118 Security Monitoring jobs in Singapore

Press Tab to Move to Skip to Content Link
Select how often (in days) to receive an alert: Create Alert
At Tetra Pak we commit to making food safe and available, everywhere; and we protect what's good – protecting food, protecting people, and protecting the planet. By doing so we touch millions of people's lives every day.
And we need people like you to make it happen.
We empower you to reach your potential with opportunities to make an impact to be proud of – for food, people and the planet.
The Incident Response (IR) Lead leads a 24/7 virtual team who monitor and respond to ISIRT major incidents. This role requires management of Incident Response activities and team communication with SOC analysts, SME and other IT technical personnel. This role is also required to work closely with stakeholders and cybersecurity’s leadership team. Additionally, the Incident Response Lead will ensure staff members prioritize their work related to suspected and confirmed incidents, which may vary in severity and impact. The Incident Response Lead will direct analysts to investigate, validate, remediate and communicate known details about the incident and is a point of contact for escalation.
Due to coverage requirements, this is a permanent position based in a country within the Asia time zone.
What you will do
Role and responsibilities:
The Incident Response Lead will analyze and organize to help the team rank complex work. As a central figure, Incident Response Lead brings order to a fast-paced, constantly evolving operation. Incident Response Lead to enforce policies, playbooks and methodologies, which have been adopted for the best course of action.
Personal, organizational, communication and analytical skills are vital, as well as the ability to communicate effectively with cybersecurity leadership. This role requires technical aptitude, and managers are also expected to be adept at working well with people who will be under stress and subject to burnout.
Key Responsibilities:

• Manage a team of incident responders for ISIRT response and interact with cybersecurity leadership and business stakeholders.
• Coordinate and ensure ISIRT incidents are prioritized at all hours of the day.
• Implement a cross-functional team of analysts working closely with cybersecurity, IT and developers.
• Serve as a point of escalation and incident commander.
• Review ISIRT incidents that may be related to ransomware, host compromise, account compromise, phishing, anomalous user behavior, third parties and data leakage.
• Ensure the ISIRT response team is following processes embraced by leadership and adhering to best practices.
• Measure and give feedback to the team to improve mean time to respond, key performance indicators (KPIs) and service-level objectives.
• Proactively adjust to upcoming company changes affecting the operation to modify ISIRT response processes.
• Possess advanced knowledge of attackers’ methods of escalation; lateral movement; and tactics, techniques and procedures.
• Present incident analysis and trend reporting to leadership, highlighting KPIs.
• Review events and process effectiveness and make recommendations for change to leadership.
• Require participation in ISIRT tabletop exercises designed to identify gaps, improve skills, enhance communication and engage with key stakeholders.
• Oversee IR playbooks, policies, procedures and guidelines to ensure they align with industry best practices.
• Collaborate with infrastructure, IT, vulnerability, threat intelligence and application security leads.
• Participate in monitoring internal and external events and stay tightly aligned with infrastructure and third-party, hosted, on-premises and end-user systems.
• Review and communicate ISIRT incident details from initial investigation through root cause analysis and post-mortem.
• Maintain operational rigor and recognize when team members need time away to refocus and refresh.
• Identify strengths and weaknesses in ISIRT team members and provide training to improve skills and knowledge.
• Remain current with emerging threats and share knowledge with colleagues to improve incident response. Perform other duties as assigned.

