135 Security Incidents jobs in Singapore

Join to apply for the Information Technology - Cyber Security Engineer (Threat Management and Incident Response) (Scoot) role at Singapore Airlines .

You will be a member of the Group Information Security Team responsible for responding to threats and incidents to the corporate networks, systems (on-prem and cloud), and digital assets.

• Perform security monitoring and incident response activities across the Scoot networks, leveraging a variety of tools and techniques.
• Manage Security Operations Center.
• Detect incidents through proactive “hunting” across security-relevant data sets.
• Correlate multiple events from different devices to identify abnormal behaviour.
• Document incident response analysis activities thoroughly.
• Develop new, repeatable methods for finding malicious activities.
• Provide recommendations to enhance detection and protection capabilities.
• Present technical topics effectively to both technical and non-technical audiences.
• Develop and follow detailed operational processes and procedures for analyzing, escalating, and remediating security incidents.
• Prioritize multiple high-priority tasks and formulate responses in a fast-paced environment.
• Prepare documentation for security standards, operational procedures, and system hardening.
• Analyze endpoint, network, and application logs.
• Assist other IT teams with security-related issues.
• Engage with vendors and SIA team members for security reviews.

• Degree in Computer Engineering, Computer Science, Information Systems, or equivalent.
• At least 5-6 years of experience in Cybersecurity Incident and Security Operations.
• Experience in Information Security with a focus on Cyber Security Operations, Incident Response, and Detection.
• Experience working in SOC or Computer Incident Response Team.
• Excellent problem-solving skills, including root cause analysis and post-incident reviews.
• Solid knowledge of computer networks and protocols.
• Knowledge of cyber threat actors and APT groups.
• Experience with Threat Intelligence Platforms.
• Experience with SIEM tools, especially Splunk.
• Professional security qualifications (e.g., GCIA, CISSP) are advantageous.
• Preferred certifications: CISSP, CISM, CISA, ISMS, TOGAF, SABS.
• Good interpersonal skills and ability to work independently and in teams.

We thank all candidates for your interest in Singapore Airlines, and regret that only shortlisted candidates will be notified.

• Seniority level: Mid-Senior level
• Employment type: Full-time
• Job function: Information Technology
• Industries: Airlines and Aviation

Referrals increase your chances of interviewing at Singapore Airlines by 2x.

Job Description

You will be a member of the Group Information Security Team responsible for responding to threats and incidents to the corporate networks, systems (on-prem and cloud), and digital assets.

Key Responsibilities:

•Perform security monitoring and incident response activities across the scoot networks, leveraging a variety of tools and techniques.

•Manage Security Operations center.

•Detect incidents through proactive “hunting” across security-relevant data sets.

•Ability to correlate multiple events from different devices to identify abnormal behaviour

•Document incident response analysis activities thoroughly

•Develop new, repeatable methods for finding malicious activities

•Provide recommendations to enhance detection and protection capabilities.

•Effectively present technical topics to both technical and non-technical audiences

•Develop and follow detailed operational processes and procedures to appropriately analyze, escalate, and assist in the remediation of information security incidents

•Prioritize multiple high-priority tasks and formulate responses/recommendations in a fast-paced environment

•Prepare documentation for security technical standards, standard operational procedures, and hardening standards.

•Analyse endpoint, network, and application logs

•Assist other IT teams in security-related issues

•Engage with vendors and parent company SIA team members for security reviews.

Requirements:

•Degree in Computer Engineering, Computer Science, Information Systems, or equivalent qualification.

•At least 5-6 years of experience in Cybersecurity Incident and Security Operations.

•Demonstrate experience in Information Security with a focus on Cyber Security Operations, Incident Response and Detection.

•Experience working in the Security Operations Centre and/or Computer Incident Response Team.

•Excellent problem-solving skills combined with hands-on experience doing root cause analysis and post-incident reviews.

•Solid knowledge of computer networks and common protocols

•Knowledge of prominent cyber threat actors and APT groups.

•Experience with Threat Intelligence Platforms.

•Experience with SIEM (especially Splunk).

