64 Security Incident jobs in Singapore

We are seeking a Senior Cybersecurity Incident Responder to join our team on a long-term engagement. The successful candidate will play a key role in incident triage, response, and investigation , operating at Level 2 to Level 3 (L2-L3) within the Security Operations Center (SOC).

• This is a 12-month extendable contract with strong potential for renewal based on performance as the project is on a long-term basis.

This position is ideal for an experienced security analyst with strong technical skills and hands-on experience using CrowdStrike , conducting log analysis , and managing real-world incident investigations.

• Perform advanced incident triage, response and investigation of security alerts from various sources
• Lead or support L2-L3 incident response efforts , including containment, eradication, and recovery
• Analyze logs from firewalls, intrusion prevention systems (IPS), proxies , and other security platforms
• Use CrowdStrike EDR to identify and respond to threats across endpoints
• Collaborate with SOC, threat intel, and infrastructure teams for coordinated response
• Document findings and create incident reports, timelines, and root cause analysis
• Contribute to playbook updates and process improvements based on lessons learned
• Participate in threat hunting and detection rule tuning as needed

• 4-6+ years of experience in Cybersecurity Incident Response / SOC operations
• Experience in advanced incident triage, response and investigation of security alerts from various sources
• Hands-on experience with:
  • CrowdStrike or similar EDR platforms
  • Log analysis from firewall, IPS, proxy, and endpoint systems
  • SIEM tools for alert triage and investigation
• Deep understanding of attack vectors, malware behavior, and threat actor TTPs (MITRE ATT&CK)
• Familiarity with incident management frameworks (e.g., NIST, SANS)
• Excellent analytical, documentation, and communication skills
• Ability to work independently and under pressure in fast-paced environments
• Relevant certifications a plus: GCIH, GCFA, CEH, or equivalent

Argyll Scott Consulting Pte Ltd

Argyll Scott Asia is acting as an Employment Business in relation to this vacancy.

We are seeking a Senior Cybersecurity Incident Responder to join our team on a long-term engagement. The successful candidate will play a key role in incident triage, response, and investigation , operating at Level 2 to Level 3 (L2–L3) within the Security Operations Center (SOC).

• This is a 12-month extendable contract with strong potential for renewal based on performance as the project is on a long-term basis.

This position is ideal for an experienced security analyst with strong technical skills and hands-on experience using CrowdStrike , conducting log analysis , and managing real-world incident investigations.

• Perform advanced incident triage, response and investigation of security alerts from various sources
• Lead or support L2–L3 incident response efforts , including containment, eradication, and recovery
• Analyze logs from firewalls, intrusion prevention systems (IPS), proxies , and other security platforms
• Use CrowdStrike EDR to identify and respond to threats across endpoints
• Collaborate with SOC, threat intel, and infrastructure teams for coordinated response
• Document findings and create incident reports, timelines, and root cause analysis
• Contribute to playbook updates and process improvements based on lessons learned
• Participate in threat hunting and detection rule tuning as needed

• 4–6+ years of experience in Cybersecurity Incident Response / SOC operations
• Experience in advanced incident triage, response and investigation of security alerts from various sources
• Hands-on experience with:
  • CrowdStrike or similar EDR platforms
  • Log analysis from firewall, IPS, proxy, and endpoint systems
  • SIEM tools for alert triage and investigation
• Deep understanding of attack vectors, malware behavior, and threat actor TTPs (MITRE ATT&CK)
• Familiarity with incident management frameworks (e.g., NIST, SANS)
• Excellent analytical, documentation, and communication skills
• Ability to work independently and under pressure in fast-paced environments
• Relevant certifications a plus: GCIH, GCFA, CEH, or equivalent

Argyll Scott Consulting Pte Ltd

Argyll Scott Asia is acting as an Employment Business in relation to this vacancy.

