37 Security Incidents jobs in Singapore

Job Description

We are looking for a motivated Security Analyst to join our team. The candidate will be responsible for ensuring the security, stability, and compliance of our IT infrastructure, cloud platforms, and applications. You will work closely with our operations and development teams to identify security risks, implement preventive measures, and respond to incidents.

Key Responsibilities:

• Monitor infrastructure, applications, and networks using security tools (e.g., Prometheus, ELK, Cloudflare, AWS GuardDuty).

• Perform vulnerability assessments, patch management, and system hardening.

• Implement and manage cloud security controls across AWS, Alibaba Cloud, and on-premise environments.

• Coordinate and support incident response activities, including investigation, mitigation, and reporting.

• Develop and maintain security baselines, policies, and best practices.

• Conduct log analysis, intrusion detection, and threat monitoring.

• Work with DevOps teams to integrate security into CI/CD pipelines (DevSecOps).

• Prepare documentation, reports, and recommendations for management and regulatory compliance.

⸻

Requirements:

• Degree/Diploma in Information Security, Computer Science, or related field.

• At least 3–5 years of experience in IT security, systems administration, or cloud infrastructure.

• Hands-on experience with security tools such as Prometheus, ELK/ELK Stack, SIEM platforms, IDS/IPS, and firewalls.

• Knowledge of cloud environments (AWS, Alibaba Cloud, Azure, or GCP) and container platforms (Docker, Kubernetes).

• Familiarity with security frameworks and standards (ISO27001, NIST, OWASP, Zero Trust).

• Strong troubleshooting and analytical skills.

• Relevant certifications (CISSP, CISM, CEH, CompTIA Security+, AWS Security Specialty) will be an advantage.

• Good communication skills and ability to work with cross-functional teams.

We are looking for a Security Analyst to join a dedicated team protecting critical digital assets around the clock.

In this role, you will:

• Monitor, detect, and respond to cybersecurity events and incidents
• Investigate potential threats, troubleshoot network or system issues, and ensure timely incident resolution
• Publish advisories, alerts, and threat intelligence to stakeholders
• Participate in cyber exercises and simulate incident scenarios to strengthen defenses

This is a rotating shift role including weekends and public holidays, with competitive pay, shift allowances, and overtime opportunities .

Role Overview

Our client, a leading global commodities brokerage and financial services firm, is seeking an IAM Operations Analyst to support and manage identity lifecycle processes, authentication, authorization, and access control across a full stack of business applications. The role will work closely with IT, security, and infrastructure teams to ensure secure and compliant access management.

Key Responsibilities

• Design and implement IAM frameworks aligned with security best practices and business needs

• Manage user provisioning, deprovisioning, and role-based access control across multiple systems

• Ensure compliance with regulations (e.g., GDPR, SOX) and internal security policies

• Maintain documentation of user access policies and audit logs for reporting purposes

• Conduct role-based access control (RBAC) reviews to minimize excessive or inappropriate permissions

• Collaborate with IT, security, and business stakeholders to align IAM initiatives with organizational goals

• Lead investigations into access-related incidents and recommend remediation measures

• Promote security awareness and train staff on access policies and procedures

• Oversee IAM team activities, including performance appraisals and ensuring SLAs are met

• Monitor and manage Jira queues to ensure timely resolution of requests

Requirements

• Strong knowledge of IAM tools (e.g., Okta, SailPoint, CyberArk, Azure AD) and technologies such as SSO, MFA, and RBAC

• Solid understanding of security principles such as least privilege, identity governance, and privileged access management

• Familiarity with compliance frameworks and regulations such as GDPR, SOX, HIPAA, ISO 27001

• Strong problem-solving, analytical, and communication skills with the ability to work across technical and non-technical teams

• Experience conducting audits, producing reports, and ensuring IAM systems comply with legal and regulatory standards

• Ability to respond effectively to access-related incidents and manage IAM operations in high-pressure situations

• Experience working in regulated industries such as financial services

• Proven ability to engage stakeholders and present IAM risks and performance to senior leadership

Yang Lily, Recruit Avenue Pte. Ltd.

