94 Security Monitoring jobs in Singapore

Incident Response Analyst II page is loadedIncident Response Analyst II Apply locations Singapore, Singapore time type Full time posted on Posted 3 Days Ago job requisition id R0012372

Incident & Problem Management

Analysts are responsible for the full lifecycle of incident management, from detection through to resolution and root cause analysis (RCA). This includes acting as incident commanders, maintaining SLAs, documenting actions, and providing insights to support continuous improvement efforts across teams and systems.

• Investigate, report, and respond to alerts, incident response (war room, remote bridges).

• Respond to incidents and critical situations in a calm, problem-solving manner, and conduct in-depth investigation of alerts.

• Be the first line of defense using monitoring and automation tools to conduct investigation, classification, and triage, all within prescribed SLAs.

• Provide deep understanding and intelligence of incident criticality and impact to resolver groups.

• Ensure detailed records of alarm handling activities, including actions taken and resolutions in ticketing tools; file incident reports.

• Act as incident commander during major incidents.

• Understand internal/external communication methods and stakeholder responsibilities.

• Support program managers and facilitate project deliverables, improving operational and engineering initiatives.

• Conduct root cause analysis (RCA) to determine recurring problems.

• Use in-depth questioning and analysis to determine the underlying cause of incidents or problems (Who, What, Where, When, Why).

• Perform duties in compliance with SOPs, MOPs, Runbooks, and Playbooks.
  

Server, DCIM, Network and Traffic Alarms Operations

This function involves real-time monitoring of infrastructure alarms, determining the severity of alerts, escalating appropriately, and maintaining clear communications with resolver teams. It ensures uptime and system integrity across servers, network infrastructure, and environmental systems.

• Continuously monitor alarm dashboards and systems.

• Investigate and respond to alarms related to Network, Data Center Environment, Server Health, Facility Security, and Safety.

• Identify and acknowledge incidents associated with alarms.

• Assess incidents to determine their criticality and operational impact.

• Engage resolver groups and escalate to higher tiers or management following established paths.

• Maintain communication with teams, stakeholders, and incident responders.

• Follow documented procedures to resolve incidents promptly and effectively.

• Ensure accurate records of alarm handling and resolution activities in ticketing tools.

• Comply with SOPs, MOPs, Runbooks, and Playbooks.
  

Threat Intelligence, Critical Event Management

Analysts monitor global threat feeds and operational alerts to protect ByteDance personnel and assets. Responsibilities include triaging alerts related to weather, security, travel, and regional instability, then coordinating appropriate response actions, escalating to law enforcement if necessary, and compiling response reports.

• Monitor Everbridge Visual Command Center (VCC), InternationalSOS emails, and open-source tools for real-time incidents affecting ByteDance assets and travelers.

• Monitor tools or queries for specific stakeholder requests.

• Report on violence, severe weather, or threats to life, property, and assets.

• Coordinate emergency responses, including with law enforcement if required.

• Verify incident information accuracy through secondary sources.

• Generate heatmaps to highlight affected areas during significant events.

• Collaborate with security and operational teams for a coordinated response.

• Implement incident containment and mitigation strategies.

• Document incident details, response actions, and lessons learned.

• Follow SOPs, MOPs, Runbooks, and Playbooks.
  

Physical Security and Safety

The analyst monitors access control systems, CCTV, and safety-related alarms (e.g., fire, electrical, leaks). Responsibilities include reviewing footage, responding to security anomalies, and reporting incidents to security engineering teams while ensuring compliance with safety procedures

• Monitor Closed-Circuit Television (CCTV) and Access Control Systems (ACS).

• Track alarms for safety events including electrical issues, fire hazards, equipment failures, and water leaks.

• Review camera footage for quality and area coverage.

• Investigate and report access control incidents.

• Report findings to the Security and Safety Engineering teams.

• Follow SOPs, MOPs, Runbooks, and Playbooks.

• Familiarity with Lenel and Genetec systems.
  

Cloud Incident Response and Monitoring

As hybrid environments become more critical to business operations, IRC Analysts will be expected to monitor and support both on-premises infrastructure and cloud-based systems. Analysts will assist in identifying and responding to cloud-related incidents across platforms such as AWS, GCP, and Azure. Responsibilities include:

• Real-time monitoring of cloud infrastructure using tools such as AWS CloudWatch, Azure Monitor, and GCP Stackdriver.

• Incident triage and escalation of alerts related to cloud-based services and resources (e.g., compute, storage, networking).

• Coordination with Cloud Engineers and DevOps teams during cross-environment incidents to ensure rapid resolution and clear communications.

• Identification and classification of cloud service anomalies, including misconfigurations, degraded services, and unauthorized access attempts.