We believe you have
Strong organizational and team management skills are required to excel in this role, as well as previous experience in security administration, IR and security operations center (SOC) roles.
Seven-plus years’ experience in security administration and SOC, with three-plus years’ security IR.
Demonstrated experience leading people both in person and remotely distributed.
Self-aware and capable of remaining calm under intense pressure.
Strong written and oral communication skills across varying levels of the organization.
Excellent judgment and the ability to make quick decisions when working with complex situations.
Organized, with the ability to prioritize and respond within defined SLAs and maintain composure.
Understanding of threats and vulnerabilities, as well as principles of ISIRT incident response and chain of custody.
Knowledge with multiple solutions such as security orchestration, automation and response; SIEM; threat intelligence platform; directory services; malware sandboxes; vulnerability management; MITRE ATT&CK; IR playbooks; and endpoint/extended detection and response
Generally familiar with one or more but not limited to: NIST, ISO 27001, NIS 2, CRA
Track record of acting with integrity, taking pride in work, seeking to excel, and being curious and flexible.
High degree of integrity, trustworthiness, professionalism and character.
Education Requirements:
Bachelor’s degree preferred in cybersecurity, computer science, engineering or related field.
Certification in CRISC, CISSP, CISA, CISM will be a plus.
We Offer You
A variety of exciting challenges with ample opportunities for development and training in a truly global landscape
A culture that pioneers a spirit of innovation where our industry experts drive visible results
An equal opportunity employment experience that values diversity and inclusion
Market competitive compensation and benefits with flexible working arrangements
Apply Now
If you are inspired to be part of our promise to protect what’s good; for food, people, and the planet, apply through our careers page at .
If you have any questions about your application, please contact
Ephraim Kwa .
Diversity, equity, and inclusion is an everyday part of how we work. We give people a place to belong and support to thrive, an environment where everyone can be comfortable being themselves and has equal opportunities to grow and succeed. We embrace difference, celebrate people for who they are, and for the diversity they bring that helps us better understand and connect with our customers and communities worldwide.
#J-18808-Ljbffr

Job Scope:

Incident Response Leadership:

- Oversee the entire incident response lifecycle from detection to resolution.

- Lead investigations of IT security incidents and ensure thorough root cause analysis and remediation.

- Develop and maintain incident response playbooks and procedures.

- Coordinate with internal, external stakeholders, and vendors during incidents.

- Conduct post-incident reviews and report findings to management.

Monitoring and Detection

- Develop and implement advanced threat detection and monitoring strategies.

- Utilize SIEM, EDR, and other security tools for timely incident detection.

- Perform threat hunting and proactive security assessments.

- Collaborate with IT teams to deploy and optimize security solutions.

Threat Statistics and Reporting

- Analyze and compile statistics on threats relevant to the Institute.

- Prepare and present detailed reports on threat statistics to stakeholders.

- Use data visualization tools to communicate threat trends and insights.

Requirements:

- A University Degree in Information Systems, Computer Science, Cybersecurity, or a related field.

- Professional Certification(s) in incident handling and security analysis preferred.

- GCIH or its equivalent is preferred.

Professional Experience:

- Minimum of 8 years of progressive experience in IT security, with a focus on Incident response.

- Minimum of 4 years of experience in a security operations center, with proven leadership capabilities.

- Intermediate knowledge of security operations, incident analysis, incident handling, and vulnerability management or testing, system patching, log analysis, intrusion detection, or firewall administration.

- Proven experience in managing incident response and performing threat hunting.

Technical Expertise

- Proficiency in Security Information and Event Management (SIEM), Endpoint Detection and Response (EDR), traffic and packet analysis, and cloud security.

- Experience in firewall, Intrusion Prevention Systems (IPS), Web Application Firewalls (WAF) administration, virtualization, and cloud technologies.

- Experience in monitoring and administering host-based intrusion detection systems.

- Knowledge and experience in Linux/Windows/Database technologies preferred.

- Strong knowledge of industry standards and information security policy frameworks.

- Hands-on experience with scripting and automation tools to enhance security operations.

- Ability to conduct gap analysis of current processes and identify opportunities for improvement.

- Evaluate internal and external environments for threats related to Information Security and act as a subject matter expert to ensure these are properly addressed and controlled.

- Continuously improve event correlation and alerting processes and use cases to detect potential incidents.

- Automate manual processes to enhance security incident response.

- Experience with network security assessment tools.

Leadership and Communication

- Excellent leadership and team management skills, with the ability to inspire and motivate a team.

- Strong communication skills, with the ability to effectively interact with stakeholders at all levels, including University administration.

- Demonstrated ability to drive strategic initiatives and lead a team through change.

- Exceptional problem-solving skills and the ability to think critically under pressure.

- Ability to interview stakeholders to define and document business requirements.

- Provide advice and guidance on response action plans for information risk events and incidents based on incident type and severity.

