58 Security Incident jobs in Singapore

Senior Information Security Incident Response Lead page is loadedSenior Information Security Incident Response Lead Apply locations Kallang, Singapore time type Full time posted on Posted Yesterday job requisition id R-

Make an impact with NTT DATA
Join a company that is pushing the boundaries of what is possible. We are renowned for our technical excellence and leading innovations, and for making a difference to our clients and society. Our workplace embraces diversity and inclusion – it’s a place where you can grow, belong and thrive.

We are seeking an experienced Senior Incident Response Specialist to lead and execute advanced cybersecurity investigations. This is not an entry-level SOC role. You will be responsible for detecting, analyzing, and responding to security incidents, proactively hunting for threats, conducting forensic investigations, and contributing to vulnerability management through red teaming or penetration testing where applicable. Strong proficiency with EDR solutions, SIEM log platforms, incident case management tools, and forensic analysis tools is essential.

Key Responsibilities

• Lead and manage complex security incidents, acting as a key contact for stakeholders.
• Perform deep analysis of security alerts to identify, mitigate, and remediate threats.
• Conduct forensic investigations on compromised hosts, networks, and cloud environments.
• Proactively hunt for adversarial activity and anomalous behaviors across large datasets.
• Analyze malware samples (basic level) to determine functionality, impact, and mitigation strategies.
• Develop and refine detection rules, improving alert fidelity and response workflows.
• Contribute to threat intelligence gathering, analyzing attack patterns, and enhancing defensive strategies.
• Participate in red teaming or penetration testing activities to identify and remediate vulnerabilities.
• Provide strategic recommendations for improving the organization’s security posture.
• Create detailed incident reports, threat intelligence assessments, and executive summaries.
• Mentor and provide guidance to junior analysts, fostering continuous improvement in IR methodologies.

Qualifications & Requirements

Education & Experience:

• Bachelor's or Master's degree in Computer Science, Cybersecurity, or a related field.
• Minimum of 5 years of experience in cybersecurity, with at least 2 years in incident response, threat hunting, or forensic analysis.

Technical Expertise:

• Extensive experience responding to targeted attacks from APT groups, cybercriminals, and nation-state actors.
• Strong forensic analysis skills across Windows, Linux, and macOS systems.
• Expertise in network forensics, traffic analysis, and packet inspection (Wireshark, Zeek).
• Proficiency in SIEM platforms (Splunk, Sentinel, QRadar) and EDR solutions (CrowdStrike, Microsoft Defender ATP).
• Knowledge of malware analysis techniques, including static and dynamic analysis.
• Familiarity with cloud security investigations (AWS, Azure, GCP).
• Strong scripting skills in Python, PowerShell, or similar languages for automation.
• Understanding of security architecture, authentication mechanisms, and enterprise IT operations is a plus.
• Experience with vulnerability management, red teaming, or penetration testing is a plus.
• Familiarity with MITRE ATT&CK framework and various cyber threat intelligence methodologies.

Preferred Certifications:

• GIAC (GCFA, GNFA, GCIH, GCIA, GREM)
• CISSP (Certified Information Systems Security Professional)
• CEH (Certified Ethical Hacker)
• OSCP (Offensive Security Certified Professional)
• Cloud Security Certifications (AWS Security Specialty, Microsoft Azure Security)

Key Competencies:

• Strong analytical and problem-solving skills in high-pressure situations.
• Ability to manage multiple investigations efficiently while meeting deadlines.
• Excellent verbal and written communication skills, with the ability to convey technical details to varied audiences.
• Strong team collaboration and leadership skills, with a proactive approach to knowledge sharing.
• Ability to work in a fast-paced environment and adapt to evolving threats and challenges.

Workplace type :

About NTT DATA
NTT DATA is a $30+ billion trusted global innovator of business and technology services. We serve 75% of the Fortune Global 100 and are committed to helping clients innovate, optimize and transform for long-term success. We invest over $3.6 billion each year in R&D to help organizations and society move confidently and sustainably into the digital future. As a Global Top Employer, we have diverse experts in more than 50 countries and a robust partner ecosystem of established and start-up companies. Our services include business and technology consulting, data and artificial intelligence, industry solutions, as well as the development, implementation and management of applications, infrastructure, and connectivity. We are also one of the leading providers of digital and AI infrastructure in the world. NTT DATA is part of NTT Group and headquartered in Tokyo.