• Understanding of cloud-native architectures such as virtual private clouds (VPC), IAM, container orchestration (e.g., Kubernetes), and serverless functions.

• Documentation of root cause analysis (RCA) and corrective actions for cloud incidents, feeding back into playbooks and runbooks.

• Basic scripting and automation skills (Python, Bash, or PowerShell) for incident analysis and tooling.

• Awareness of cloud security protocols, including encryption, IAM policies, and compliance standards like ISO 27001 and SOC 2.

Qualifications

Required Qualifications / Soft Skills

• 2+ years of experience in a NOC, command center, or similar 24/7 operations environment

• Ability to quickly triage and prioritize multiple incidents based on risk

• Knowledge of systems including IP Networks, DC Environment, and Server Health

• Strong written and verbal communication skills

• Works well under pressure and within deadlines

• Excellent communication and collaboration abilities

• Strong analytical and problem-solving skills

• Ability to work independently and as part of a team

• Familiarity with data protection laws such as GDPR

• This is an on-site role at client facilities

• Must be willing to work variable shifts, including nights, weekends, and holidays
  

Preferred Qualifications

• Degree in Information Technology

• Networking knowledge (IP, DNS, load balancing)

• Experience with Grafana, ticketing systems, and DC infrastructure.

• Certifications such as CompTIA Server+ or Schneider Electric DCCA

• Experience with Lenel, Genetec, or Avigilon systems is a plus

• Proficiency with programming/scripting tools

#J-18808-Ljbffr

**Our Mission**
At Palo Alto Networks® everything starts and ends with our mission:
Being the cybersecurity partner of choice, protecting our digital way of life.
Our vision is a world where each day is safer and more secure than the one before. We are a company built on the foundation of challenging and disrupting the way things are done, and we're looking for innovators who are as committed to shaping the future of cybersecurity as we are.
**Who We Are**
We take our mission of protecting the digital way of life seriously. We are relentless in protecting our customers and we believe that the unique ideas of every member of our team contributes to our collective success. Our values were crowdsourced by employees and are brought to life through each of us everyday - from disruptive innovation and collaboration, to execution. From showing up for each other with integrity to creating an environment where we all feel included.
As a member of our team, you will be shaping the future of cybersecurity. We work fast, value ongoing learning, and we respect each employee as a unique individual. Knowing we all have different needs, our development and personal wellbeing programs are designed to give you choice in how you are supported. This includes our FLEXBenefits wellbeing spending account with over 1,000 eligible items selected by employees, our mental and financial health resources, and our personalized learning opportunities - just to name a few!
At Palo Alto Networks, we believe in the power of collaboration and value in-person interactions. This is why our employees generally work full time from our office with flexibility offered where needed. This setup fosters casual conversations, problem-solving, and trusted relationships. Our goal is to create an environment where we all win with precision.
**Your Career**
As a Principal Consultant in Unit 42 the individual will be responsible for managing incident response engagements with our largest clients and in our most complex engagements. They will become the go-to expert for clients during high-priority incident response, remediation, and recovery phases, providing both strategic guidance and technical oversight, while also focusing on product integration. The role requires in-depth cybersecurity expertise to enable serving as an incident commander throughout the incident response lifecycle.
While actively involved in incident response service delivery, this person also works with peers and the executive team to enhance Unit 42's incident response practice, including developing and improving the technical and operating methodologies employed during incident response engagements.
We are seeking an individual who is dedicated to delivering highly technical consulting services to an exceptional standard, thrives in a fast paced team environment, and advocates for innovative approaches to deliver the best outcomes for our cross-sector clients.
**Your Impact**
+ Lead the team delivering high-profile, high-stakes enterprise level incident response engagements
+ Provide hands-on, expert-level incident response services to clients and deliver findings to CxO and/or Board of Directors
+ Partner with the Unit 42 Directors, executive team and service line leaders to develop and execute strategy for the Unit 42 Digital Forensics & Incident Response (DFIR) practice, as well as continuously advance the maturity of our services
+ Drive innovation in Unit 42's reactive offerings, by leading the consulting team and collaborating with cross-functional teams to bring new capabilities and services to market that leverage Palo Alto Networks products
+ Ensure the consistency and quality of our services and highest level of customer service
+ Integrate threat intelligence into our services by deepening the feedback loop with Unit 42 Threat Intelligence team and telemetry
+ Recruit and onboard world class Incident Response talent to support our growth goals
+ Support the professional growth and development of our consultants through training and technical enablement
+ Foster and maintain a culture that attracts and retains smart, kind team members dedicated to executing with excellence
+ Identify and execute strategies for service development, enablement, and process that result in the pull through of Palo Alto Networks products
+ Cultivate and maintain relationships with key clientele to increase awareness of Unit 42's' capabilities and provide on-demand expertise for client needs