Location: Pioneer / Boon Lay

Contract Period: 3-years

EA License No: 96C4864

Reg. No.: R EUNICE WOO JING QI

Responsibilities:

• Incident Response Leadership: Lead incident response efforts with the team, contribute to the development and maintenance of incident response plans, and coordinate effectively with relevant stakeholders. Act as the backup for the SOC Manager during their absence, ensuring continuity of operations, decision-making, and team leadership.
• AI-Driven Cybersecurity Incident Response: Evaluate current cybersecurity incident response processes to identify & implement opportunities for AI integration and automation.
• Incident Management: Efficiently assess, investigate, and manage security incidents throughout their lifecycle, determining root cause and impact.
• Log Analysis: Conduct comprehensive analysis of security logs and data to identify and correlate malicious activity.
• Technology Evaluation: Conduct thorough Proof of Concept (PoC) and Proof of Value (PoV) assessments of prospective security tools to determine their efficacy and suitability.
• Project Management: Apply project management principles to plan, execute, and monitor the implementation of security tools and strategic initiatives.
• Technical Communication: Articulate complex technical information clearly and concisely to both technical and non-technical audiences.
• Cross-functional Collaboration: Collaborate effectively with diverse teams to facilitate incident resolution and the implementation of security solutions.
• Continuous Improvement: Conduct post-incident reviews to identify lessons learned and recommend enhancements to prevent future occurrences.
• Security Tool Proficiency: Utilize security tools such as EDR and SIEM for in-depth investigations and analysis.
• Availability: Respond to security incidents on a 24x7 basis during escalations and participate in a rotational on-call schedule, including weekends and public holidays.
• Additional Responsibilities: Undertake other cybersecurity-related tasks as directed by team leadership.

Qualifications:

• Bachelor's degree in Computer Science, Information Security, or a related discipline, or equivalent professional experience.
• 8 years of demonstrable experience in cybersecurity incident response.
• Comprehensive understanding of network protocols, operating systems, and fundamental security principles.
• Proven ability to analyze security logs and network traffic effectively.
• Exceptional problem-solving, analytical, and communication skills (both written and verbal).
• Experience in conducting Proof of Concept (PoC) or Proof of Value (PoV) evaluations of security technologies.
• Demonstrated knowledge and application of project management principles.
• Familiarity with security tools and technologies, including CrowdStrike EDR and Splunk.
• Relevant professional certifications, such as CISSP, GCIH, or CEH, are highly desirable.

Interested applicants please send your resume to

Venessa Goh Wee Ni

R

Recruit Express Pte Ltd

EA License No: 99C4599

We regret that only shortlisted candidates will be contacted.