Equal Opportunity Employer
NTT DATA is proud to be an Equal Opportunity Employer with a global culture that embraces diversity. We are committed to providing an environment free of unfair discrimination and harassment. We do not discriminate based on age, race, colour, gender, sexual orientation, religion, nationality, disability, pregnancy, marital status, veteran status, or any other protected category. Join our growing global team and accelerate your career with us. Apply today.

Senior Information Security Incident Response Lead page is loaded

Senior Information Security Incident Response Lead

Make an impact with NTT DATA
Join a company that is pushing the boundaries of what is possible. We are renowned for our technical excellence and leading innovations, and for making a difference to our clients and society. Our workplace embraces diversity and inclusion – it’s a place where you can grow, belong and thrive.

We are seeking an experienced Senior Incident Response Specialist to lead and execute advanced cybersecurity investigations. This is not an entry-level SOC role. You will be responsible for detecting, analyzing, and responding to security incidents, proactively hunting for threats, conducting forensic investigations, and contributing to vulnerability management through red teaming or penetration testing where applicable. Strong proficiency with EDR solutions, SIEM log platforms, incident case management tools, and forensic analysis tools is essential.

Key Responsibilities

• Lead and manage complex security incidents, acting as a key contact for stakeholders.
• Perform deep analysis of security alerts to identify, mitigate, and remediate threats.
• Conduct forensic investigations on compromised hosts, networks, and cloud environments.
• Proactively hunt for adversarial activity and anomalous behaviors across large datasets.
• Analyze malware samples (basic level) to determine functionality, impact, and mitigation strategies.
• Develop and refine detection rules, improving alert fidelity and response workflows.
• Contribute to threat intelligence gathering, analyzing attack patterns, and enhancing defensive strategies.
• Participate in red teaming or penetration testing activities to identify and remediate vulnerabilities.
• Provide strategic recommendations for improving the organization’s security posture.
• Create detailed incident reports, threat intelligence assessments, and executive summaries.
• Mentor and provide guidance to junior analysts, fostering continuous improvement in IR methodologies.

Qualifications & Requirements

Education & Experience:

• Bachelor's or Master's degree in Computer Science, Cybersecurity, or a related field.
• Minimum of 5 years of experience in cybersecurity, with at least 2 years in incident response, threat hunting, or forensic analysis.

Technical Expertise:

• Extensive experience responding to targeted attacks from APT groups, cybercriminals, and nation-state actors.
• Strong forensic analysis skills across Windows, Linux, and macOS systems.
• Expertise in network forensics, traffic analysis, and packet inspection (Wireshark, Zeek).
• Proficiency in SIEM platforms (Splunk, Sentinel, QRadar) and EDR solutions (CrowdStrike, Microsoft Defender ATP).
• Knowledge of malware analysis techniques, including static and dynamic analysis.
• Familiarity with cloud security investigations (AWS, Azure, GCP).
• Strong scripting skills in Python, PowerShell, or similar languages for automation.
• Understanding of security architecture, authentication mechanisms, and enterprise IT operations is a plus.
• Experience with vulnerability management, red teaming, or penetration testing is a plus.
• Familiarity with MITRE ATT&CK framework and various cyber threat intelligence methodologies.

Preferred Certifications:

• GIAC (GCFA, GNFA, GCIH, GCIA, GREM)
• CISSP (Certified Information Systems Security Professional)
• CEH (Certified Ethical Hacker)
• OSCP (Offensive Security Certified Professional)
• Cloud Security Certifications (AWS Security Specialty, Microsoft Azure Security)

Key Competencies:

• Strong analytical and problem-solving skills in high-pressure situations.
• Ability to manage multiple investigations efficiently while meeting deadlines.
• Excellent verbal and written communication skills, with the ability to convey technical details to varied audiences.
• Strong team collaboration and leadership skills, with a proactive approach to knowledge sharing.
• Ability to work in a fast-paced environment and adapt to evolving threats and challenges.