+ Amplify Unit 42s' presence and credibility in the marketplace through thought leadership, including via speaking engagements, articles, whitepapers, and media exposure
**Your Experience**
+ 6 years of hands-on professional experience in incident response, with 3 years experience in client-facing consulting roles.
+ Demonstrated prior experience and success in leading multi-site, large scale incident response engagements, including scoping work, managing incident response engagements end-to-end and providing guidance on tactical and longer term remediation recommendations
+ Experience in managing, leading and motivating consultants at all levels
+ Experience as a team leader including overseeing other senior, and mid-level analyst/consultant teams
+ Ability to travel as needed to meet business demands
+ Able to split your time across commercial support, client delivery, team coaching, and technical expertise and skills maintenance activities.
+ Strong presentation, communication, and presentation skills with verifiable industry experience communicating at CxO and/or Board of Directors level
+ Expert level of knowledge of applicable laws, compliance regulations, and industry standards as it relates to privacy, security, and compliance
+ Deep technical experience and operational understanding of major operating systems (Microsoft Windows, Linux, or Mac) and/or proficiency in host based forensics, network forensics and cloud incident response.
+ Endpoint Detection and Response (EDR), threat hunting, log analysis,and triage forensics
+ Collection and analysis of host and cloud based forensic data at scale.
+ Client services mindset and top-notch client management skills
+ Experienced-based understanding of clients' needs and desired outcomes in incident response investigations
+ Demonstrated writing ability, including technical reports, business communication, and thought leadership pieces
+ Operates with a hands-on approach to service delivery with a bias towards collaboration and teamwork
+ Track record of championing innovation and improvement initiatives for your area of expertise, identifying emerging trends and technologies and developing leading solutions to address client needs.
+ Be a valuable contributor to the practice and, specifically
+ develop an external presence via public speaking, conferences, and/or publications
+ have credibility, executive presence, and gravitas
+ be able to have a meaningful and rapid delivery contribution
+ have the potential and capacity to understand all aspects of the business and an excellent understanding of PANW products
+ be collaborative and able to build relationships internally, externally, and across all PANW functions, including the sales team
+ Bachelor's Degree in Information Security, Computer Science, Digital Forensics, Cyber Security, or equivalent years of professional experience or equivalent relevant experience to meet job requirements and expectations.
+ Professional industry certifications such as:
+ GIAC Certified Forensic Analyst (GCFA), GIAC Certified Forensic Examiner (GCFE), GIAC Incident Handler (GCIH)
**The Team**
Unit 42 Consulting is Palo Alto Network's security advisory team. Our vision is to create a more secure digital world by providing the highest quality incident response, risk management, and digital forensic services to clients of all sizes. Our team is composed of recognized experts and incident responders with deep technical expertise and experience in investigations, data breach response, digital forensics, and information security. With a highly successful track record of delivering mission-critical cybersecurity solutions, we are experienced in working quickly to provide an effective incident response, attack readiness, and remediation plans with a focus on providing long-term support to improve our clients' security posture.
**Our Commitment**
We're problem solvers that take risks and challenge cybersecurity's status quo. It's simple: we can't accomplish our mission without diverse teams innovating, together.
We are committed to providing reasonable accommodations for all qualified individuals with a disability. If you require assistance or accommodation due to a disability or special need, please contact us at .
Palo Alto Networks is an equal opportunity employer. We celebrate diversity in our workplace, and all qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or other legally protected characteristics.
All your information will be kept confidential according to EEO guidelines.

Description

Incident Response Analyst II page is loaded

Incident Response Analyst II

Apply locations Singapore, Singapore time type Full time posted on Posted 3 Days Ago job requisition id R0012372 Incident & Problem Management

Analysts are responsible for the full lifecycle of incident management, from detection through to resolution and root cause analysis (RCA). This includes acting as incident commanders, maintaining SLAs, documenting actions, and providing insights to support continuous improvement efforts across teams and systems.

• Investigate, report, and respond to alerts, incident response (war room, remote bridges).
• Respond to incidents and critical situations in a calm, problem-solving manner, and conduct in-depth investigation of alerts.
• Be the first line of defense using monitoring and automation tools to conduct investigation, classification, and triage, all within prescribed SLAs.
• Provide deep understanding and intelligence of incident criticality and impact to resolver groups.
• Ensure detailed records of alarm handling activities, including actions taken and resolutions in ticketing tools; file incident reports.
• Act as incident commander during major incidents.
• Understand internal/external communication methods and stakeholder responsibilities.
• Support program managers and facilitate project deliverables, improving operational and engineering initiatives.
• Conduct root cause analysis (RCA) to determine recurring problems.
• Use in-depth questioning and analysis to determine the underlying cause of incidents or problems (Who, What, Where, When, Why).
• Perform duties in compliance with SOPs, MOPs, Runbooks, and Playbooks.