Our Mission
Our Mission
At Palo Alto Networks everything starts and ends with our mission: Being the cybersecurity partner of choice, protecting our digital way of life. Our vision is a world where each day is safer and more secure than the one before. We are built on challenging and disrupting the way things are done, and we seek innovators who are committed to shaping the future of cybersecurity.
Who We Are
Who We Are
We take our mission of protecting the digital way of life seriously. We are relentless in protecting our customers and believe that the unique ideas of every team member contribute to our collective success. Our values were crowdsourced by employees and are brought to life through each of us everyday – from disruptive innovation and collaboration to execution, from showing up for each other with integrity to creating an environment where we all feel included.
Job Description
Job Description
As a Principal Consultant in Unit 42, the individual will be responsible for managing incident response engagements with our largest clients and in our most complex engagements. They will become the go‐to expert for clients during high‐priority incident response, remediation, and recovery phases, providing strategic guidance and technical oversight while focusing on product integration. The role requires in‐depth cybersecurity expertise to serve as an incident commander throughout the incident response lifecycle. While actively involved in incident response service delivery, this person also works with peers and the executive team to enhance Unit 42’s incident response practice, including developing and improving the technical and operating methodologies employed during incident response engagements.
Your Impact
Lead the team delivering high‐profile, high‐stakes enterprise level incident response engagements
Provide hands‐on, expert‐level incident response services to clients and deliver findings to CxO and/or Board of Directors
Partner with the Unit 42 Directors, executive team and service line leaders to develop and execute strategy for the Unit 42 Digital Forensics & Incident Response (DFIR) practice, as well as continuously advance the maturity of our services
Drive innovation in Unit 42’s reactive offerings, by leading the consulting team and collaborating with cross‐functional teams to bring new capabilities and services to market that leverage Palo Alto Networks products
Ensure the consistency and quality of our services and highest level of customer service
Integrate threat intelligence into our services by deepening the feedback loop with Unit 42 Threat Intelligence team and telemetry
Recruit and onboard world class Incident Response talent to support our growth goals
Support the professional growth and development of our consultants through training and technical enablement
Foster and maintain a culture that attracts and retains smart, kind team members dedicated to executing with excellence
Identify and execute strategies for service development, enablement, and process that result in the pull through of Palo Alto Networks products
Cultivate and maintain relationships with key clientele to increase awareness of Unit 42’s capabilities and provide on‐demand expertise for client needs
Amplify Unit 42’s presence and credibility in the marketplace through thought leadership, including via speaking engagements, articles, whitepapers, and media exposure
Qualifications
6 years of hands‐on professional experience in incident response, with 3 years experience in client‐facing consulting roles
Demonstrated prior experience and success in leading multi‐site, large scale incident response engagements, including scoping work, managing incident response engagements end‐to‐end and providing guidance on tactical and longer‐term remediation recommendations
Experience in managing, leading and motivating consultants at all levels
Experience as a team leader including overseeing other senior and mid‐level analyst/consultant teams
Ability to travel as needed to meet business demands
Able to split your time across commercial support, client delivery, team coaching, and technical expertise and skills maintenance activities
Strong presentation, communication, and presentation skills with verifiable industry experience communicating at CxO and/or Board of Directors level
Expert level of knowledge of applicable laws, compliance regulations, and industry standards as it relates to privacy, security, and compliance
Deep technical experience and operational understanding of major operating systems (Microsoft Windows, Linux, or Mac) and/or proficiency in host based forensics, network forensics and cloud incident response
Endpoint Detection and Response (EDR), threat hunting, log analysis, and triage forensics
Collection and analysis of host and cloud based forensic data at scale
Client services mindset and top‐notch client management skills
Experienced‐based understanding of clients’ needs and desired outcomes in incident response investigations
Demonstrated writing ability, including technical reports, business communication, and thought leadership pieces
Operates with a hands‐on approach to service delivery with a bias toward collaboration and teamwork
Track record of championing innovation and improvement initiatives for your area of expertise, identifying emerging trends and technologies and developing leading solutions to address client needs
Be a valuable contributor to the practice and, specifically develop an external presence via public speaking, conferences, and/or publications
Have credibility, executive presence, and gravitas
Able to have a meaningful and rapid delivery contribution
Have the potential and capacity to understand all aspects of the business and an excellent understanding of PANW products
Be collaborative and able to build relationships internally, externally, and across all PANW functions, including the sales team
Bachelor’s Degree in Information Security, Computer Science, Digital Forensics, Cyber Security, or equivalent years of professional experience or equivalent relevant experience or equivalent military experience required to meet job requirements and expectations
Professional industry certifications such as: GIAC Certified Forensic Analyst (GCFA), GIAC Certified Forensic Examiner (GCFE), GIAC Incident Handler (GCIH)
Seniority Level
Associate
Employment Type
Full‐time
Job Function
Consulting
Industries
Computer and Network Security
#J-18808-Ljbffr

