748 Security Analyst jobs in Singapore

We are looking for a Security Analyst to join a dedicated team protecting critical digital assets around the clock.

In this role, you will:

• Monitor, detect, and respond to cybersecurity events and incidents
• Investigate potential threats, troubleshoot network or system issues, and ensure timely incident resolution
• Publish advisories, alerts, and threat intelligence to stakeholders
• Participate in cyber exercises and simulate incident scenarios to strengthen defenses

This is a rotating shift role including weekends and public holidays, with competitive pay, shift allowances, and overtime opportunities .

Role Overview

Our client, a leading global commodities brokerage and financial services firm, is seeking an IAM Operations Analyst to support and manage identity lifecycle processes, authentication, authorization, and access control across a full stack of business applications. The role will work closely with IT, security, and infrastructure teams to ensure secure and compliant access management.

Key Responsibilities

• Design and implement IAM frameworks aligned with security best practices and business needs

• Manage user provisioning, deprovisioning, and role-based access control across multiple systems

• Ensure compliance with regulations (e.g., GDPR, SOX) and internal security policies

• Maintain documentation of user access policies and audit logs for reporting purposes

• Conduct role-based access control (RBAC) reviews to minimize excessive or inappropriate permissions

• Collaborate with IT, security, and business stakeholders to align IAM initiatives with organizational goals

• Lead investigations into access-related incidents and recommend remediation measures

• Promote security awareness and train staff on access policies and procedures

• Oversee IAM team activities, including performance appraisals and ensuring SLAs are met

• Monitor and manage Jira queues to ensure timely resolution of requests

Requirements

• Strong knowledge of IAM tools (e.g., Okta, SailPoint, CyberArk, Azure AD) and technologies such as SSO, MFA, and RBAC

• Solid understanding of security principles such as least privilege, identity governance, and privileged access management

• Familiarity with compliance frameworks and regulations such as GDPR, SOX, HIPAA, ISO 27001

• Strong problem-solving, analytical, and communication skills with the ability to work across technical and non-technical teams

• Experience conducting audits, producing reports, and ensuring IAM systems comply with legal and regulatory standards

• Ability to respond effectively to access-related incidents and manage IAM operations in high-pressure situations

• Experience working in regulated industries such as financial services

• Proven ability to engage stakeholders and present IAM risks and performance to senior leadership

Yang Lily, Recruit Avenue Pte. Ltd.

EA License Number: 23C1935 | EA Personnel Number: R

commodities

We are looking for a Security Analyst to join a dedicated team protecting critical digital assets around the clock.

In this role, you will:

• Monitor, detect, and respond to cybersecurity events and incidents
• Investigate potential threats, troubleshoot network or system issues, and ensure timely incident resolution
• Publish advisories, alerts, and threat intelligence to stakeholders
• Participate in cyber exercises and simulate incident scenarios to strengthen defenses

This is a rotating shift role including weekends and public holidays, with competitive pay, shift allowances, and overtime opportunities.

Job Descriptiom:

• Maintain and administer security toolsets (such as IAM, DAM, Key Management) ensuring the tools are functioning according to the security management plan.
• Respond and perform triaging of security alerts generated from the security toolsets in a timely manner according to SLA.
• Perform security scanning and testing by using the Vulnerability Assessment tools.
• Reporting and tracking on vulnerabilities and risks and ensure timely patching are completed to comply with stipulated resolution time.
• Assess the applicability of newly published security vulnerabilities to components used within the environment, track and report the status until closure.
• Co-develop process documents and participate in initiatives to finetune and streamline security operations.

Requirements:

• 1-3 years hands-on experience of using common security tools like IAM (eg.IBM ISAM), DAM (eg. IBM Guardium) and Vulnerability Assessment tool (eg. Tenable Nessus)
• Security certifications and AWS Cloud certified is preferable but not a must.
• Proficient in security control principles including SOD.
• Good attitude and passionate with discovery of security gaps and actively participate in problem-solving process.
• 3 primary skill sets - conducting Vulnerability Assessments (including doing scanning and reporting), managing security toolsets (eg. DAM, Key Management and Nessus), supporting security operations.
• Vulnerability scanning is required to be performed outside of normal office hours, the analyst is expected to comply and support.