Server, DCIM, Network and Traffic Alarms Operations

This function involves real-time monitoring of infrastructure alarms, determining the severity of alerts, escalating appropriately, and maintaining clear communications with resolver teams. It ensures uptime and system integrity across servers, network infrastructure, and environmental systems.

• Continuously monitor alarm dashboards and systems.
• Investigate and respond to alarms related to Network, Data Center Environment, Server Health, Facility Security, and Safety.
• Identify and acknowledge incidents associated with alarms.
• Assess incidents to determine their criticality and operational impact.
• Engage resolver groups and escalate to higher tiers or management following established paths.
• Maintain communication with teams, stakeholders, and incident responders.
• Follow documented procedures to resolve incidents promptly and effectively.
• Ensure accurate records of alarm handling and resolution activities in ticketing tools.
• Comply with SOPs, MOPs, Runbooks, and Playbooks.

Threat Intelligence, Critical Event Management

Analysts monitor global threat feeds and operational alerts to protect ByteDance personnel and assets. Responsibilities include triaging alerts related to weather, security, travel, and regional instability, then coordinating appropriate response actions, escalating to law enforcement if necessary, and compiling response reports.

• Monitor Everbridge Visual Command Center (VCC), InternationalSOS emails, and open-source tools for real-time incidents affecting ByteDance assets and travelers.
• Monitor tools or queries for specific stakeholder requests.
• Report on violence, severe weather, or threats to life, property, and assets.
• Coordinate emergency responses, including with law enforcement if required.
• Verify incident information accuracy through secondary sources.
• Generate heatmaps to highlight affected areas during significant events.
• Collaborate with security and operational teams for a coordinated response.
• Implement incident containment and mitigation strategies.
• Document incident details, response actions, and lessons learned.
• Follow SOPs, MOPs, Runbooks, and Playbooks.

Physical Security and Safety

The analyst monitors access control systems, CCTV, and safety-related alarms (e.g., fire, electrical, leaks). Responsibilities include reviewing footage, responding to security anomalies, and reporting incidents to security engineering teams while ensuring compliance with safety procedures

• Monitor Closed-Circuit Television (CCTV) and Access Control Systems (ACS).
• Track alarms for safety events including electrical issues, fire hazards, equipment failures, and water leaks.
• Review camera footage for quality and area coverage.
• Investigate and report access control incidents.
• Report findings to the Security and Safety Engineering teams.
• Follow SOPs, MOPs, Runbooks, and Playbooks.
• Familiarity with Lenel and Genetec systems.

Cloud Incident Response and Monitoring

As hybrid environments become more critical to business operations, IRC Analysts will be expected to monitor and support both on-premises infrastructure and cloud-based systems. Analysts will assist in identifying and responding to cloud-related incidents across platforms such as AWS, GCP, and Azure. Responsibilities include:

• Real-time monitoring of cloud infrastructure using tools such as AWS CloudWatch, Azure Monitor, and GCP Stackdriver.
• Incident triage and escalation of alerts related to cloud-based services and resources (e.g., compute, storage, networking).
• Coordination with Cloud Engineers and DevOps teams during cross-environment incidents to ensure rapid resolution and clear communications.
• Identification and classification of cloud service anomalies, including misconfigurations, degraded services, and unauthorized access attempts.
• Understanding of cloud-native architectures such as virtual private clouds (VPC), IAM, container orchestration (e.g., Kubernetes), and serverless functions.
• Documentation of root cause analysis (RCA) and corrective actions for cloud incidents, feeding back into playbooks and runbooks.
• Basic scripting and automation skills (Python, Bash, or PowerShell) for incident analysis and tooling.
• Awareness of cloud security protocols, including encryption, IAM policies, and compliance standards like ISO 27001 and SOC 2.

Qualifications

Required Qualifications / Soft Skills

• 2+ years of experience in a NOC, command center, or similar 24/7 operations environment
• Ability to quickly triage and prioritize multiple incidents based on risk
• Knowledge of systems including IP Networks, DC Environment, and Server Health
• Strong written and verbal communication skills
• Works well under pressure and within deadlines
• Excellent communication and collaboration abilities
• Strong analytical and problem-solving skills
• Ability to work independently and as part of a team
• Familiarity with data protection laws such as GDPR
• This is an on-site role at client facilities
• Must be willing to work variable shifts, including nights, weekends, and holidays

Preferred Qualifications

• Degree in Information Technology
• Networking knowledge (IP, DNS, load balancing)
• Experience with Grafana, ticketing systems, and DC infrastructure.
• Certifications such as CompTIA Server+ or Schneider Electric DCCA
• Experience with Lenel, Genetec, or Avigilon systems is a plus
• Proficiency with programming/scripting tools