EA License Number: 23C1935 | EA Personnel Number: R

commodities

Job Descriptiom:

• Maintain and administer security toolsets (such as IAM, DAM, Key Management) ensuring the tools are functioning according to the security management plan.
• Respond and perform triaging of security alerts generated from the security toolsets in a timely manner according to SLA.
• Perform security scanning and testing by using the Vulnerability Assessment tools.
• Reporting and tracking on vulnerabilities and risks and ensure timely patching are completed to comply with stipulated resolution time.
• Assess the applicability of newly published security vulnerabilities to components used within the environment, track and report the status until closure.
• Co-develop process documents and participate in initiatives to finetune and streamline security operations.

Requirements:

• 1-3 years hands-on experience of using common security tools like IAM (eg.IBM ISAM), DAM (eg. IBM Guardium) and Vulnerability Assessment tool (eg. Tenable Nessus)
• Security certifications and AWS Cloud certified is preferable but not a must.
• Proficient in security control principles including SOD.
• Good attitude and passionate with discovery of security gaps and actively participate in problem-solving process.
• 3 primary skill sets - conducting Vulnerability Assessments (including doing scanning and reporting), managing security toolsets (eg. DAM, Key Management and Nessus), supporting security operations.
• Vulnerability scanning is required to be performed outside of normal office hours, the analyst is expected to comply and support.

Job Description

We are looking for a Cybersecurity Analyst to join our team in safeguarding organizational systems and data against security threats. The role involves monitoring, administering, and improving security operations, while ensuring compliance with policies and standards.

Key Responsibilities

• Maintain and administer security toolsets (IAM, DAM, Key Management), ensuring proper functionality as per the security management plan.
• Monitor, respond, and triage security alerts generated by toolsets within defined SLAs .
• Perform vulnerability scanning and testing using Vulnerability Assessment tools.
• Report, track, and follow up on vulnerabilities and risks, ensuring timely patching in compliance with stipulated resolution times.
• Assess applicability of newly published security vulnerabilities to in-scope components, track remediation, and report status until closure.
• Co-develop process documents and contribute to continuous improvements in security operations.
• Perform vulnerability scans as required.

Required Skills & Experience

• 1–3 years of hands-on experience with security tools, such as:IAM (e.g., IBM ISAM)

DAM (e.g., IBM Guardium)

Vulnerability Assessment (e.g., Tenable Nessus)
- Familiarity with security control principles (including Segregation of Duties – SOD).
- Strong problem-solving mindset with a proactive attitude toward identifying and addressing security gaps.
- Security certifications and/or AWS Cloud certification are preferred but not mandatory.
- Key skillsets include:Conducting vulnerability assessments (scanning and reporting)

Managing security toolsets (DAM, Key Management, Nessus)

Supporting day-to-day security operations

Job Description:

As an IT Security Analyst, you will play a critical role in safeguarding our organization's digital assets and infrastructure. You will be responsible for monitoring and analyzing security events, identifying potential threats, and responding to security incidents. Your expertise will be essential in conducting vulnerability assessments, implementing security controls, and ensuring compliance with industry standards and regulations. You will collaborate with cross-functional teams to develop and maintain security policies, procedures, and awareness programs, while staying abreast of the latest security trends and technologies. Your proactive approach to threat detection and incident response will be vital in maintaining the confidentiality, integrity, and availability of our systems and data.

Core Responsibilities & Duties:

• Security Monitoring and Analysis:

Monitor security logs, network traffic, and system events for suspicious activity.

Analyze security alerts and events to identify potential threats and vulnerabilities.

Utilize security information and event management (SIEM) tools to detect and correlate security incidents.
- Incident Response:

Participate in incident response activities, including containment, eradication, and recovery.

Conduct forensic analysis to investigate security breaches and determine the root cause.

Document security incidents and response actions.
- Vulnerability Management:

Conduct vulnerability assessments and penetration testing to identify security weaknesses.

Prioritize and track vulnerabilities and recommend remediation actions.

Manage and maintain vulnerability scanning tools.
- Security Control Implementation:

Implement and maintain security controls, such as firewalls, intrusion detection/prevention systems (IDS/IPS), and antivirus software.

Configure and manage security systems and applications.

Ensure security controls are properly implemented and maintained.
- Compliance and Auditing:

Assist in security audits and compliance assessments (e.g., GDPR, HIPAA, PCI DSS).