We are seeking a
Senior Cybersecurity Incident Responder
to join our team on a long-term engagement. The successful candidate will play a key role in
incident triage, response, and investigation , operating at
Level 2 to Level 3 (L2–L3)
within the Security Operations Center (SOC).
This is a
12-month extendable contract
with strong potential for renewal based on performance as the project is on a long-term basis.
This position is ideal for an experienced security analyst with strong technical skills and hands-on experience using
CrowdStrike , conducting
log analysis , and managing real-world incident investigations.
Key Responsibilities
Perform
advanced incident triage, response and investigation
of security alerts from various sources
Lead or support
L2–L3 incident response efforts , including containment, eradication, and recovery
Analyze logs from
firewalls, intrusion prevention systems (IPS), proxies , and other security platforms
Use
CrowdStrike EDR
to identify and respond to threats across endpoints
Collaborate with SOC, threat intel, and infrastructure teams for coordinated response
Document findings and create incident reports, timelines, and root cause analysis
Contribute to
playbook updates
and process improvements based on lessons learned
Participate in threat hunting and detection rule tuning as needed
Requirements
4–6+ years of experience in
Cybersecurity Incident Response / SOC operations
Experience in
advanced incident triage, response and investigation
of security alerts from various sources
Hands-on experience with:
CrowdStrike
or similar EDR platforms
Log analysis from
firewall, IPS, proxy, and endpoint systems
SIEM tools for alert triage and investigation
Deep understanding of attack vectors, malware behavior, and threat actor TTPs (MITRE ATT&CK)
Familiarity with incident management frameworks (e.g., NIST, SANS)
Excellent analytical, documentation, and communication skills
Ability to work independently and under pressure in fast-paced environments
Relevant certifications a plus:
GCIH, GCFA, CEH, or equivalent
Argyll Scott Consulting Pte Ltd
Argyll Scott Asia is acting as an Employment Business in relation to this vacancy.
#J-18808-Ljbffr

We are seeking a skilled Android Reverse Engineer to join our team of experts in the field of mobile threat analysis.

The ideal candidate will have hands-on experience with reverse engineering code, preferably of malicious applications, and be able to read, comprehend and analyze source code. Additionally, they should have experience with Java or Kotlin, as well as exposure to JavaScript, Flutter, and/or other mobile software languages.

Responsibilities include:

• Deep dive analysis of Android applications to understand their codebase, architecture, and functionality
• Employing reverse engineering techniques to extract information from android applications
• Identifying user and device risk, data leakage, and malicious code execution within Android apps
• Conducting security assessments of Android applications to identify potential risks
• Reviewing apps and providing the latest malware trends
• Collaborating with security researchers, developers, and other stakeholders to share findings, provide recommendations, and contribute to the development of secure software
• Staying updated on the latest Android security threats, vulnerabilities, and reverse engineering techniques

Requirements include:

• Hands-on experience with analyzing or reverse engineering code, preferably of malicious applications
• Ability to read, comprehend and analyze source code
• Experience with Java or Kotlin
• Exposure to JavaScript, Flutter, and/or other mobile software languages
• Query languages such as SQL

Additional requirements include:

• Understanding of Android Fundamentals such as Android activity lifecycles, common Android API usage, AOSP, and how an android application is created
• Java and/or Kotlin Programming Language
• Fundamentals of Network traffic security

If you are passionate about staying up-to-date with the latest developments in the field of mobile threat analysis, we encourage you to apply for this exciting opportunity.

Responsibilities:

• Direct the resolution of high-severity incidents by managing crisis calls, aligning cross-functional teams, and ensuring timely, transparent updates to senior stakeholders.
• Serve as the primary escalation point for executive stakeholders, driving confidence and trust through effective communication and swift resolution.
• Ensure service delivery excellence by monitoring SLAs, coordinating with vendors, and maintaining strong operational governance.
• Embed ITIL best practices across Incident, Problem, and Change Management to drive consistency and reliability in operations.
• Lead post-incident reviews to identify systemic issues, implement corrective actions, and drive continuous service improvement.
• Oversee infrastructure transformation initiatives, including network, voice, and cloud, to align technology capabilities with evolving business needs.
• Optimize incident detection and recovery by leveraging automation, monitoring, and observability solutions to improve visibility and reduce downtime.
• Mentor and lead global support teams in a follow-the-sun model, ensuring seamless operational coverage, collaboration, and professional development.
• Partner with compliance and security teams to ensure services adhere to governance, audit, and regulatory requirements.

Requirements:

• 15+ years of IT service management with focus on service delivery, major incident management, and escalation handling.
• Proven expertise in network and infrastructure operations, including on-premises and cloud environments.
• Strong knowledge of incident, problem, and change management frameworks.
• Excellent leadership skills with experience managing global, cross-cultural teams.
• Hands-on experience in driving service improvements and transformation projects.
• Strong analytical, decision-making, and communication skills with the ability to perform under pressure.
• Familiarity with automation, monitoring, and observability platforms.