•Professional security related qualifications (i.e. GCIA, CISSP etc) will be an advantage

•Preferred certifications: CISSP, CISM, CISA, ISMS, TOGAF, SABS

•Good interpersonal skills

Select how often (in days) to receive an alert:

NCS is a leading technology services firm that operates across the Asia Pacific region in over 20 cities, providing consulting, digital services, technology solutions, and more. We believe in harnessing the power of technology to achieve extraordinary things, creating lasting value and impact for our communities, partners, and people. Our diverse workforce of 13,000 has delivered large-scale, mission-critical, and multi-platform projects for governments and enterprises in Singapore and the APAC region.

As a Security Analyst, this incumbent will perform initial analysis (e.g. analysing and reviewing alerts, eliminating false positives and determining severity of threats) to determine impact of compromise

What will you do?

• Perform initial analysis (e.g. analysing and reviewing alerts, eliminating false positives and determining severity of threats) to determine impact of compromise
• Conduct basic investigations of security events, including malware infections and unauthorized access attempts.
• Determine the nature, mechanisms and scope of incident by performing event correlation and historical searches to determine the extent of a security compromise
• Escalate complex or highly suspicious alerts for further investigation and response.
• Record details of all activities, including investigations performed, findings and remediation steps taken.
• Collects data, evidence, and context necessary for further escalation.
• Perform event correlation across the In-Scope Institutions to identify similar attack pattern and spread of attack.
• Handling case management, generating tickets and reports when required, and tracking open tickets until closure

The ideal candidate should possess:

• Bachelor’s degree in Information Technology, Cybersecurity, Computer Science, or related field.
• Able to commit to permanent night shifts
• Team player and able to work independently.
• Experience in analysing data and review alerts

We are driven by our AEIOU beliefs—Adventure, Excellence, Integrity, Ownership, and Unity —and we seek individuals who embody these values in both their professional and personal lives. We are committed to our Impact: Valuing our clients, Growing our people, and Creating our future .

Together, we make the extraordinary happen .

Learn more about us at ncs.co and visit our LinkedIn career site.

Select how often (in days) to receive an alert:

NCS is a leading technology services firm that operates across the Asia Pacific region in over 20 cities, providing consulting, digital services, technology solutions, and more. We believe in harnessing the power of technology to achieve extraordinary things, creating lasting value and impact for our communities, partners, and people. Our diverse workforce of 13,000 has delivered large-scale, mission-critical, and multi-platform projects for governments and enterprises in Singapore and the APAC region.

As a Security Analyst, this incumbent will perform initial analysis (e.g. analysing and reviewing alerts, eliminating false positives and determining severity of threats) to determine impact of compromise

What will you do?

• Perform initial analysis (e.g. analysing and reviewing alerts, eliminating false positives and determining severity of threats) to determine impact of compromise
• Conduct basic investigations of security events, including malware infections and unauthorized access attempts.
• Determine the nature, mechanisms and scope of incident by performing event correlation and historical searches to determine the extent of a security compromise
• Escalate complex or highly suspicious alerts for further investigation and response.
• Record details of all activities, including investigations performed, findings and remediation steps taken.
• Collects data, evidence, and context necessary for further escalation.
• Perform event correlation across the In-Scope Institutions to identify similar attack pattern and spread of attack.
• Handling case management, generating tickets and reports when required, and tracking open tickets until closure

The ideal candidate should possess:

• Bachelor’s degree in Information Technology, Cybersecurity, Computer Science, or related field.
• Able to commit to permanent night shifts
• Team player and able to work independently.
• Experience in analysing data and review alerts

We are driven by our AEIOU beliefs—Adventure, Excellence, Integrity, Ownership, and Unity —and we seek individuals who embody these values in both their professional and personal lives. We are committed to our Impact: Valuing our clients, Growing our people, and Creating our future .

Together, we make the extraordinary happen .

Learn more about us at ncs.co and visit our LinkedIn career site.