Develop and maintain security policies, procedures, and standards.

Ensure compliance with relevant security regulations and industry best practices.
- Security Awareness and Training:

Develop and deliver security awareness training programs for2 employees.

Educate users on security best practices and potential threats.

Promote a security-conscious culture within the organization.
- Threat Intelligence:

Stay up to date on the latest security threats and vulnerabilities.

Research and analyze threat intelligence to identify potential risks.

Provide threat intelligence reports and recommendations.
- Collaboration and Communication:

Collaborate with cross-functional teams to address security concerns.

Communicate security risks and recommendations to stakeholders.

Provide clear and concise security reports and documentation.
- Documentation and Reporting:

Maintain accurate and up-to-date security documentation.

Generate regular security reports and metrics.

document security procedures.

Qualifications:

• A degree in the field of Computer Science or related field, or equivalent experience is required
• 5 + years of experience in IT information security
• Strong technical and consulting skills, project management capability
• Experience with security and risk frameworks, standards, and best practices
• Able to present effectively to executive level in both business and IT terms

Skills:

• The ideal candidate will possess a "can do" attitude with a "will do" work ethic
• Quick thinker, experienced in unconventional problem solving
• Excellent understanding of business complexity and project interdependencies
• Excellent communication, written, verbal, analytical and problem-solving skills
• Suitable time management skills and ability to meet deadlines
• Strong understanding of the organization's goals and objectives
• Exceptional interpersonal skills, with a focus on listening and questioning skills
• Strong documentation skills
• Ability to conduct research into a wide range of computing issues as required
• Ability to absorb and retain information quickly
• Ability to present ideas in user-friendly language to non-technical staff and end users
• A keen attention to detail
• Ability to effectively prioritize and execute tasks in a high-pressure environment
• Exceptional customer service orientation
• Experience working in a team-oriented, collaborative environment

Implementing removable media controls, particularly for third-party suppliers.

Responsibilities

• Support the DT Leader in delivering IT/OT security high-priority projects

• Coordinate with facility & maintenance, EHS, quality, and operations teams on Secure Shop Connection projects

• Conduct OT/IT asset discovery, record management, and ongoing maintenance

• Liaise with third-party suppliers for asset inventory data

• Build and maintain documentation to demonstrate compliance with IT/OT controls

• Identify, document, and manage IDF/MDF infrastructure at sites

• Oversee hardware procurement processes

• Support shop floor asset connectivity to the network

• Perform malware scanning as per SOP/policies and work with GE Cybersecurity to remediate infections on OT devices

• Install and manage Nozomi network taps

• Configure and deploy IT/OT network infrastructure (e.g., switch installations) in alignment with GE-approved design standards

• Develop recovery and backup solutions with suppliers of critical OT

• Schedule and execute annual OT/IT device scanning

Skills/Requirement

• Bachelor's or Master's degree in a relevant field like Cybersecurity, Engineering, or Computer Science.

• Strong understanding of IT security concepts (firewalls, intrusion detection, authentication) and OT systems (PLCs, SCADA, industrial protocols).

• Converging IT/OT environments, where innovations like IoT bring new vulnerabilities to industrial sectors.

• Experience with vulnerability scanning tools (e.g., Nessus) and other assessment platforms

• Develops defenses against sophisticated cyberattacks that target both traditional IT and industrial control systems.

We regret to inform you that only shortlisted candidates will be contacted.

By sending us your personal data and curriculum vitae (CV), you are deemed to consent to EVO Outsourcing Solutions Pte Ltd and its affiliates to collect, use and disclose your personal data for the purposes set out in the Privacy Policy available at evo- You acknowledge that you have read, understood, and agree with the Privacy Policy.