#J-18808-Ljbffr

Industry

Other

Category

IT & Technology

Sub Category

Database, Analytics & BI

Description

Incident Response Analyst II page is loaded Incident Response Analyst II

Apply locations Singapore, Singapore time type Full time posted on Posted 3 Days Ago job requisition id R0012372

Incident & Problem Management Analysts are responsible for the full lifecycle of incident management, from detection through to resolution and root cause analysis (RCA). This includes acting as incident commanders, maintaining SLAs, documenting actions, and providing insights to support continuous improvement efforts across teams and systems. Investigate, report, and respond to alerts, incident response (war room, remote bridges). Respond to incidents and critical situations in a calm, problem-solving manner, and conduct in-depth investigation of alerts. Be the first line of defense using monitoring and automation tools to conduct investigation, classification, and triage, all within prescribed SLAs. Provide deep understanding and intelligence of incident criticality and impact to resolver groups. Ensure detailed records of alarm handling activities, including actions taken and resolutions in ticketing tools; file incident reports. Act as incident commander during major incidents. Understand internal/external communication methods and stakeholder responsibilities. Support program managers and facilitate project deliverables, improving operational and engineering initiatives. Conduct root cause analysis (RCA) to determine recurring problems. Use in-depth questioning and analysis to determine the underlying cause of incidents or problems (Who, What, Where, When, Why). Perform duties in compliance with SOPs, MOPs, Runbooks, and Playbooks. Server, DCIM, Network and Traffic Alarms Operations This function involves real-time monitoring of infrastructure alarms, determining the severity of alerts, escalating appropriately, and maintaining clear communications with resolver teams. It ensures uptime and system integrity across servers, network infrastructure, and environmental systems. Continuously monitor alarm dashboards and systems. Investigate and respond to alarms related to Network, Data Center Environment, Server Health, Facility Security, and Safety. Identify and acknowledge incidents associated with alarms. Assess incidents to determine their criticality and operational impact. Engage resolver groups and escalate to higher tiers or management following established paths. Maintain communication with teams, stakeholders, and incident responders. Follow documented procedures to resolve incidents promptly and effectively. Ensure accurate records of alarm handling and resolution activities in ticketing tools. Comply with SOPs, MOPs, Runbooks, and Playbooks. Threat Intelligence, Critical Event Management Analysts monitor global threat feeds and operational alerts to protect ByteDance personnel and assets. Responsibilities include triaging alerts related to weather, security, travel, and regional instability, then coordinating appropriate response actions, escalating to law enforcement if necessary, and compiling response reports. Monitor Everbridge Visual Command Center (VCC), InternationalSOS emails, and open-source tools for real-time incidents affecting ByteDance assets and travelers. Monitor tools or queries for specific stakeholder requests. Report on violence, severe weather, or threats to life, property, and assets. Coordinate emergency responses, including with law enforcement if required. Verify incident information accuracy through secondary sources. Generate heatmaps to highlight affected areas during significant events. Collaborate with security and operational teams for a coordinated response. Implement incident containment and mitigation strategies. Document incident details, response actions, and lessons learned. Follow SOPs, MOPs, Runbooks, and Playbooks. Physical Security and Safety The analyst monitors access control systems, CCTV, and safety-related alarms (e.g., fire, electrical, leaks). Responsibilities include reviewing footage, responding to security anomalies, and reporting incidents to security engineering teams while ensuring compliance with safety procedures Monitor Closed-Circuit Television (CCTV) and Access Control Systems (ACS). Track alarms for safety events including electrical issues, fire hazards, equipment failures, and water leaks. Review camera footage for quality and area coverage. Investigate and report access control incidents. Report findings to the Security and Safety Engineering teams. Follow SOPs, MOPs, Runbooks, and Playbooks. Familiarity with Lenel and Genetec systems. Cloud Incident Response and Monitoring As hybrid environments become more critical to business operations, IRC Analysts will be expected to monitor and support both on-premises infrastructure and cloud-based systems. Analysts will assist in identifying and responding to cloud-related incidents across platforms such as AWS, GCP, and Azure. Responsibilities include: Real-time monitoring of cloud infrastructure using tools such as AWS CloudWatch, Azure Monitor, and GCP Stackdriver. Incident triage and escalation of alerts related to cloud-based services and resources (e.g., compute, storage, networking). Coordination with Cloud Engineers and DevOps teams during cross-environment incidents to ensure rapid resolution and clear communications. Identification and classification of cloud service anomalies, including misconfigurations, degraded services, and unauthorized access attempts. Understanding of cloud-native architectures such as virtual private clouds (VPC), IAM, container orchestration (e.g., Kubernetes), and serverless functions. Documentation of root cause analysis (RCA) and corrective actions for cloud incidents, feeding back into playbooks and runbooks. Basic scripting and automation skills (Python, Bash, or PowerShell) for incident analysis and tooling. Awareness of cloud security protocols, including encryption, IAM policies, and compliance standards like ISO 27001 and SOC 2. Qualifications