Press Tab to Move to Skip to Content Link

Select how often (in days) to receive an alert:

Select how often (in days) to receive an alert:

NCS is a leading technology services firm that operates across the Asia Pacific region in over 20 cities, providing consulting, digital services, technology solutions, and more. We believe in harnessing the power of technology to achieve extraordinary things, creating lasting value and impact for our communities, partners, and people. Our diverse workforce of 13,000 has delivered large-scale, mission-critical, and multi-platform projects for governments and enterprises in Singapore and the APAC region.

As a SOC Consultant, you'll be responsible for conducting advanced threat analysis and investigating security incidents to safeguard organizational assets. The role involves close collaboration with Cyber Incident Response Team (CIRT) members, business stakeholders, and executive leadership to coordinate effective response protocols. Key responsibilities include developing detection logic, configuring security platforms such as SIEM, SOAR, EDR, and threat intelligence tools, and creating detailed technical reports documenting forensic procedures and timelines.

What will you do?

• Perform advanced threat analysis and investigate security events.
• Work with CIRT members, business partners, and executive leadership to coordinate response protocols.
• Writing technical reports detailing how the computer evidence was discovered and all the steps taken during the retrieval process (timeline).
• Develop detection logic & security playbooks.
• Configure SIEM, SOAR, EDR and/or threat intelligence platforms.
• Sharing knowledge with SOC Security Analyst and supporting them.
• Conduct sampling check on SOC Security Analyst tickets.
• Be clear of customer's security framework, such as information security policies, processes/procedures, guidelines and etc.

The ideal candidate should possess:

• Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field.
• Relevant certifications such as GCIA, GCIH, CEH, CISSP, or Security+ are highly preferred.
• 3–5 years of experience in cybersecurity operations, threat analysis, or incident response.
• Hands-on experience with SIEM, SOAR, EDR, and threat intelligence platforms.
• Proven experience in writing technical reports and conducting forensic investigations.
• Strong understanding of network protocols, malware behavior, and attack vectors.
• Proficiency in configuring and tuning security tools and platforms.
• Ability to develop detection logic and security playbooks.
• Familiarity with scripting languages (e.g., Python, PowerShell) is a plus.
• Excellent communication and report-writing skills.
• Strong analytical and problem-solving abilities.
• Ability to work collaboratively with cross-functional teams including CIRT, SOC, and leadership.
• Detail-oriented with a proactive approach to continuous improvement.
• Solid grasp of information security frameworks, policies, and procedures.
• Understanding of regulatory compliance standards (e.g., ISO 27001, NIST, GDPR).

We are driven by our AEIOU beliefs—Adventure, Excellence, Integrity, Ownership, and Unity —and we seek individuals who embody these values in both their professional and personal lives. We are committed to our Impact: Valuing our clients, Growing our people, and Creating our future .

Together, we make the extraordinary happen .

Learn more about us at ncs.co and visit our LinkedIn career site.

Job Overview

We seek a diligent Surveillance Officer to fill a critical role in maintaining game integrity, ensuring guest and team member safety, and protecting company assets.

Key Responsibilities:

• Maintain the integrity of games by monitoring and addressing potential issues.
• Ensure the safety and security of guests and team members by identifying and mitigating risks.
• Protect company assets through vigilant monitoring and reporting.

Requirements:

• Detailed analytical skills for effective issue identification and resolution.
• Excellent communication skills for clear reporting and collaboration.
• Able to work independently with minimal supervision.

Benefits:

• Ongoing training and professional development opportunities.
• A supportive and dynamic work environment.
• A competitive compensation package.

About the Role:

This is an excellent opportunity for a motivated and detail-oriented individual to join our surveillance operations team.

• Assess technologies and solutions against cyber security standard.
• Identify, analyse, and prioritize cyber security risks.
• Assess and advise security by design concepts in Cloud platforms such as AWS or Azure Cloud.
• Develop and oversees implementation of risk mitigation strategies and controls.
• Maintain and update the organization's risk register.

Compliance:

• Stay up-to-date on relevant IT security regulations and standards (e.g., PCI-DSS, ITRM, IM8, etc).
• Develop and implement security policies and procedures.
• Monitor and audit compliance activities.
• Report on compliance status to relevant stakeholders.
• Establish compliance initiatives to ensure conformance with security requirements

Security Operations:

• Monitor and mitigate potential data loss events, and investigate suspected incidents.
• Investigate security incidents and implement appropriate response measures.

