202 Security Incidents jobs in Singapore

Information Technology - Cyber Security Engineer (Threat Management and Incident Response) (Scoot)
Join to apply for the
Information Technology - Cyber Security Engineer (Threat Management and Incident Response) (Scoot)
role at
Singapore Airlines .
Job Description
You will be a member of the Group Information Security Team responsible for responding to threats and incidents to the corporate networks, systems (on-prem and cloud), and digital assets.
Key Responsibilities
Perform security monitoring and incident response activities across the Scoot networks, leveraging a variety of tools and techniques.
Manage Security Operations Center.
Detect incidents through proactive “hunting” across security-relevant data sets.
Correlate multiple events from different devices to identify abnormal behaviour.
Document incident response analysis activities thoroughly.
Develop new, repeatable methods for finding malicious activities.
Provide recommendations to enhance detection and protection capabilities.
Present technical topics effectively to both technical and non-technical audiences.
Develop and follow detailed operational processes and procedures for analyzing, escalating, and remediating security incidents.
Prioritize multiple high-priority tasks and formulate responses in a fast-paced environment.
Prepare documentation for security standards, operational procedures, and system hardening.
Analyze endpoint, network, and application logs.
Assist other IT teams with security-related issues.
Engage with vendors and SIA team members for security reviews.
Requirements
Degree in Computer Engineering, Computer Science, Information Systems, or equivalent.
At least 5-6 years of experience in Cybersecurity Incident and Security Operations.
Experience in Information Security with a focus on Cyber Security Operations, Incident Response, and Detection.
Experience working in SOC or Computer Incident Response Team.
Excellent problem-solving skills, including root cause analysis and post-incident reviews.
Solid knowledge of computer networks and protocols.
Knowledge of cyber threat actors and APT groups.
Experience with Threat Intelligence Platforms.
Experience with SIEM tools, especially Splunk.
Professional security qualifications (e.g., GCIA, CISSP) are advantageous.
Preferred certifications: CISSP, CISM, CISA, ISMS, TOGAF, SABS.
Good interpersonal skills and ability to work independently and in teams.
We thank all candidates for your interest in Singapore Airlines, and regret that only shortlisted candidates will be notified.
Additional Details
Seniority level: Mid-Senior level
Employment type: Full-time
Job function: Information Technology
Industries: Airlines and Aviation
Referrals increase your chances of interviewing at Singapore Airlines by 2x.
Explore more roles and set job alerts for “Information Technology Security Engineer”.
#J-18808-Ljbffr

At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. We do this by driving Responsible Growth and delivering for our clients, teammates, communities and shareholders every day.
Being a Great Place to Work is core to how we drive Responsible Growth. This includes our commitment to being an inclusive workplace, attracting and developing exceptional talent, supporting our teammates’ physical, emotional, and financial wellness, recognizing and rewarding performance, and how we make an impact in the communities we serve.
Bank of America is committed to an in-office culture with specific requirements for office-based attendance and which allows for an appropriate level of flexibility for our teammates and businesses based on role-specific considerations.
At Bank of America, you can build a successful career with opportunities to learn, grow, and make an impact. Join us!
Job Description:
The Identity Defense team aims to mitigate incidents through monitoring of network account usage, authentication activities and authentication behaviors. The team is responsible to reduce the risk associated with misuse or illicit use of accounts which grant access to Bank of America's workforce network. An Identity Defense analyst is accountable for researching, designing, engineering, implementing, and supporting solutions to prevent and detect anomalous use of accounts.
Responsibilities:
The Identity Defense Specialist will support design efforts to build out new processes, controls, and supporting governance related to implementation of human and non-human account monitoring to protect the Bank. You will utilize in-depth technical knowledge and business requirements to help implement scalable solutions, inclusive of monitoring, alerting, and escalation frameworks focused on core account protections. Leveraging your knowledge of both common and emerging threats related to account take-over, you will have an opportunity to proactively develop, implement, and influence controls and policy within the digital identity domain. You will partner with leaders from line of business organizations to triage security events and report on impacting security incidents.
The Analyst will regularly collaborate with experts in and out of our team, both in country and in other regions, so excellent communication skills are very important. The role will also involve discussion with employees as part of alert analysis and disposition. If you are seeking a demanding role within Global Information Security (GIS) and have the required skills, this will be a great opportunity for you. Typically, applicants should have 3+ years of cybersecurity or engineering experience. Responsibilities include, but are not limited to:
Actively investigate alerts related to potentially anomalous behavior/activity.
Confidently and professionally interview/question users to determine or confirm root cause.
Communicate effectively with response and business partners.
Build and monitor Splunk alerting and dashboards.
Identify areas for further process automation, simplification, and improvement.
Provide status updates for executives and stakeholders in non-technical terms encompassing risk, impact, containment, remediation, etc.
Risk management.
Comprehensively document analysis, investigative activities, actions, etc.
Required Skills:
3+ years of experience with cloud information security related activities.
3+ years of experience in an operations focused cloud information security role.
Experience conducting analysis/investigation and containment of potential data breaches or cyber security incidents.
Ability to analyze data and evaluate relevance to a specific incident under investigation.
Ability to handle multiple competing priorities in a fast-paced environment; ability to be decisive and take action without causing an undue delay.
Ability to exercise independent judgment when responding to alerts.
Ability to communicate effectively across all levels of the organization, to both technical and non-technical audiences.
Familiarity with security vulnerabilities exploits and hacker techniques.
Familiarity identity management standards, social engineering TTPs, and the incident response lifecycle.
Familiarity with Splunk, and the ability to build queries, alerts, dashboards, etc.
Knowledgeable of current authentication-based exploits.
Proven experience presenting findings via written reports and orally to key stakeholders in clear and concise language.
Supportive and can work well as part of a team as well as independently.
Can remain calm under pressure.
Ability to work in a strong team-orientated environment with a sense of urgency and resilience.
Critical thinking - must be able to think outside the box and develop solutions to accomplish seemingly impossible tasks while remaining risk and objective focused.
Desired Skills:
Desired Skills/Qualifications/Certifications:
Cloud+; AZ-900 (Azure Fundamentals), AZ-500 (Azure Security Engineer Associate), SC-900 (Security, Compliance and Identity Fundamentals); AWS Certified Security Specialty 2024
#J-18808-Ljbffr