Role Overview

Our client, a leading global commodities brokerage and financial services firm, is seeking an IAM Operations Analyst to support and manage identity lifecycle processes, authentication, authorization, and access control across a full stack of business applications. The role will work closely with IT, security, and infrastructure teams to ensure secure and compliant access management.

Key Responsibilities

• Design and implement IAM frameworks aligned with security best practices and business needs

• Manage user provisioning, deprovisioning, and role-based access control across multiple systems

• Ensure compliance with regulations (e.g., GDPR, SOX) and internal security policies

• Maintain documentation of user access policies and audit logs for reporting purposes

• Conduct role-based access control (RBAC) reviews to minimize excessive or inappropriate permissions

• Collaborate with IT, security, and business stakeholders to align IAM initiatives with organizational goals

• Lead investigations into access-related incidents and recommend remediation measures

• Promote security awareness and train staff on access policies and procedures

• Oversee IAM team activities, including performance appraisals and ensuring SLAs are met

• Monitor and manage Jira queues to ensure timely resolution of requests

Requirements

• Strong knowledge of IAM tools (e.g., Okta, SailPoint, CyberArk, Azure AD) and technologies such as SSO, MFA, and RBAC

• Solid understanding of security principles such as least privilege, identity governance, and privileged access management

• Familiarity with compliance frameworks and regulations such as GDPR, SOX, HIPAA, ISO

• Strong problem-solving, analytical, and communication skills with the ability to work across technical and non-technical teams

• Experience conducting audits, producing reports, and ensuring IAM systems comply with legal and regulatory standards

• Ability to respond effectively to access-related incidents and manage IAM operations in high-pressure situations

• Experience working in regulated industries such as financial services

• Proven ability to engage stakeholders and present IAM risks and performance to senior leadership

Yang Lily, Recruit Avenue Pte. Ltd.

EA License Number: 23C1935 | EA Personnel Number: R

Job Descriptiom:

• Maintain and administer security toolsets (such as IAM, DAM, Key Management) ensuring the tools are functioning according to the security management plan.
• Respond and perform triaging of security alerts generated from the security toolsets in a timely manner according to SLA.
• Perform security scanning and testing by using the Vulnerability Assessment tools.
• Reporting and tracking on vulnerabilities and risks and ensure timely patching are completed to comply with stipulated resolution time.
• Assess the applicability of newly published security vulnerabilities to components used within the environment, track and report the status until closure.
• Co-develop process documents and participate in initiatives to finetune and streamline security operations.

Requirements:

• 1-3 years hands-on experience of using common security tools like IAM (eg.IBM ISAM), DAM (eg. IBM Guardium) and Vulnerability Assessment tool (eg. Tenable Nessus)
• Security certifications and AWS Cloud certified is preferable but not a must.
• Proficient in security control principles including SOD.
• Good attitude and passionate with discovery of security gaps and actively participate in problem-solving process.
• 3 primary skill sets - conducting Vulnerability Assessments (including doing scanning and reporting), managing security toolsets (eg. DAM, Key Management and Nessus), supporting security operations.
• Vulnerability scanning is required to be performed outside of normal office hours, the analyst is expected to comply and support.

Key Responsibilities

Develop, implement, and manage the organization's information security strategy, policies, and procedures.

Lead the design and enforcement of security controls to protect systems, networks, and data from cyber threats.

Manage a team of security professionals, providing technical guidance, mentoring, and performance management.

Oversee risk assessments, vulnerability management, penetration testing, and incident response.

Ensure compliance with regulatory requirements, industry standards, and frameworks (e.g., ISO 27001, NIST, GDPR, PCI-DSS, HIPAA).

Collaborate with IT, DevOps, and business teams to embed security into application development and infrastructure design.

Manage security operations center (SOC) activities, including monitoring, threat detection, and escalation.

Define, track, and report security KPIs and risk metrics to senior leadership.