Required Qualifications / Soft Skills 2+ years of experience in a NOC, command center, or similar 24/7 operations environment Ability to quickly triage and prioritize multiple incidents based on risk Knowledge of systems including IP Networks, DC Environment, and Server Health Strong written and verbal communication skills Works well under pressure and within deadlines Excellent communication and collaboration abilities Strong analytical and problem-solving skills Ability to work independently and as part of a team Familiarity with data protection laws such as GDPR This is an on-site role at client facilities Must be willing to work variable shifts, including nights, weekends, and holidays Preferred Qualifications Degree in Information Technology Networking knowledge (IP, DNS, load balancing) Experience with Grafana, ticketing systems, and DC infrastructure. Certifications such as CompTIA Server+ or Schneider Electric DCCA Experience with Lenel, Genetec, or Avigilon systems is a plus Proficiency with programming/scripting tools #J-18808-Ljbffr Industry

Other Category

IT & Technology Sub Category

Database, Analytics & BI

Job Description

Job Title

Lead, Cybersecurity Incident Response

Job Description & Requirements

Key Responsibilities

Lead the response to cybersecurity incidents, including malware infections, data breaches, and insider threats.

Minimum of 5 years of experience in lead Cybersecurity incident response

• Strong expertise in incident response, threat hunting, and forensic analysis.
• Experience with SIEM tools (e.g., Elastic, Splunk).
• Proficiency in network security, malware analysis, and log analysis.
• Familiarity with cloud security (AWS, Azure, GCP) and container security.
• Experience with cloud security tools and AI-powered security analytics (AWS Guard Duty, Azure Sentinel, Google Chronicle).
• Familiarity with AI/ML-driven anomaly detection and behavioral analysis techniques.
• Knowledge of security solutions (EDR, XDR, NDR, WAF, Proxy, Firewall, Email Security).
• Scripting and automation skills (Python, PowerShell, Bash).
• Deep understanding of the MITRE ATT&CK framework, cyber kill chain, and machine learning models for cybersecurity applications.
• Excellent communication and report-writing skills and the ability to work under pressure scenarios.

Work should be challenging.

Your work should challenge the status quo.

You should be defining the future, not being dependent on it.

You don't like it safe and prefer to swim in the deep end while figuring things out.

You want to be avant-garde.

If this resonates with you, then you'll fit right in here at Propine.

Propine is re-inventing capital markets using blockchain technology. We've worked with the Monetary Authority of Singapore (MAS) to become the first licensed custodian for digital assets in the world.

We are re-imagining the issuance and lifecycle management of capital market products like equities, debt, structured products, and funds using blockchain technology to reduce friction and increase value for issuers and investors.

This role requires a 'do-whatever-it-takes' mindset and the ability to operate just outside your comfort zone. If this excites and slightly unnerves you, you might be the right fit.

Seniority: Associate

Position Title: Threat and Incident Response Analyst

Job Description:

We seek a highly motivated and skilled Threat and Incident Response Analyst to join our information security team. The ideal candidate will be passionate about security and eager to work with the latest tools to investigate and respond to attacks.

Responsibilities:

1. Identify and analyze cybersecurity threats impacting the organization.
2. Proactively discover new attacks using advanced security monitoring tools.
3. Investigate and respond to security incidents following a defined process.
4. Create playbooks and response processes.
5. Collaborate with engineering to automate incident responses.
6. Update detection and response capabilities based on emerging threats.
7. Perform threat modeling across organizational technologies and applications.
8. Identify relevant data sources and onboard them to the SIEM platform.
9. Operate and administer the SIEM platform.
10. Utilize security tools like SIEM, EDR, WAF, IDS, and Netflow.
11. Manage threat intelligence feeds for security event correlation.
12. Participate in 24x7 on-call support for security operations.

Qualifications:

• 5-7 years in security/threat analysis, detection, and prevention technologies.
• Strong analytical skills and a proactive learning attitude.
• Deep knowledge of Unix/Linux, Windows, AD, Databases, Cloud, and DevOps.
• Experience with endpoint and network security tools such as IDS, IPS, EDR, ATP, Malware defenses.
• Experience with SIEM and log management.
• Understanding of Cyber Threat TTPs, Threat Hunting, and the Mitre Attack framework.
• Scripting skills.
• Familiarity with threat modeling methods like STRIDE and PASTA.
• Effective communication with technical and non-technical teams across geographies.