Who we are
About Stripe
Stripe is a financial infrastructure platform for businesses. Millions of companies—from the world’s largest enterprises to the most ambitious startups—use Stripe to accept payments, grow their revenue, and accelerate new business opportunities. Our mission is to increase the GDP of the internet, and we have a staggering amount of work ahead. That means you have an unprecedented opportunity to put the global economy within everyone’s reach while doing the most important work of your career.
About the team
The Incident Response team is a global 24/7 team responsible for driving incident response and management from detection to resolution. Stripe is proud of its five 9s API reliability and this team is at the forefront of ensuring we keep it that way - working hand-in-hand with Reliability Eng and across the Tech Org. This team of incident response managers (IRM) is defined by our sense of ownership and how we drive incidents to resolution - marshaling the necessary cross-functional resources to respond to and resolve service outages, critical bugs, security attacks and anything that significantly impacts the users of our products. The team is user-first and ensures appropriate external communications from Stripe and senior management to keep our users informed of disruption to their experience of Stripe. The team is highly skilled in incident troubleshooting, program management, incident classifications, incident communications, incident escalation and technical adeptness as incidents can arise from anywhere and cut across products and orgs in Stripe.
What you’ll do
This position entails leading and optimizing Stripe's incident management processes and automation, ensuring efficiency and adherence to stringent incident response metrics. As the head of the incident response team, you will establish and maintain a best-in-class incident response framework, upholding the reliability standards expected of Stripe. Responsibilities include but are not limited to incident classification, escalation, and notification management, along with accountability for key incident response metrics (TTx). You will generate actionable insights to drive continuous improvement, collaborating with engineering leadership to refine incident detection, response, user communication, and tooling efficacy. Leadership and development of a highly effective 24/7 global incident response management team, characterized by urgency, programmatic ownership of incidents and communications, and the capacity to engage engineering teams, are crucial. Additionally, you will manage incident communications across multiple channels for executive and end-user audiences, and identify automation opportunities to streamline incident response workflows, thereby safeguarding users and minimizing disruption to their operations.
Responsibilities
Lead the global 24/7 team of regional managers and incident response managers with ability to be hands-on and support frontline on-call with speed, cross-functional collaboration and escalation
Develop and own Stripe's incident response and management strategy and cross-functional roadmap, ensuring it aligns with the company's reputation for reliability.
Spearhead and manage Stripe's AI-First strategy for automation of incident response workflows, partnering with the engineering team to implement required tooling enhancements.
Enhance Stripe's incident response by leading and implementing improvements derived from analyzing user-facing incidents and extracting actionable insights and learnings.
Collaborate closely with executive leadership, engineering, and operations teams to lead significant programs and reshape workflows and metrics concerning reliability and incident operations.
Manage relevant TTx metrics, particularly those related to communication and escalation. Collaborate with engineering leadership to implement necessary improvements for each metric.
Develop user-focused metrics and data to guide Stripe's incident response, reliability strategy, and user communications (including RCAs), ensuring impactful decision-making.
Who you are
We’re looking for someone who meets the minimum requirements to be considered for the role. If you meet these requirements, you are encouraged to apply. The preferred qualifications are a bonus, not a requirement.
Minimum requirements
5+ years of management experience, including 2+ years of experience managing managers with a proven record in building, growing and transforming teams.
Extensive experience (4+ years) leading incident response for complex, large-scale distributed services with high SLOs/SLAs, coupled with deep expertise in crisis management.
Demonstrated ability to lead, influence other leaders and deliver complex strategic projects involving multiple stakeholders
Strong analytical skills, and the ability to use data to drive business decisions
Possesses proficiency in basic incident troubleshooting and a reasonable understanding of system architecture. Fluent in using SQL, Splunk, or similar query languages.
Exceptional communication abilities, capable of adapting incident updates for diverse audiences (executives, external users, internal teams).
Affinity for a fast paced work environment, crafting strategic and rapid fixes to high intensity problems with a keen eye for detail and a high bar for quality
Comfort navigating ambiguity, while identifying areas for process improvement and establishing best practices
Preferred qualifications
Experience managing geographically dispersed teams
Experience using infrastructure and application monitoring tools such as Prometheus, Sentry and others
Experience in incident response at a high-growth technology company, preferably within the payments or e-commerce sectors.
Proven ability to apply Agentic and Generative AI to revolutionize incident response, coupled with a strong grasp of current industry trends in the incident response domain.
Demonstrated history of driving engineering and process enhancements to improve incident response efficiency within a rapidly expanding technology organization.
Office-assigned Stripes spend at least 50% of the time in a given month in their local office or with users. This hits a balance between bringing people together for in-person collaboration and learning from each other, while supporting flexibility about how to do this in a way that makes sense for individuals and their teams. The annual salary range for this role in the primary location is S$208,000 - S$312,000. This range may change if you are hired in another location. For sales roles, the range provided is the role’s On Target Earnings (“OTE”) range, meaning that the range includes both the sales commissions/sales bonuses target and annual base salary for the role. This salary range may be inclusive of several career levels at Stripe and will be narrowed during the interview process based on a number of factors, including the candidate’s experience, qualifications, and specific location. Applicants interested in this role and who are not located in the primary location may request the annual salary range for their location during the interview process.
Specific benefits and details about what compensation is included in the salary range listed above will vary depending on the applicant’s location and can be discussed in more detail during the interview process. Benefits/additional compensation for this role may include: equity, company bonus or sales commissions/bonuses; retirement plans; health benefits; and wellness stipends.
Office locations
Singapore
Team
Infrastructure & Corporate Tech
Job type
Full time
Apply for this role
#J-18808-Ljbffr