Information Technology - Cyber Security Engineer (Threat Management and Incident Response) (Scoot)
Join to apply for the
Information Technology - Cyber Security Engineer (Threat Management and Incident Response) (Scoot)
role at
Singapore Airlines .
Job Description
You will be a member of the Group Information Security Team responsible for responding to threats and incidents to the corporate networks, systems (on-prem and cloud), and digital assets.
Key Responsibilities
Perform security monitoring and incident response activities across the Scoot networks, leveraging a variety of tools and techniques.
Manage Security Operations Center.
Detect incidents through proactive “hunting” across security-relevant data sets.
Correlate multiple events from different devices to identify abnormal behaviour.
Document incident response analysis activities thoroughly.
Develop new, repeatable methods for finding malicious activities.
Provide recommendations to enhance detection and protection capabilities.
Present technical topics effectively to both technical and non-technical audiences.
Develop and follow detailed operational processes and procedures for analyzing, escalating, and remediating security incidents.
Prioritize multiple high-priority tasks and formulate responses in a fast-paced environment.
Prepare documentation for security standards, operational procedures, and system hardening.
Analyze endpoint, network, and application logs.
Assist other IT teams with security-related issues.
Engage with vendors and SIA team members for security reviews.
Requirements
Degree in Computer Engineering, Computer Science, Information Systems, or equivalent.
At least 5-6 years of experience in Cybersecurity Incident and Security Operations.
Experience in Information Security with a focus on Cyber Security Operations, Incident Response, and Detection.
Experience working in SOC or Computer Incident Response Team.
Excellent problem-solving skills, including root cause analysis and post-incident reviews.
Solid knowledge of computer networks and protocols.
Knowledge of cyber threat actors and APT groups.
Experience with Threat Intelligence Platforms.
Experience with SIEM tools, especially Splunk.
Professional security qualifications (e.g., GCIA, CISSP) are advantageous.
Preferred certifications: CISSP, CISM, CISA, ISMS, TOGAF, SABS.
Good interpersonal skills and ability to work independently and in teams.
We thank all candidates for your interest in Singapore Airlines, and regret that only shortlisted candidates will be notified.
Additional Details
Seniority level: Mid-Senior level
Employment type: Full-time
Job function: Information Technology
Industries: Airlines and Aviation
Referrals increase your chances of interviewing at Singapore Airlines by 2x.
Explore more roles and set job alerts for “Information Technology Security Engineer”.
#J-18808-Ljbffr

Job Description

You will be a member of the Group Information Security Team responsible for responding to threats and incidents to the corporate networks, systems (on-prem and cloud), and digital assets.

Key Responsibilities:

•Perform security monitoring and incident response activities across the scoot networks, leveraging a variety of tools and techniques.

•Manage Security Operations center.

•Detect incidents through proactive “hunting” across security-relevant data sets.

•Ability to correlate multiple events from different devices to identify abnormal behaviour

•Document incident response analysis activities thoroughly

•Develop new, repeatable methods for finding malicious activities

•Provide recommendations to enhance detection and protection capabilities.

•Effectively present technical topics to both technical and non-technical audiences

•Develop and follow detailed operational processes and procedures to appropriately analyze, escalate, and assist in the remediation of information security incidents

•Prioritize multiple high-priority tasks and formulate responses/recommendations in a fast-paced environment

•Prepare documentation for security technical standards, standard operational procedures, and hardening standards.

•Analyse endpoint, network, and application logs

•Assist other IT teams in security-related issues

•Engage with vendors and parent company SIA team members for security reviews.

Requirements:

•Degree in Computer Engineering, Computer Science, Information Systems, or equivalent qualification.

•At least 5-6 years of experience in Cybersecurity Incident and Security Operations.

•Demonstrate experience in Information Security with a focus on Cyber Security Operations, Incident Response and Detection.

•Experience working in the Security Operations Centre and/or Computer Incident Response Team.

•Excellent problem-solving skills combined with hands-on experience doing root cause analysis and post-incident reviews.

•Solid knowledge of computer networks and common protocols

•Knowledge of prominent cyber threat actors and APT groups.

•Experience with Threat Intelligence Platforms.

•Experience with SIEM (especially Splunk).

•Professional security related qualifications (i.e. GCIA, CISSP etc) will be an advantage

•Preferred certifications: CISSP, CISM, CISA, ISMS, TOGAF, SABS

•Good interpersonal skills

Date: 20 Aug 2025

Location:
Singapore, SG

Company:
Tetra Pak

At Tetra Pak we commit to making food safe and available, everywhere; and we protect what's good – protecting food, protecting people, and protecting the planet. By doing so we touch millions of people's lives every day.

And we need people like you to make it happen.