Overview
Bank of America aims to mitigate incidents through monitoring of network account usage, authentication activities and authentication behaviors. The Identity Defense team reduces risk associated with misuse or illicit use of accounts which grant access to Bank of America's workforce network. An Identity Defense analyst researches, designs, engineering, implementing, and supporting solutions to prevent and detect anomalous use of accounts.
Responsibilities
Actively investigate alerts related to potentially anomalous behavior/activity.
Confidently and professionally interview/question users to determine or confirm root cause.
Communicate effectively with response and business partners.
Build and monitor Splunk alerting and dashboards.
Identify areas for further process automation, simplification, and improvement.
Provide status updates for executives and stakeholders in non-technical terms encompassing risk, impact, containment, remediation, etc.
Risk management.
Comprehensively document analysis, investigative activities, actions, etc.
Required Skills
3+ years of experience with cloud information security related activities.
3+ years of experience in an operations focused cloud information security role.
Experience conducting analysis/investigation and containment of potential data breaches or cyber security incidents.
Ability to analyze data and evaluate relevance to a specific incident under investigation.
Ability to handle multiple competing priorities in a fast-paced environment; ability to be decisive and take action without causing an undue delay.
Ability to exercise independent judgment when responding to alerts.
Ability to communicate effectively across all levels of the organization, to both technical and non-technical audiences.
Familiarity with security vulnerabilities exploits and hacker techniques.
Familiarity identity management standards, social engineering TTPs, and the incident response lifecycle.
Familiarity with Splunk, and the ability to build queries, alerts, dashboards, etc.
Knowledgeable of current authentication-based exploits.
Proven experience presenting findings via written reports and orally to key stakeholders in clear and concise language.
Supportive and can work well as part of a team as well as independently.
Can remain calm under pressure.
Ability to work in a strong team-orientated environment with a sense of urgency and resilience.
Critical thinking - must be able to think outside the box and develop solutions to accomplish seemingly impossible tasks while remaining risk and objective focused.
Desired Skills
Cloud+; AZ-900 (Azure Fundamentals), AZ-500 (Azure Security Engineer Associate), SC-900 (Security, Compliance and Identity Fundamentals); AWS Certified Security Specialty 2024
#J-18808-Ljbffr

Select how often (in days) to receive an alert:

NCS is a leading technology services firm that operates across the Asia Pacific region in over 20 cities, providing consulting, digital services, technology solutions, and more. We believe in harnessing the power of technology to achieve extraordinary things, creating lasting value and impact for our communities, partners, and people. Our diverse workforce of 13,000 has delivered large-scale, mission-critical, and multi-platform projects for governments and enterprises in Singapore and the APAC region.

As a Security Analyst, this incumbent will perform initial analysis (e.g. analysing and reviewing alerts, eliminating false positives and determining severity of threats) to determine impact of compromise

What will you do?