Business Continuity Planning and Management:

• Review existing and/or develop new corporate crisis plans and policies to ensure relevance in tandem with the company or external changes.
• Plan and coordinate simulation exercises to ensure the company preparedness for potential disruptions.
• Execute business continuity & resilience awareness initiatives to enhance workforce resilience.
• Work closely with IT operations, development, and other business units to promote security awareness and best practices.
• Provide guidance and training to employees on security policies and procedures.
• Collaborate with external auditors and regulators.
• Prepare regular management reports on overall IT security posture.

Requirements:

• Bachelor's degree in Cybersecurity, Information Technology, or related field (or equivalent experience).
• Minimum of 3-5 years of experience in IT security, risk management, and compliance.
• Strong understanding of IT security concepts, frameworks, and methodologies.
• Working knowledge of relevant IT security regulations and standards.
• Experience with security tools and technologies (e.g., DLP solutions, SIEM, IDS/IPS).
• Experience with one of the major cloud service providers (CSP) technologies, including but not limited to AWS and Azure etc.
• Cloud security certification is preferred (CCSP, CCSE, AZ 500, GCSA, CompTIA Cloud+ etc)
• CISA / CISM / CISSP certifications will be an added advantage
• Excellent analytical and problem-solving skills.
• Strong communication and interpersonal skills.
• Self-driven and independent, with good attention to detail and quality
• Ability to work independently and as part of a team

• Seniority level Associate

• Employment type Full-time

• Job function Information Technology

Referrals increase your chances of interviewing at AXS Pte Ltd by 2x

Get notified about new Information Technology Security Analyst jobs in Singapore, Singapore .

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

6 hours ago Be among the first 25 applicants

Get AI-powered advice on this job and more exclusive features.

• Responsible to ensure accurate and rapid response to security events
• Analyze security logs, SIEM alerts, and incident reports to identify and mitigate risks.
• Respond to and investigate security incidents, including breaches, malware outbreaks, and phishing attacks. Monitor networks and systems for security breaches, alerts, and anomalous activity.
• Conduct root-cause analysis to prevent future incidents and develop incident response procedures.
• Provide analysis and trending of security log data from various security devices
• Configure and maintain SIEM tools to align with the organization’s security objectives and threat landscape.
• Create custom SIEM dashboards and reports for different stakeholders to visualize critical security metrics and incident data.
• Develop and optimize SIEM content, including rules, alerts, and correlation logic, to improve threat detection and response.
• Regularly review and tune SIEM rules to reduce false positives, enhance event correlation, and maintain relevance to evolving threats.
• Document and update SIEM processes and configurations, ensuring a high level of data accuracy and availability.
• Perform regular vulnerability scans and assist in patch management processes. Work with IT teams to prioritize and remediate them.
• Recommend solutions to mitigate risks in any activity that may potentially impact security of existing IT and inform management
• Ensure compliance with industry regulations (e.g. GDPR, ISO 27001) and company policies.
• Assist in the development, implementation, and maintenance of security policies, standards, and guidelines.
• Assist in training staff on security best practices, including phishing awareness and data protection.
• Help develop educational materials and conduct periodic security awareness training.
• Advise and consult internal/ external customers on risk assessment, threat modelling and vulnerability management.
• Perform risk assessments and recommend security measures to mitigate potential risks.
  
  

• 12 months contract
• Work location: Bendemeer
  
  