#J-18808-Ljbffr

Incident Response Security Consultant, Mandiant, Google Cloud

Apply

info_outline

info_outline X Info Google will be prioritizing applicants who have a current right to work in Singapore, and do not require Google's sponsorship of a visa. Google will be prioritizing applicants who have a current right to work in Singapore, and do not require Google's sponsorship of a visa.

• Bachelor's degree in Computer Science, Information Systems, Cybersecurity, a related technical field, or equivalent practical experience.
• 1 year of experience in incident response investigations, analysis, or containment actions, and any three of the following: network or log forensic analysis, malware triage analysis, disk, or memory forensics.
• Experience in cybersecurity in one of the following areas: network security, wireless security, web application assessments, social engineering, scripting, cloud security, reverse engineering, or incident response.

Preferred qualifications:

Experience with malware triage analysis and disk or memory forensics in one or more operating systems.

• Experience with enterprise security architecture and security controls.
• Experience with cloud incidents or forensic responses.
• Excellent time and project management skills.
  

About the job As an Incident Response Consultant, you will provide industry-leading incident response, assessment, transformation, managed detection and response, and training services with in-depth tactical support. You will help organizations effectively detect and respond to threats and reduce the overall impact of business risk before, during, and after an incident. You will resolve security incidents quickly, effectively and at scale with complete incident response including investigation, containment, remediation, and crisis management. In this role, you will work on engagements including assisting clients in navigating technically complex and high-profile incidents, performing forensic analysis, threat hunting, and malware triage.Part of Google Cloud, Mandiant is a recognized leader in dynamic cyber defense, threat intelligence and incident response services. Mandiant's cybersecurity expertise has earned the trust of security professionals and company executives around the world. Our unique combination of renowned frontline experience responding to some of the most complex breaches, nation-state grade threat intelligence, machine intelligence, and the industry's best security validation ensures that Mandiant knows more about today's advanced threats than anyone.

About the job As an Incident Response Consultant, you will provide industry-leading incident response, assessment, transformation, managed detection and response, and training services with in-depth tactical support. You will help organizations effectively detect and respond to threats and reduce the overall impact of business risk before, during, and after an incident. You will resolve security incidents quickly, effectively and at scale with complete incident response including investigation, containment, remediation, and crisis management. In this role, you will work on engagements including assisting clients in navigating technically complex and high-profile incidents, performing forensic analysis, threat hunting, and malware triage.Part of Google Cloud, Mandiant is a recognized leader in dynamic cyber defense, threat intelligence and incident response services. Mandiant's cybersecurity expertise has earned the trust of security professionals and company executives around the world. Our unique combination of renowned frontline experience responding to some of the most complex breaches, nation-state grade threat intelligence, machine intelligence, and the industry's best security validation ensures that Mandiant knows more about today's advanced threats than anyone.

Responsibilities

• Collaborate with internal and customer teams to investigate and contain incidents.
  
• Recognize and codify attacker Tools, Tactics, and Procedures (TTP) and Indicators of Compromise (IOC) that can be applied to current and future investigations.
  
• Conduct host forensics, network forensics, log analysis, and malware triage in support of incident response investigations.
  
• Support specific workstreams for a variety of client-facing investigations including the examination of cloud, endpoint, and network-based sources of evidence.
• Develop comprehensive and accurate reports and presentations for technical and non-technical audiences.

Google is proud to be an equal opportunity and affirmative action employer. We are committed to building a workforce that is representative of the users we serve, creating a culture of belonging, and providing an equal employment opportunity regardless of race, creed, color, religion, gender, sexual orientation, gender identity/expression, national origin, disability, age, genetic information, veteran status, marital status, pregnancy or related condition (including breastfeeding), expecting or parents-to-be, criminal histories consistent with legal requirements, or any other basis protected by law. See also Google's EEO Policy , Know your rights: workplace discrimination is illegal , Belonging at Google , and How we hire .

Google is a global company and, in order to facilitate efficient collaboration and communication globally, English proficiency is a requirement for all roles unless stated otherwise in the job posting.

To all recruitment agencies: Google does not accept agency resumes. Please do not forward resumes to our jobs alias, Google employees, or any other organization location. Google is not responsible for any fees related to unsolicited resumes.

#J-18808-Ljbffr

Incident Response & Insurance Business Development Senior Manager

Join to apply for the Incident Response & Insurance Business Development Senior Manager role at SentinelOne

About Us

At SentinelOne, we’re redefining cybersecurity by pushing the limits of what’s possible—leveraging AI-powered, data-driven innovation to stay ahead of tomorrow’s threats.