Workplace type :

About NTT DATA
NTT DATA is a $30+ billion trusted global innovator of business and technology services. We serve 75% of the Fortune Global 100 and are committed to helping clients innovate, optimize and transform for long-term success. We invest over $3.6 billion each year in R&D to help organizations and society move confidently and sustainably into the digital future. As a Global Top Employer, we have diverse experts in more than 50 countries and a robust partner ecosystem of established and start-up companies. Our services include business and technology consulting, data and artificial intelligence, industry solutions, as well as the development, implementation and management of applications, infrastructure, and connectivity. We are also one of the leading providers of digital and AI infrastructure in the world. NTT DATA is part of NTT Group and headquartered in Tokyo.

Equal Opportunity Employer
NTT DATA is proud to be an Equal Opportunity Employer with a global culture that embraces diversity. We are committed to providing an environment free of unfair discrimination and harassment. We do not discriminate based on age, race, colour, gender, sexual orientation, religion, nationality, disability, pregnancy, marital status, veteran status, or any other protected category. Join our growing global team and accelerate your career with us. Apply today.

Senior Information Security Incident Response Lead page is loaded
Senior Information Security Incident Response Lead Apply locations Kallang, Singapore time type Full time posted on Posted Yesterday job requisition id R-
Make an impact with NTT DATA
Join a company that is pushing the boundaries of what is possible. We are renowned for our technical excellence and leading innovations, and for making a difference to our clients and society. Our workplace embraces diversity and inclusion – it’s a place where you can grow, belong and thrive.
We are seeking an experienced Senior Incident Response Specialist to lead and execute advanced cybersecurity investigations. This is not an entry-level SOC role. You will be responsible for detecting, analyzing, and responding to security incidents, proactively hunting for threats, conducting forensic investigations, and contributing to vulnerability management through red teaming or penetration testing where applicable. Strong proficiency with EDR solutions, SIEM log platforms, incident case management tools, and forensic analysis tools is essential.
Key Responsibilities
Lead and manage complex security incidents, acting as a key contact for stakeholders.
Perform deep analysis of security alerts to identify, mitigate, and remediate threats.
Conduct forensic investigations on compromised hosts, networks, and cloud environments.
Proactively hunt for adversarial activity and anomalous behaviors across large datasets.
Analyze malware samples (basic level) to determine functionality, impact, and mitigation strategies.
Develop and refine detection rules, improving alert fidelity and response workflows.
Contribute to threat intelligence gathering, analyzing attack patterns, and enhancing defensive strategies.
Participate in red teaming or penetration testing activities to identify and remediate vulnerabilities.
Provide strategic recommendations for improving the organization’s security posture.
Create detailed incident reports, threat intelligence assessments, and executive summaries.
Mentor and provide guidance to junior analysts, fostering continuous improvement in IR methodologies.
Qualifications & Requirements
Education & Experience:
Bachelor's or Master's degree in Computer Science, Cybersecurity, or a related field.
Minimum of 5 years of experience in cybersecurity, with at least 2 years in incident response, threat hunting, or forensic analysis.
Technical Expertise:
Extensive experience responding to targeted attacks from APT groups, cybercriminals, and nation-state actors.
Strong forensic analysis skills across Windows, Linux, and macOS systems.
Expertise in network forensics, traffic analysis, and packet inspection (Wireshark, Zeek).
Proficiency in SIEM platforms (Splunk, Sentinel, QRadar) and EDR solutions (CrowdStrike, Microsoft Defender ATP).
Knowledge of malware analysis techniques, including static and dynamic analysis.
Familiarity with cloud security investigations (AWS, Azure, GCP).
Strong scripting skills in Python, PowerShell, or similar languages for automation.
Understanding of security architecture, authentication mechanisms, and enterprise IT operations is a plus.
Experience with vulnerability management, red teaming, or penetration testing is a plus.
Familiarity with MITRE ATT&CK framework and various cyber threat intelligence methodologies.
Preferred Certifications:
GIAC (GCFA, GNFA, GCIH, GCIA, GREM)
CISSP (Certified Information Systems Security Professional)
CEH (Certified Ethical Hacker)
OSCP (Offensive Security Certified Professional)
Cloud Security Certifications (AWS Security Specialty, Microsoft Azure Security)
Key Competencies:
Strong analytical and problem-solving skills in high-pressure situations.
Ability to manage multiple investigations efficiently while meeting deadlines.
Excellent verbal and written communication skills, with the ability to convey technical details to varied audiences.
Strong team collaboration and leadership skills, with a proactive approach to knowledge sharing.
Ability to work in a fast-paced environment and adapt to evolving threats and challenges.
Workplace type :
About NTT DATA
NTT DATA is a $30+ billion trusted global innovator of business and technology services. We serve 75% of the Fortune Global 100 and are committed to helping clients innovate, optimize and transform for long-term success. We invest over $3.6 billion each year in R&D to help organizations and society move confidently and sustainably into the digital future. As a Global Top Employer, we have diverse experts in more than 50 countries and a robust partner ecosystem of established and start-up companies. Our services include business and technology consulting, data and artificial intelligence, industry solutions, as well as the development, implementation and management of applications, infrastructure, and connectivity. We are also one of the leading providers of digital and AI infrastructure in the world. NTT DATA is part of NTT Group and headquartered in Tokyo.
Equal Opportunity Employer
NTT DATA is proud to be an Equal Opportunity Employer with a global culture that embraces diversity. We are committed to providing an environment free of unfair discrimination and harassment. We do not discriminate based on age, race, colour, gender, sexual orientation, religion, nationality, disability, pregnancy, marital status, veteran status, or any other protected category. Join our growing global team and accelerate your career with us. Apply today.
#J-18808-Ljbffr