• Responsible to ensure accurate and rapid response to security events
• Analyze security logs, SIEM alerts, and incident reports to identify and mitigate risks.
• Respond to and investigate security incidents, including breaches, malware outbreaks, and phishing attacks. Monitor networks and systems for security breaches, alerts, and anomalous activity.
• Conduct root-cause analysis to prevent future incidents and develop incident response procedures.
• Provide analysis and trending of security log data from various security devices
• Configure and maintain SIEM tools to align with the organization’s security objectives and threat landscape.
• Create custom SIEM dashboards and reports for different stakeholders to visualize critical security metrics and incident data.
• Develop and optimize SIEM content, including rules, alerts, and correlation logic, to improve threat detection and response.
• Regularly review and tune SIEM rules to reduce false positives, enhance event correlation, and maintain relevance to evolving threats.
• Document and update SIEM processes and configurations, ensuring a high level of data accuracy and availability.
• Perform regular vulnerability scans and assist in patch management processes. Work with IT teams to prioritize and remediate them.
• Recommend solutions to mitigate risks in any activity that may potentially impact security of existing IT and inform management
• Ensure compliance with industry regulations (e.g. GDPR, ISO 27001) and company policies.
• Assist in the development, implementation, and maintenance of security policies, standards, and guidelines.
• Assist in training staff on security best practices, including phishing awareness and data protection.
• Help develop educational materials and conduct periodic security awareness training.
• Advise and consult internal/ external customers on risk assessment, threat modelling and vulnerability management.
• Perform risk assessments and recommend security measures to mitigate potential risks.
  
  

• Bachelor Degree or Advanced Diploma in Computer Science, Information Technology, Cybersecurity from a recognized university or related field (or equivalent experience)
• At least 1-3 years in a cybersecurity role, with hands-on experience in SIEM content management, network security, threat monitoring, or incident response.
• Strong knowledge of cybersecurity principles, practices, and technologies.
• Expertise in SIEM tools and content management, including rule creation, alert tuning, and report customization.
• Proficiency with security tools like firewalls, IDPS, antivirus, and vulnerability scanners.
• Knowledge of scripting (Python, PowerShell) for automation within the SIEM environment is a plus.
• Ability to analyze and interpret security data to identify vulnerabilities and potential threats.
• Excellent communication skills, with the ability to explain complex security concepts to non-technical stakeholders.
• Strong analytical skills and attention to detail.
• Experience in the application of threat modelling or other risk identification techniques
• Detailed knowledge of system security vulnerabilities and remediation techniques, including penetration testing and the development of exploits
• Breadth of knowledge in information security space with emphasis on TCP/IP network security, operating system security, common attack patterns and exploitation techniques
• Relevant certifications (e.g., CompTIA Security+, Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), GIAC Security Essentials (GSEC)) are a plus
• Effective leadership skills and a team player
• Strong sense of ownership and drive
• Ability to work on-call or off-hours as needed to respond to security incidents.
• May require occasional travel for training or workshop.
  
  

• Seniority level Entry level

• Employment type Contract

• Job function Information Technology
• Industries Staffing and Recruiting

Referrals increase your chances of interviewing at Peoplebank by 2x

Get notified about new Cyber Security Analyst jobs in Singapore, Singapore .

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

We are seeking a skilled Cybersecurity Maintenance Specialist to join our team.

Key Responsibilities:

• Monitor and maintain security tools, firewalls, antivirus software, and IDS/IPS.

• Assist in identifying and responding to security incidents.

• Liaise with technology vendors for escalations.

• Conduct vulnerability assessments and patch management.

• Support security audits and ensure compliance with best practices.

• Collaborate with IT teams to implement security measures.

• Maintain documentation on security procedures and incidents.

• Conduct Proof of Concept for new security solutions.

Skills:

• Diploma/Degree in IT, Computer Science, Engineering, or equivalent.

• 2 – 3 years of experience in cybersecurity maintenance or IT security operations.

• Strong analytical skills and attention to detail.

• Ability to manage multiple tasks independently.

• Excellent written and verbal communication skills.

• Team-oriented with a customer service mindset.

• Experience in cybersecurity domains (e.g., Endpoint Protection, Network Security, IAM).

• Certifications like CompTIA Security+ or CISSP are a plus.

By sending us your personal data and curriculum vitae (CV), you are deemed to consent to Morgan Mckinley Pte Ltd and its affiliates to collect, use and disclose your personal data for the purposes set out in the Privacy Policy available at You acknowledge that you have read, understood, and agree with the Privacy Policy.


Morgan McKinley Pte Ltd
Koh Boon Sien
EA Licence No: 11C5502
EA Registration No. R1110345