Evaluate, select, and implement security tools and technologies to strengthen organizational defenses.

Lead security awareness and training programs to promote a strong security culture.

Required Technical Skills (Tough Skills)

Cybersecurity & Risk Management: Strong knowledge of threat modeling, risk assessment methodologies, incident response frameworks, and business continuity planning.

Security Technologies: Hands-on expertise with firewalls, IDS/IPS, SIEM (Splunk, QRadar, ELK), EDR/XDR, DLP, IAM, PAM solutions, WAF, and CASB.

Cloud Security: Proficiency in securing workloads on AWS, Azure, and GCP, including IAM, KMS, Cloud Security Posture Management (CSPM).

Application & Network Security: Experience in secure SDLC, DevSecOps practices, vulnerability management, penetration testing tools (Burp Suite, Metasploit, Nessus, Qualys).

Cryptography & Data Protection: Understanding of PKI, SSL/TLS, encryption protocols, key management, tokenization, and data masking.

Governance, Risk & Compliance (GRC): Familiarity with ISO 27001, SOC 2, NIST CSF, COBIT, GDPR, HIPAA, PCI-DSS frameworks.

Incident Response & Forensics: Ability to manage SIEM alerts, digital forensics, malware analysis, and lead response teams during breaches.

Scripting & Automation: Knowledge of Python, PowerShell, or Bash for automating security operations and log analysis.

Good to Have

Security certifications such as CISSP, CISM, CISA, CEH, OSCP, CCSP, ISO 27001 Lead Implementer/Auditor.

Experience in Zero Trust Architecture and container security (Docker, Kubernetes).

Knowledge of threat intelligence platforms and SOC automation (SOAR)

Key Responsibilities
Develop, implement, and manage the organization's information security strategy, policies, and procedures.
Lead the design and enforcement of security controls to protect systems, networks, and data from cyber threats.
Manage a team of security professionals, providing technical guidance, mentoring, and performance management.
Oversee risk assessments, vulnerability management, penetration testing, and incident response.
Ensure compliance with regulatory requirements, industry standards, and frameworks (e.g., ISO 27001, NIST, GDPR, PCI-DSS, HIPAA).
Collaborate with IT, DevOps, and business teams to embed security into application development and infrastructure design.
Manage security operations center (SOC) activities, including monitoring, threat detection, and escalation.
Define, track, and report security KPIs and risk metrics to senior leadership.
Evaluate, select, and implement security tools and technologies to strengthen organizational defenses.
Lead security awareness and training programs to promote a strong security culture.
Required Technical Skills (Tough Skills)
Cybersecurity & Risk Management: Strong knowledge of threat modeling, risk assessment methodologies, incident response frameworks, and business continuity planning.
Security Technologies: Hands-on expertise with firewalls, IDS/IPS, SIEM (Splunk, QRadar, ELK), EDR/XDR, DLP, IAM, PAM solutions, WAF, and CASB.
Cloud Security: Proficiency in securing workloads on AWS, Azure, and GCP, including IAM, KMS, Cloud Security Posture Management (CSPM).
Application & Network Security: Experience in secure SDLC, DevSecOps practices, vulnerability management, penetration testing tools (Burp Suite, Metasploit, Nessus, Qualys).
Cryptography & Data Protection: Understanding of PKI, SSL/TLS, encryption protocols, key management, tokenization, and data masking.
Governance, Risk & Compliance (GRC): Familiarity with ISO 27001, SOC 2, NIST CSF, COBIT, GDPR, HIPAA, PCI-DSS frameworks.
Incident Response & Forensics: Ability to manage SIEM alerts, digital forensics, malware analysis, and lead response teams during breaches.
Scripting & Automation: Knowledge of Python, PowerShell, or Bash for automating security operations and log analysis.
Good to Have
Security certifications such as CISSP, CISM, CISA, CEH, OSCP, CCSP, ISO 27001 Lead Implementer/Auditor.
Experience in Zero Trust Architecture and container security (Docker, Kubernetes).
Knowledge of threat intelligence platforms and SOC automation (SOAR)