We are seeking a Senior Cybersecurity Incident Responder to join our team on a long-term engagement. The successful candidate will play a key role in incident triage, response, and investigation , operating at Level 2 to Level 3 (L2–L3) within the Security Operations Center (SOC).

• This is a 12-month extendable contract with strong potential for renewal based on performance as the project is on a long-term basis.

This position is ideal for an experienced security analyst with strong technical skills and hands-on experience using CrowdStrike , conducting log analysis , and managing real-world incident investigations.

• Perform advanced incident triage, response and investigation of security alerts from various sources
• Lead or support L2–L3 incident response efforts , including containment, eradication, and recovery
• Analyze logs from firewalls, intrusion prevention systems (IPS), proxies , and other security platforms
• Use CrowdStrike EDR to identify and respond to threats across endpoints
• Collaborate with SOC, threat intel, and infrastructure teams for coordinated response
• Document findings and create incident reports, timelines, and root cause analysis
• Contribute to playbook updates and process improvements based on lessons learned
• Participate in threat hunting and detection rule tuning as needed

• 4–6+ years of experience in Cybersecurity Incident Response / SOC operations
• Experience in advanced incident triage, response and investigation of security alerts from various sources
• Hands-on experience with:
  • CrowdStrike or similar EDR platforms
  • Log analysis from firewall, IPS, proxy, and endpoint systems
  • SIEM tools for alert triage and investigation
• Deep understanding of attack vectors, malware behavior, and threat actor TTPs (MITRE ATT&CK)
• Familiarity with incident management frameworks (e.g., NIST, SANS)
• Excellent analytical, documentation, and communication skills
• Ability to work independently and under pressure in fast-paced environments
• Relevant certifications a plus: GCIH, GCFA, CEH, or equivalent

Argyll Scott Consulting Pte Ltd

Argyll Scott Asia is acting as an Employment Business in relation to this vacancy.

We are seeking a Senior Cybersecurity Incident Responder to join our team on a long-term engagement. The successful candidate will play a key role in incident triage, response, and investigation , operating at Level 2 to Level 3 (L2–L3) within the Security Operations Center (SOC).

• This is a 12-month extendable contract with strong potential for renewal based on performance as the project is on a long-term basis.

This position is ideal for an experienced security analyst with strong technical skills and hands-on experience using CrowdStrike , conducting log analysis , and managing real-world incident investigations.

