure and manage SIEM/UEBA security technologies, such as Trellix ESM and its tools.
- Collaborate with cross-functional teams to ensure secure monitoring configurations and deployment of new features and applications.
- Stay updated with the latest cyber security threats, vulnerabilities and industry trends and proactively recommend and implement appropriate countermeasures.
- Provide technical guidance and support to the incident response team during detected security incidents and investigations.
- Document SIEM/UEBA security configurations, processes and procedures.
Required Skills and Qualifications:
- Bachelor's degree/Diploma in Computer Science, Information Security or a related field.
- Professional certifications for Linux server administration.
- Familiarity with managing/implementing SIEM/UEBA security management platforms and tools at enterprise level.
- Understanding of operating systems and their security features.
- Familiarity with security standards and frameworks (NIST, CIS) and their application for SIEM/UEBA security.
- Excellent analytical and problem-solving skills to identify and resolve system security issues.
- Strong communication and collaboration skills to work effectively with clients, cross-functional teams and stakeholders.
- Able to work in a fast-paced environment and manage multiple priorities effectively.
About this Role
This is an exciting opportunity to work in a dynamic and fast-paced environment, protecting clients' infrastructure and ensuring the security of their sensitive data. If you have experience in Cyber Security and a passion for Analytics, we encourage you to apply.