We focus on building industry-leading products and cultivating an exceptional company culture, guided by our core values. We seek passionate individuals who thrive in collaborative environments and are eager to make an impact. If you’re excited about solving complex challenges in bold, innovative ways, we’d love to connect with you.

What are we looking for?

SentinelOne is searching for a IR & Insurance Business Development Senior Manager to help us expand strategically with Incident Response (“IR”) and Insurance companies (Ins) in APJ.

As part of the SentinelOne Global IR & Insurance team, the IR & Ins BD Senior Manager will manage relationships with APJ IR & Ins partners and oversee the leads pipeline from these partners. Responsibilities include partner onboarding, enablement, engagement support, leads pipeline management, and thought leadership activities to drive security breach engagements and pipeline growth for Sales, Channel, and Managed Services.

The ideal candidate should have a strong background in Account Management/Business Development, with experience in Legal and Cyber Insurance markets related to Incident Response. They should understand our competitors’ strengths and weaknesses in Incident Response and be able to articulate why SentinelOne’s platform is the preferred IR solution. The role offers opportunities to participate in industry events and contribute content to promote thought leadership.

What will you do?

• Lead IR & Ins partner acquisition, onboarding, sales processes, POC, and agreement completion
• Build and manage the IR partner breach leads pipeline to meet regional targets
• Drive engagement with IR partners through deal registration and closure
• Ensure IR partners complete training and certification, and understand SentinelOne features
• Collaborate cross-functionally with Sales, Managed Services, Channel, Solutions Engineering, and other teams

What skills and knowledge should you bring?

• Bachelor’s degree (JD, MSc preferred) with at least 12 years’ experience in Business Development or Sales, ideally in Incident Response or security consulting
• Excellent analytical and communication skills for diverse audiences, including executives and technical teams
• Eagerness to learn new technologies and share knowledge
• Comfort with making mistakes in a dynamic environment
• Domain expertise in incident response, threat detection, security analytics, network security, or cyber insurance

SentinelOne is committed to Equal Employment Opportunity and Affirmative Action. We do not discriminate based on race, religion, gender, sexual orientation, age, veteran status, disability, or other protected characteristics. We participate in the E-Verify Program for U.S. roles.

#J-18808-Ljbffr

Job Purpose

ICE is seeking an experienced Senior DFIR (Digital Forensics and Incident Response) Engineer to join our cybersecurity team. As a Senior Engineer, you will play a critical role in detecting, investigating, and responding to security incidents, while proactively hunting for threats and implementing countermeasures. This position demands technical expertise, analytical thinking, and strong communication skills in a fast-paced, high-stakes environment.

Responsibilities

• Incident Management & Response: Lead the detection, investigation, containment, and remediation of security incidents.
• Digital Forensics: Conduct in-depth forensic analysis of memory, disk, endpoint and network artifacts to reconstruct incident timelines and identify root causes.
• Cloud & Hybrid Forensics: Investigate incidents in cloud-native and hybrid environments (e.g., AWS, Azure, containers), ensuring proper evidence handling and response.
• Security Analytics & Threat Hunting: Analyze large datasets to detect anomalies, uncover hidden threats, and proactively hunt for indicators of compromise (IOCs).
• Malware Analysis & Reverse Engineering: Perform static and dynamic analysis of malware to understand behavior, impact, and attribution.
• Threat Mitigation: Design and implement preventative and corrective security controls to address emerging threats and reduce risk exposure.
• Behavioral Analysis: Develop detection criteria and analytics to identify suspicious user behavior and potential insider threats.
• Reporting & Communication: Produce detailed technical reports and executive summaries to communicate findings, impact, and recommendations to stakeholders.

Knowledge and Experience

• 3+ years of experience in Digital Forensics and Incident Response (DFIR), cybersecurity operations or threat detection and hunting.
• Technical expertise in cybersecurity in two of the following areas: network security, web application assessments, scripting, cloud security, malware analysis, reverse engineering, network or endpoint forensics.
• Hands-on experience with enterprise security tools including SIEM (e.g., Splunk, QRadar), IDS/IPS, forensic suites (e.g. EnCase, Volatility, Autopsy, X-Ways, Magnet Axiom), and malware analysis platforms.
• Experience in cloud and container security, including incident response in AWS, Azure, and hybrid environments.
• Proficient in at least one scripting language (e.g. Python, Bash, PowerShell, JavaScript, etc.)
• Familiarity with MITRE ATT&CK framework and threat intelligence platforms.
• Demonstrated ability to communicate complex technical findings to both technical and non-technical audiences.
• Relevant certifications such as GIAC GCFA, GCIA, GCIH, CISSP, or OSCP.
• Bachelor’s degree in Cybersecurity, Computer Science, Information Systems, related technical field, or equivalent practical experience.