• Perform advanced incident triage, response and investigation of security alerts from various sources
• Lead or support L2–L3 incident response efforts , including containment, eradication, and recovery
• Analyze logs from firewalls, intrusion prevention systems (IPS), proxies , and other security platforms
• Use CrowdStrike EDR to identify and respond to threats across endpoints
• Collaborate with SOC, threat intel, and infrastructure teams for coordinated response
• Document findings and create incident reports, timelines, and root cause analysis
• Contribute to playbook updates and process improvements based on lessons learned
• Participate in threat hunting and detection rule tuning as needed

• 4–6+ years of experience in Cybersecurity Incident Response / SOC operations
• Experience in advanced incident triage, response and investigation of security alerts from various sources
• Hands-on experience with:
  • CrowdStrike or similar EDR platforms
  • Log analysis from firewall, IPS, proxy, and endpoint systems
  • SIEM tools for alert triage and investigation
• Deep understanding of attack vectors, malware behavior, and threat actor TTPs (MITRE ATT&CK)
• Familiarity with incident management frameworks (e.g., NIST, SANS)
• Excellent analytical, documentation, and communication skills
• Ability to work independently and under pressure in fast-paced environments
• Relevant certifications a plus: GCIH, GCFA, CEH, or equivalent

Argyll Scott Consulting Pte Ltd

Argyll Scott Asia is acting as an Employment Business in relation to this vacancy.

• Engage in digital forensics and incident response efforts, including investigating complex and large-scale cyberattacks. This includes analyzing logs, performing host and network forensics, and examining malicious software.
• Take part in proactive threat hunting operations, identifying advanced threats and targeted attacks within client environments, and support security evaluations and simulation exercises.
• Detect and analyze indicators of compromise (IOCs) and understand adversaries’ tools, techniques, and procedures (TTPs) to determine the occurrence and impact of security breaches.
• Enhance and apply tools and processes to strengthen the organization's capabilities in investigation and threat detection.
• Work closely with internal IT and cybersecurity teams throughout the course of an investigation.
• Produce detailed and professional reports summarizing investigation findings and insights.

Join to apply for the Senior Cyber Threat Analyst (Offensive Security, Threat Hunting & Incident Response) role at Marina Bay Sands .

1 day ago Be among the first 25 applicants

Join to apply for the Senior Cyber Threat Analyst (Offensive Security, Threat Hunting & Incident Response) role at Marina Bay Sands .

LOVE WHAT YOU DO? THERE IS A PLACE FOR YOU HERE!

Be part of our diverse and inclusive team.

The candidate is expected to perform the following activities:

• Adversarial Simulation: Perform comprehensive analyses and simulations to mimic cyber threats and identify vulnerabilities. Execute intel-led security testing and red/purple team exercises using frameworks such as MITRE Cyber Threat Informed Defence and TIBER-EU. Conduct attack simulation exercises using Tactics, Techniques, and Procedures (TTPs) that cyber threat actors use to plan and execute cyber-attacks.

• Conduct authorized offensive security operations to test the effectiveness of cyber defenses and simulate cyber-attacks. Perform social engineering assessments (email phishing, vishing, physical access attacks) to simulate password theft, system infiltration, and malware/ransomware deployment.

• Lead cyber incident investigations and response efforts. Collaborate with cybersecurity specialists to maintain and update security testing methodologies.

• Ensure consistent and regular attendance. Perform other related duties as assigned.

Education & Certification

• Degree or diploma with at least 5-10 years of hands-on cybersecurity experience in relevant areas. Preferred certifications: CISSP, OSCP, CRTP, CRTO, OSWE.

Experience

• Experience in Gaming, Banking, or Critical Infrastructure InfoComm Industry is an advantage. Effective verbal and written communication skills. Proficiency with offensive security tools such as Cobalt Strike, Empire, Havoc, Mythic. Experience in setting up red teaming Command and Control (C2) infrastructure, including web/proxy servers, redirectors, domain fronting. Skills in developing malicious payloads and understanding obfuscation and encryption techniques. Proficiency in at least one scripting language (e.g., Bash, PowerShell) and/or programming language (e.g., Python, C, C#, C++, Java). Understanding of basic networking concepts and Internet protocols (e.g., TCP/IP, HTTP(S), SMTP, DNS, SSL/TLS). Knowledge of industry-recognized security testing standards and penetration testing methodology. Strong understanding of enterprise technologies, operations, and security evaluations.