We empower you to reach your potential with opportunities to  make an impact to be proud of – for food, people and the planet.

*Job Summary *

As the face of information security to Cluster and Market Company management, responsible for:

managing information security risks; managing and leading significant information security incidents both globally and at the cluster level; Expertly advising on information security issues and questions within the cluster; driving information security and data privacy awareness and education for the cluster;  ensuring compliance on information security and data privacy related matters for the cluster.  Responsible for leadnig or managing informaiton security intiative on a global level.

*What you will do *

Role and Responsibilities

In this role, you will be part of the ISIRT and Cyber Threat Intelligence team, which falls under the parent group named Security Operations. Working closely with the IR Manager and IR Leads in other time zones, you will be responsible for leading cybersecurity incident management efforts, ensuring quick, effective response and communication. You will guide teams, both internal and external (e.g. suppliers, customers, Managed Security Service Providers, other industry groups, etc) through containment, investigation, recovery, document incident details, and drive continuous improvement via training and tabletop exercises, as well as performing post-incident analysis. This role therefore requires strong coordination, communication, and stakeholder management skills.

Key Responsibilities

• Serving as a point of escalation and incident commander, manage a team of incident responders for ISIRT response and interact with cybersecurity leadership and business stakeholders
• Coordinate and ensure ISIRT incidents are prioritized at all hours of the day
• Implement a cross-functional team of analysts working closely with cybersecurity, IT and developers
• Review ISIRT incidents that may be related to ransomware, host compromise, account compromise, phishing, anomalous user behavior, third parties and data leakage
• Ensure the ISIRT response team is following processes embraced by leadership and adhering to best practices
• Measure and give feedback to the team to improve mean time to respond, key performance indicators (KPIs) and service-level objectives
• Proactively adjust to upcoming company changes affecting the operation to modify ISIRT response processes
• Possess advanced knowledge of attackers' methods of escalation; lateral movement; and tactics, techniques and procedures
• Present incident analysis and trend reporting to leadership, highlighting KPIs
• Review events and process effectiveness and make recommendations for change to leadership
• Require participation in ISIRT tabletop exercises designed to identify gaps, improve skills, enhance communication and engage with key stakeholders
• Oversee IR playbooks, policies, procedures and guidelines to ensure they align with industry best practices
• Collaborate with infrastructure, IT, vulnerability, threat intelligence and application security leads
• Participate in monitoring internal and external events and stay tightly aligned with infrastructure and third-party, hosted, on-premises and end-user systems
• Review and communicate ISIRT incident details from initial investigation through root cause analysis and post-mortem

*We believe you have *

Technical Skills

• Security Expertise: Over 2 years of experience in IT and/or OT security technologies.
• Security Operations: Hands-on experience in Security Operations Center (SOC) and Information Security Incident Response Team (ISIRT) processes, procedures, and tools.
• Tool Proficiency: Familiar with SIEM, SOAR, EDR, forensic tools, and ticketing platforms.

Non-Technical Skills

• Leadership: Proven ability to lead teams both onsite and remotely.
• Composure Under Pressure: Self-aware and able to remain calm, organized, and collaborative under high-pressure situations; skilled in prioritizing and responding within defined SLAs.
• Communication: Strong written and verbal communication skills across all organizational levels.
• Decision-Making: Excellent judgment and quick decision-making capabilities in complex scenarios.
• Security Knowledge: Solid understanding of threats, vulnerabilities, ISIRT incident response principles, and chain of custody.
• Compliance & Standards: Familiar with industry standards and frameworks including NIST, ISO 27001, NIS 2, and CRA.
• Professional Integrity: Demonstrated track record of integrity, pride in work, curiosity, flexibility, and professionalism.

We Offer You

• A variety of exciting challenges with ample opportunities for development and training in a truly global landscape
• A culture that pioneers a spirit of innovation where our industry experts drive visible results
• An equal opportunity employment experience that values diversity and inclusion
• Market competitive compensation and benefits with flexible working arrangements

Apply Now

If you are inspired to be part of our promise to protect what's good; for food, people, and the planet, apply through our careers page at

If you have any questions about your application, please contact Ephraim Kwa.

Diversity, equity, and inclusion is an everyday part of how we work. We give people a place to belong and support to thrive, an environment where everyone can be comfortable being themselves and has equal opportunities to grow and succeed. We embrace difference, celebrate people for who they are, and for the diversity they bring that helps us better understand and connect with our customers and communities worldwide.