Join to apply for the
Lead, Cybersecurity Incident Response
role at
StarHub
Job Description
The
Assistant Manager - Incident Response and Threat Hunting
is responsible for leading the detection, investigation, and mitigation of cybersecurity incidents. This role involves proactive threat hunting, forensic analysis, and developing response strategies to minimize risks and impact on an organization's IT infrastructure. The specialist collaborates with cross-functional teams to improve security posture and ensure compliance with industry standards.
The candidate will report to the Head of Incident Response Team and will plan and oversee the performance of security responses to security incidents in an IT environment. They will present cyber-incident reports to senior leaders and identify root causes of cyber threats.
Responsibilities
Lead the response to cybersecurity incidents, including malware infections, data breaches, and insider threats.
Perform real-time and retrospective analysis of security events to identify threats.
Coordinate with MSSP Security Operations Centre (SOC) teams for monitoring and alerting.
Develop and document incident response plans and playbooks.
Handle incidents end-to-end with expertise.
Conduct proactive threat hunting to identify unknown threats.
Perform digital forensic analysis on compromised systems to determine root causes.
Use forensic tools to collect and analyze logs, memory dumps, and disk images.
Work with SIEM tools to detect anomalous behaviors.
Analyze logs from firewalls, IDS/IPS, endpoint protection, and cloud security tools.
Improve detection capabilities by tuning security alerts and developing rules.
Recommend and implement security controls to reduce exposure.
Provide technical leadership to junior responders and analysts.
Requirements
Tertiary Education in Computer Science / Engineering or equivalent.
At least 5 years of relevant experience.
Strong expertise in incident response, threat hunting, and forensic analysis.
Experience with SIEM tools (e.g., Elastic, Splunk).
Proficiency in network security, malware analysis, and log analysis.
Familiarity with cloud security (AWS, Azure, GCP) and container security.
Experience with cloud security tools and AI-powered security analytics (AWS Guard Duty, Azure Sentinel, Google Chronicle).
Familiarity with AI/ML-driven anomaly detection and behavioral analysis techniques.
Knowledge of security solutions (EDR, XDR, NDR, WAF, Proxy, Firewall, Email Security).
Scripting and automation skills (Python, PowerShell, Bash).
Deep understanding of MITRE ATT&CK framework, cyber kill chain, and machine learning models for cybersecurity applications.
Excellent communication and report-writing skills, with the ability to work under pressure.
Additional Information
Seniority level: Mid-Senior level
Employment type: Full-time
Job function: Information Technology
Industries: Technology, Information and Media, and Information Services
#J-18808-Ljbffr