• Monitor, detect, and respond to security threats and incidents across networks, systems, and applications.
• Conduct vulnerability assessments , penetration tests, and risk analysis to identify security gaps.
• Develop, implement, and maintain security policies, procedures, and standards .
• Manage and configure security tools such as SIEM, IDS/IPS, firewalls, endpoint protection, and DLP solutions.
• Investigate security incidents by analyzing CloudTrail logs, VPC flow logs, and third-party SIEM data, reducing mean time to detect (MTTD) and respond (MTTR).
• Investigate security breaches and provide detailed incident reports with remediation recommendations.
• Collaborate with IT and business teams to integrate security into IT projects and operational workflows.
• Perform threat intelligence research and proactively recommend security improvements.
• Mentor junior security analysts and provide training on security best practices .
• Ensure compliance with regulatory standards (ISO 27001, GDPR, NIST, etc.).
• Maintain awareness of emerging threats, vulnerabilities, and industry trends .
• Manage AWS and Azure infrastructure Cloud operations
• Designing, Implementing and Managing Microsoft Endpoint Manager (MECM/SCCM)
• Microsoft Intune administration (design, implementation, policy management)
• CISM and Cloud architect certification is a must.

Role Overview:

The Senior Security Analyst (APAC) will be responsible for enhancing the organization's cloud, data, and AI security posture across the Asia-Pacific region. This position will serve as a bridge between global security initiatives and regional operation, ensuring alignment, compliance, and effective execution of cybersecurity strategies across multiple markets with varying regulatory requirements.

This role is ideal for a seasoned cybersecurity professional with a strong background in cloud security, AI security, and data governance, coupled with hands-on experience in leading security technologies such as Cyera, HiddenLayer, Zscaler, Microsoft Purview, and Wiz.

Key Responsibilities:

Cloud Security Leadership

• Serve as the regional cloud security subject matter expert for APAC.
• Collaborate with global and regional teams to standardize cloud security posture between North America and Asia.
• Provide guidance and technical oversight on cloud security misconfigurations, vulnerability remediation, and secure architecture design for regional projects.
• Partner with internal IT and cloud engineering teams to implement best practices across AWS, Azure, Alibaba and GCP environments.

AI Security Enablement

• Support Asia-based teams in embedding security controls into internally developed AI and ML applications.
• Partner with AI engineering and product teams to ensure that model training, deployment, and monitoring adhere to secure-by-design principles.
  Work closely with the HiddenLayer platform to detect, assess, and mitigate risks in AI models and data pipelines.

Data Security & Governance

• Drive regional implementation of data governance and protection programs, ensuring alignment with global frameworks.
• Support Asia partners in data classification, data lifecycle management, and data access control initiatives.
• Collaborate with the Asia Legal team to identify and close data governance risks and compliance gaps.
  Act as the security liaison for major data protection and privacy projects within the region.

eDiscovery

• Ensure integration of eDiscovery tools with data governance and security controls across cloud and on-prem environments.
• Provide technical guidance on data preservation, collection, and analysis in support of legal investigations and discovery requests.
• Partner closely with the Legal and Compliance teams to align eDiscovery processes with regulatory and litigation requirements.
• Manage and support eDiscovery platforms and workflows, ensuring secure and compliant handling of electronically stored information (ESI).
• Risk Management & Compliance
• Provide input into security risk assessments, audits, and compliance reviews across APAC business units.
• Monitor, assess, and report on regional security posture, aligning with global KPIs and metrics.
• Support incident response, threat hunting, and security investigations as needed within the region.

Required Skills & Experience:

• Deep technical expertise in cloud security and hands-on experience with:

• Wiz

• Zscaler

• Microsoft Purview

• Cyera

• HiddenLayer

• Strong understanding of regional regulatory requirements (e.g., PDPA, GDPR-Asia variants, local cloud sovereignty laws).

• Experience in security frameworks such as NIST, ISO 27001, CSA CCM, and CIS Benchmarks.
• Familiarity with DevSecOps practices, CI/CD pipelines, and integrating security into agile development processes.
• Excellent communication and stakeholder management skills across diverse cultural and business environments.

Preferred Qualifications:

• Bachelor's or Master's degree in Information Security, Computer Science, or a related field.
• Professional certifications such as CISSP, CCSP, CISM, or GIAC.
• Prior experience working in a multinational organization with complex regional operations.
• Proven ability to operate independently while aligning to global strategy.

Why Join Us:

• This is a pivotal opportunity to shape the cybersecurity landscape for the APAC region in a globally integrated security organization. You'll have the autonomy to drive initiatives that directly impact business resilience, innovation, and data protection across multiple markets