Other Prerequisites

• Strong analytical and problem-solving skills. Advanced written and verbal communication skills. Ability to foster an efficient, innovative, and team-oriented work environment. Proactive, dedicated, innovative, resourceful, and able to work under pressure. Excellent communication and interpersonal skills to present ideas and results to both technical and non-technical audiences. Thrive in a fast-paced, dynamic, and global working environment. Adapt quickly to changing priorities and complete tasks within established timeframes. Establish and maintain cooperative working relationships with team members, management, and external contacts. Maintain composure under pressure and meet deadlines with stakeholders.

Marina Bay Sands is committed to building a diverse, equitable and inclusive workforce, providing equal opportunities as we grow our talent base to match our growth ambitions in Singapore. Our employees are committed to adhere to and abide by all rules, regulations, policies and procedures, including the rules of conduct and business ethics of the Company.

• Mid-Senior level

• Full-time

• Information Technology

• Hospitality

Join to apply for the Senior Cyber Threat Analyst (Offensive Security, Threat Hunting & Incident Response) role at Marina Bay Sands .

1 day ago Be among the first 25 applicants

Join to apply for the Senior Cyber Threat Analyst (Offensive Security, Threat Hunting & Incident Response) role at Marina Bay Sands .

LOVE WHAT YOU DO? THERE IS A PLACE FOR YOU HERE!

Be part of our diverse and inclusive team.

Job Responsibilities

The candidate is expected to perform the following activities:

• Adversarial Simulation: Perform comprehensive analyses and simulations to mimic cyber threats and identify vulnerabilities. Execute intel-led security testing and red/purple team exercises using frameworks such as MITRE Cyber Threat Informed Defence and TIBER-EU. Conduct attack simulation exercises using Tactics, Techniques, and Procedures (TTPs) that cyber threat actors use to plan and execute cyber-attacks.

Red Team Activities

• Conduct authorized offensive security operations to test the effectiveness of cyber defenses and simulate cyber-attacks. Perform social engineering assessments (email phishing, vishing, physical access attacks) to simulate password theft, system infiltration, and malware/ransomware deployment.

Forensics And Incident Response

• Lead cyber incident investigations and response efforts. Collaborate with cybersecurity specialists to maintain and update security testing methodologies.

General Responsibilities

• Ensure consistent and regular attendance. Perform other related duties as assigned.

Job Requirements

Education & Certification

• Degree or diploma with at least 5-10 years of hands-on cybersecurity experience in relevant areas. Preferred certifications: CISSP, OSCP, CRTP, CRTO, OSWE.

Experience

• Experience in Gaming, Banking, or Critical Infrastructure InfoComm Industry is an advantage. Effective verbal and written communication skills. Proficiency with offensive security tools such as Cobalt Strike, Empire, Havoc, Mythic. Experience in setting up red teaming Command and Control (C2) infrastructure, including web/proxy servers, redirectors, domain fronting. Skills in developing malicious payloads and understanding obfuscation and encryption techniques. Proficiency in at least one scripting language (e.g., Bash, PowerShell) and/or programming language (e.g., Python, C, C#, C++, Java). Understanding of basic networking concepts and Internet protocols (e.g., TCP/IP, SMTP, DNS, SSL/TLS). Knowledge of industry-recognized security testing standards and penetration testing methodology. Strong understanding of enterprise technologies, operations, and security evaluations.

Other Prerequisites

• Strong analytical and problem-solving skills. Advanced written and verbal communication skills. Ability to foster an efficient, innovative, and team-oriented work environment. Proactive, dedicated, innovative, resourceful, and able to work under pressure. Excellent communication and interpersonal skills to present ideas and results to both technical and non-technical audiences. Thrive in a fast-paced, dynamic, and global working environment. Adapt quickly to changing priorities and complete tasks within established timeframes. Establish and maintain cooperative working relationships with team members, management, and external contacts. Maintain composure under pressure and meet deadlines with stakeholders.

Marina Bay Sands is committed to building a diverse, equitable and inclusive workforce, providing equal opportunities as we grow our talent base to match our growth ambitions in Singapore. Our employees are committed to adhere to and abide by all rules, regulations, policies and procedures, including the rules of conduct and business ethics of the Company.

Seniority level

• Mid-Senior level

Employment type

• Full-time

Job function

• Information Technology

Industries

• Hospitality