• Perform initial analysis (e.g. analysing and reviewing alerts, eliminating false positives and determining severity of threats) to determine impact of compromise
• Conduct basic investigations of security events, including malware infections and unauthorized access attempts.
• Determine the nature, mechanisms and scope of incident by performing event correlation and historical searches to determine the extent of a security compromise
• Escalate complex or highly suspicious alerts for further investigation and response.
• Record details of all activities, including investigations performed, findings and remediation steps taken.
• Collects data, evidence, and context necessary for further escalation.
• Perform event correlation across the In-Scope Institutions to identify similar attack pattern and spread of attack.
• Handling case management, generating tickets and reports when required, and tracking open tickets until closure

The ideal candidate should possess:

• Bachelor’s degree in Information Technology, Cybersecurity, Computer Science, or related field.
• Able to commit to permanent night shifts
• Team player and able to work independently.
• Experience in analysing data and review alerts

We are driven by our AEIOU beliefs—Adventure, Excellence, Integrity, Ownership, and Unity —and we seek individuals who embody these values in both their professional and personal lives. We are committed to our Impact: Valuing our clients, Growing our people, and Creating our future .

Together, we make the extraordinary happen .

Learn more about us at ncs.co and visit our LinkedIn career site.

Role Overview

Our client, a leading global commodities brokerage and financial services firm, is seeking an IAM Operations Analyst to support and manage identity lifecycle processes, authentication, authorization, and access control across a full stack of business applications. The role will work closely with IT, security, and infrastructure teams to ensure secure and compliant access management.

Key Responsibilities

• Design and implement IAM frameworks aligned with security best practices and business needs

• Manage user provisioning, deprovisioning, and role-based access control across multiple systems

• Ensure compliance with regulations (e.g., GDPR, SOX) and internal security policies

• Maintain documentation of user access policies and audit logs for reporting purposes

• Conduct role-based access control (RBAC) reviews to minimize excessive or inappropriate permissions

• Collaborate with IT, security, and business stakeholders to align IAM initiatives with organizational goals

• Lead investigations into access-related incidents and recommend remediation measures

• Promote security awareness and train staff on access policies and procedures

• Oversee IAM team activities, including performance appraisals and ensuring SLAs are met

• Monitor and manage Jira queues to ensure timely resolution of requests

Requirements

• Strong knowledge of IAM tools (e.g., Okta, SailPoint, CyberArk, Azure AD) and technologies such as SSO, MFA, and RBAC

• Solid understanding of security principles such as least privilege, identity governance, and privileged access management

• Familiarity with compliance frameworks and regulations such as GDPR, SOX, HIPAA, ISO

• Strong problem-solving, analytical, and communication skills with the ability to work across technical and non-technical teams

• Experience conducting audits, producing reports, and ensuring IAM systems comply with legal and regulatory standards

• Ability to respond effectively to access-related incidents and manage IAM operations in high-pressure situations

• Experience working in regulated industries such as financial services

• Proven ability to engage stakeholders and present IAM risks and performance to senior leadership

Yang Lily, Recruit Avenue Pte. Ltd.

EA License Number: 23C1935 | EA Personnel Number: R

Select how often (in days) to receive an alert:
NCS is a leading technology services firm that operates across the Asia Pacific region in over 20 cities, providing consulting, digital services, technology solutions, and more. We believe in harnessing the power of technology to achieve extraordinary things, creating lasting value and impact for our communities, partners, and people. Our diverse workforce of 13,000 has delivered large-scale, mission-critical, and multi-platform projects for governments and enterprises in Singapore and the APAC region.
As a Security Analyst, this incumbent will perform initial analysis (e.g. analysing and reviewing alerts, eliminating false positives and determining severity of threats) to determine impact of compromise
What will you do?
Perform initial analysis (e.g. analysing and reviewing alerts, eliminating false positives and determining severity of threats) to determine impact of compromise
Conduct basic investigations of security events, including malware infections and unauthorized access attempts.
Determine the nature, mechanisms and scope of incident by performing event correlation and historical searches to determine the extent of a security compromise
Escalate complex or highly suspicious alerts for further investigation and response.
Record details of all activities, including investigations performed, findings and remediation steps taken.
Collects data, evidence, and context necessary for further escalation.
Perform event correlation across the In-Scope Institutions to identify similar attack pattern and spread of attack.
Handling case management, generating tickets and reports when required, and tracking open tickets until closure
The ideal candidate should possess:
Bachelor’s degree in Information Technology, Cybersecurity, Computer Science, or related field.
Able to commit to permanent night shifts
Team player and able to work independently.
Experience in analysing data and review alerts
We are driven by our
AEIOU beliefs—Adventure, Excellence, Integrity, Ownership, and Unity —and we seek individuals who embody these values in both their professional and personal lives. We are
committed to our Impact: Valuing our clients, Growing our people, and Creating our future .
Together, we
make the extraordinary happen .
Learn more about us at ncs.co and visit our LinkedIn career site.
#J-18808-Ljbffr

Overview

Join to apply for the Security Analyst 3 role at Oracle .