At Tetra Pak we commit to making food safe and available, everywhere; and we protect what's good – protecting food, protecting people, and protecting the planet. By doing so we touch millions of people's lives every day.

And we need people like you to make it happen.

We empower you to reach your potential with opportunities to make an impact to be proud of – for food, people and the planet.

As the face of information security to Cluster and Market Company management, responsible for:

managing information security risks; managing and leading significant information security incidents both globally and at the cluster level; Expertly advising on information security issues and questions within the cluster; driving information security and data privacy awareness and education for the cluster; ensuring compliance on information security and data privacy related matters for the cluster. Responsible for leadnig or managing informaiton security intiative on a global level.

Role and Responsibilities

In this role, you will be part of the ISIRT and Cyber Threat Intelligence team, which falls under the parent group named Security Operations. Working closely with the IR Manager and IR Leads in other time zones, you will be responsible for leading cybersecurity incident management efforts, ensuring quick, effective response and communication. You will guide teams, both internal and external (e.g. suppliers, customers, Managed Security Service Providers, other industry groups, etc) through containment, investigation, recovery, document incident details, and drive continuous improvement via training and tabletop exercises, as well as performing post-incident analysis. This role therefore requires strong coordination, communication, and stakeholder management skills.

Key Responsibilities

• Serving as a point of escalation and incident commander, manage a team of incident responders for ISIRT response and interact with cybersecurity leadership and business stakeholders
• Coordinate and ensure ISIRT incidents are prioritized at all hours of the day
• Implement a cross-functional team of analysts working closely with cybersecurity, IT and developers
• Review ISIRT incidents that may be related to ransomware, host compromise, account compromise, phishing, anomalous user behavior, third parties and data leakage
• Ensure the ISIRT response team is following processes embraced by leadership and adhering to best practices
• Measure and give feedback to the team to improve mean time to respond, key performance indicators (KPIs) and service-level objectives
• Proactively adjust to upcoming company changes affecting the operation to modify ISIRT response processes
• Possess advanced knowledge of attackers' methods of escalation; lateral movement; and tactics, techniques and procedures
• Present incident analysis and trend reporting to leadership, highlighting KPIs
• Review events and process effectiveness and make recommendations for change to leadership
• Require participation in ISIRT tabletop exercises designed to identify gaps, improve skills, enhance communication and engage with key stakeholders
• Oversee IR playbooks, policies, procedures and guidelines to ensure they align with industry best practices
• Collaborate with infrastructure, IT, vulnerability, threat intelligence and application security leads
• Participate in monitoring internal and external events and stay tightly aligned with infrastructure and third-party, hosted, on-premises and end-user systems
• Review and communicate ISIRT incident details from initial investigation through root cause analysis and post-mortem

Technical Skills

• Security Expertise: Over 2 years of experience in IT and/or OT security technologies.
• Security Operations: Hands-on experience in Security Operations Center (SOC) and Information Security Incident Response Team (ISIRT) processes, procedures, and tools.
• Tool Proficiency: Familiar with SIEM, SOAR, EDR, forensic tools, and ticketing platforms.

Non-Technical Skills

• Leadership: Proven ability to lead teams both onsite and remotely.
• Composure Under Pressure: Self-aware and able to remain calm, organized, and collaborative under high-pressure situations; skilled in prioritizing and responding within defined SLAs.
• Communication: Strong written and verbal communication skills across all organizational levels.
• Decision-Making: Excellent judgment and quick decision-making capabilities in complex scenarios.
• Security Knowledge: Solid understanding of threats, vulnerabilities, ISIRT incident response principles, and chain of custody.
• Compliance & Standards: Familiar with industry standards and frameworks including NIST, ISO 27001, NIS 2, and CRA.
• Professional Integrity: Demonstrated track record of integrity, pride in work, curiosity, flexibility, and professionalism.

We Offer You

• A variety of exciting challenges with ample opportunities for development and training in a truly global landscape
• A culture that pioneers a spirit of innovation where our industry experts drive visible results
• An equal opportunity employment experience that values diversity and inclusion
• Market competitive compensation and benefits with flexible working arrangements

Apply Now

If you are inspired to be part of our promise to protect what's good; for food, people, and the planet, apply through our careers page at

If you have any questions about your application, please contact Ephraim Kwa.

Diversity, equity, and inclusion is an everyday part of how we work. We give people a place to belong and support to thrive, an environment where everyone can be comfortable being themselves and has equal opportunities to grow and succeed. We embrace difference, celebrate people for who they are, and for the diversity they bring that helps us better understand and connect with our customers and communities worldwide.