About Blackpanda
Blackpanda is Asia’s premier cyber crisis response firm, founded by former elite military special operations forces and cyber defense experts. Headquartered in Singapore, we specialize in incident response and digital forensics across the Asia-Pacific region.
Our mission is bold: to democratize cyber resilience by providing organizations of all sizes with best-in-class incident response and insurance solutions, ensuring they can operate securely and sustainably in an increasingly hostile digital world.
But we’re not stopping there.
We are building the world’s first Cyber In-Extremis Force (CIF), a no-fail, elite digital crisis response unit modeled after the most advanced special operations capabilities in the world. Inspired by Tier-1 military readiness, our team doesn’t just respond to cyber threats.
We dominate them.
We live by the following core values:
Sincerity: If we say we’ll do it, it’s as good as done.
Unity: Debate fiercely, then commit fully. We all row in the same direction.
Efficiency: Timing beats speed, precision beats power, and leverage beats strength.
Humility: Humility forms the basis of honor. We listen, then we act, and then we listen again.
Grit: We don’t sugarcoat setbacks or bad news. We face challenges head-on and don’t quit when things get tough.
Your Mission: Incident Responder
You will manage high-profile cybersecurity investigations, coordinate with executives, clients, and stakeholders, and guide organizations through their most urgent moments of digital crisis. This role demands exceptional hands-on technical ability, strategic leadership, and the calm, decisive mindset required in fast-moving, high-stakes environments.
But remember, this is the real world. Not every case will be complex or cinematic. Some will be routine. Others will be chaotic, even frightening—where you truly see how far many organizations are from real cyber resilience. You’ll realize that companies are not well-oiled machines; they’re messy, human, and often unprepared. Your mission is to bring clarity to that chaos, to lead with calm under fire, and to transform disorder into operational control.
You are not just technically sharp, but adaptable, open-minded, and ready to thrive under pressure. You’re someone who sees chaos as opportunity, who stays cool when others panic, and who finds solutions when the stakes are highest. Unlike traditional consulting environments, Blackpanda eliminates red tape in favor of speed, precision, and decisive action. We move fast. We train relentlessly.
And we deliver excellence. Every single time.
Core Responsibilities
Lead and execute high-stakes cyber incident response investigations, ensuring rapid containment, eradication, and recovery in mission-critical environments.
Analyze forensic artifacts, attacker TTPs, and malware across complex hybrid infrastructures: including Windows, Linux, macOS, and cloud platforms.
Perform full-spectrum DFIR operations, including disk imaging, memory acquisition, log analysis, threat hunting, and lateral movement investigations.
Utilize scripting languages (Python, Bash, PowerShell) to automate response workflows, simulate adversarial techniques, and enhance investigative efficiency.
Communicate strategic insights and technical findings to clients, executives, regulators, and law enforcement with clarity, confidence, and precision.
Collaborate with engineering and R&D teams to refine internal tools, enhance proprietary tech, and accelerate operational readiness.
Coordinate directly with external stakeholders: including legal teams, insurers, vendors, and government agencies, throughout incident lifecycles.
Partner with sales consultants to scope potential engagements, provide technical insight during pre-sales, and contribute to internal upskilling, ensuring our commercial team is equipped to position Blackpanda CIF capabilities with precision.
Train, mentor, and uplift junior analysts, instilling elite tradecraft, professional discipline, and the Blackpanda standard of operational excellence.
Minimum Requirements – This Is Your Entry Ticket to CIF
This role is open to Singaporean only.
3+ Years of Hands-On Experience in cybersecurity incident response, security operations as an analyst, digital forensics, or threat intelligence (consulting or in-house).
Strong Technical Foundations across enterprise networks, security architecture, and cloud environments.
Proficiency with Key DFIR Tools including EDR platforms, SIEMs, firewalls, and forensic toolkits (e.g., Splunk, ELK, SentinelOne, Checkpoint, Velociraptor, EnCase).
Operating System Mastery – Comfortable navigating and investigating across Windows, Linux, and macOS environments.
Scripting and Automation Skills – Proficient in at least one scripting language (Python, Bash, or PowerShell), with a mindset for automating workflows and simulating adversary behavior.
Calm Under Fire – Proven ability to lead or contribute to high-pressure, customer-facing IR engagements with poise and precision.
Communication – Able to translate complex technical findings into strategic guidance for senior stakeholders, boards, and regulators.
Preferred Qualifications – What Sets You Apart
Certifications – GCFA, GNFA, GREM, OSCP, or equivalent.
Real-World Adversary Experience – Deep exposure to ransomware/extortion cases, dark web intelligence, and threat actor tracking.
OT/ICS Proficiency – Experience working in air-gapped or critical infrastructure environments.
Builder Mindset – Demonstrated experience in building cybersecurity tools, writing custom scripts, or contributing to open-source security projects.
Backgrounds of Honor – Prior experience in military, law enforcement, or intelligence agencies is a strong plus.
We know, it’s a big list. But we’re not here to check boxes. At Blackpanda, what matters most is your mindset: the grit, discipline, and calm-under-fire required to operate when others freeze. If you've been forged through experience, sharpened by adversity, and you're ready to push even further, we want you on this team.
#J-18808-Ljbffr