We are looking for professionals with experience protecting critical infrastructure to help defend Oracle cloud infrastructure. Our team is skilled in threat hunting, analyzing indicators of compromise (IOCs), investigating adverse security events, security incident management, and digital forensics across IaaS, PaaS and SaaS environments. You will be part of a corporate security operations center responsible for defending infrastructure from adversaries and insider threats. This includes using tools to analyze and respond to threats, creating tools/scripts to aid in analysis, and responding in real time to adverse security events. The Senior SOC Analyst will leverage advanced security tooling and automation to rapidly detect and respond to real-time security alerts and events and conduct detailed root cause investigations. The analyst will work closely with other SOC personnel, forensics, incident response, and engineering partners to mitigate a wide variety of threats and malicious activity.

• Support shifts and on call rotations
• Detect and respond to security events and threats from alerting, escalations, and other sources
• Lead complex investigations and conduct deep analysis of security events focused on rapid containment, remediation, and mitigation
• Work closely with security engineering teams to improve monitoring, detection, and tooling
• Understand the threat landscape, emerging trends, and incorporate this understanding into day-to-day security monitoring
• Operate SOC technologies, including but not limited to a Security Information Event Management (SIEM) platform, IDS, SOAR, Firewalls, Anti-Malware solutions, and insider threat tooling
• Assist with security incident response activities
• Prepare assigned reports for the SOC manager
• Provide high quality written and verbal reports as required
• Actively monitor and respond to the SIEM alert queue and triage alerts
• Investigate alerts using standard operating procedures
• Monitor several screens, systems, and alerts simultaneously
• This role is open to Singaporeans only
• Must meet eligibility requirements for obtaining and maintaining a Singapore government security clearance
• This role may involve working on government projects which require security clearance; willingness to provide necessary personal details for clearance is required

• 8+ years of Incident Response, Security Operations Center, and/or Forensic Analyst experience
• Comfortable working in an ambiguous, fast-paced, unpredictable environment
• Experience in a highly collaborative, team-centric, event-driven operations team
• Experience with querying across large data sets to understand complex problems
• Strong attention to detail
• Experience in fields such as national security, military, intelligence, law enforcement, criminology, or related areas
• Experience with Windows, UNIX/Linux, and MacOS
• Experience performing open source research on a variety of topics
• Excellent verbal and written communication skills with the ability to convey technical information to non-technical staff

As a world leader in cloud solutions, Oracle uses tomorrow’s technology to tackle today’s challenges. We’ve partnered with industry-leaders in almost every sector—and continue to thrive after 40+ years of change by operating with integrity. We know that true innovation starts when everyone is empowered to contribute. We’re committed to growing an inclusive workforce that promotes opportunities for all. Oracle careers open the door to global opportunities where work-life balance flourishes. We offer competitive benefits based on parity and consistency and support our people with flexible medical, life insurance, and retirement options. We also encourage employees to give back to their communities through our volunteer programs.

Oracle is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability and protected veterans’ status, or any other characteristic protected by law. Oracle will consider for employment qualified applicants with arrest and conviction records pursuant to applicable law.

Job Summary

We’re looking for a Full stack developer-Cybersecurity Analyst to support our team in Job Singapore . This role offers the opportunity to work on meaningful projects, collaborate with talented colleagues, and contribute to the success of a growing company. If you’re someone who takes initiative, values continuous learning, and thrives in a collaborative setting, we’d love to hear from you.

• Possess a degree in Computer Science/Information Technology or related fields.
• At least 5 to 7 years working in a cybersecurity operations function or similar.
• Deep understanding of cybersecurity frameworks, attack techniques (MITRE ATT&CK), and threat detection methodologies .
• Working knowledge of Data Science, AI technologies such as NLP, Machine Learning and Generative AI .
• Experienced with programming languages, preferably Python, C++/C# or R with experience in AI-related libraries (e.g., TensorFlow, PyTorch, Scikit-learn ).
• Strong analytical and practitioner skills, combined with excellent written and verbal communication skills.
• Ability to break down complex problems and articulate them clearly to a non-technical audience.
• Relevant certifications in SANS, OffSec or other relevant credentials is a plus.
• Ability to work independently and as part of a team in a fast-paced, dynamic environment.

RiDiK is a global technology solutions provider and a subsidiary of CLPS Incorporation (NASDAQ: CLPS), delivering cutting-edge end-to-end services across banking, wealth management, and e-commerce. With deep expertise in AI, cloud, big data, and blockchain, we support clients across Asia, North America, and the Middle East in driving digital transformation and achieving sustainable growth. Operating from regional hubs in 10 countries and backed by a global delivery network, we combine local insight with technical excellence to deliver real, measurable impact. Join RiDiK and be part of an innovative, fast-growing team shaping the future of technology across industries.

• Associate

• Contract

• Other

• IT Services and IT Consulting