548 Security Specialist jobs in Singapore

As a Cyber Security Professional, you will be responsible for safeguarding digital assets by identifying and mitigating potential security risks.

The key focus of this role is on the effective management and optimization of security systems. You will need to ensure they provide actionable intelligence for rapid threat response.

• Ensure accurate and timely response to security events
• Analyze security logs, alerts, and incident reports to identify and mitigate risks
• Respond to and investigate security incidents, including breaches, malware outbreaks, and phishing attacks
• Monitor networks and systems for security breaches, alerts, and anomalous activity
• Conduct root-cause analysis to prevent future incidents and develop incident response procedures
• Provide analysis and trending of security log data from various security devices
• Configure and maintain security tools to align with organizational security objectives and threat landscape
• Create custom dashboards and reports for different stakeholders to visualize critical security metrics and incident data
• Develop and optimize security content, including rules, alerts, and correlation logic, to improve threat detection and response
• Regularly review and tune security rules to reduce false positives, enhance event correlation, and maintain relevance to evolving threats
• Document and update security processes and configurations, ensuring high level of data accuracy and availability
• Perform regular vulnerability scans and assist in patch management processes. Work with IT teams to prioritize and remediate them
• Recommend solutions to mitigate risks in any activity that may potentially impact security of existing IT and information management
• Ensure compliance with industry regulations (e.g. GDPR, ISO 27001) and organizational policies
• Assist in development, implementation, and maintenance of security policies, standards, and guidelines
• Assist in training staff on security best practices, including phishing awareness and data protection
• Help develop educational materials and conduct periodic security awareness training
• Advise and consult internal/ external customers on risk assessment, threat modelling and vulnerability management. Perform risk assessments and recommend security measures to mitigate potential risks
• Document risks, vulnerabilities, and remediation strategies in detailed risk management report
• Maintain up-to-date knowledge of IT security industry, including awareness of new or revised security solutions, improved security processes and development of new attacks and threat vectors
• Manage and optimize security tools, such as firewalls, antivirus software, and intrusion detection/prevention systems (IDPS)
• Perform 1st level troubleshooting on servers and network issues with regards to log collection/ security tools
• Generate reports on security metrics, incidents, and remediation efforts for management
• Maintain accurate documentation of incidents, security changes, and system configurations

This role requires strong understanding of security best practices, hands-on experience with various security tools, and ability to respond quickly and effectively to emerging threats. You will need to have excellent communication skills, with ability to explain complex security concepts to non-technical stakeholders.

You should have Bachelor Degree or Advanced Diploma in Computer Science, Information Technology, Cybersecurity from recognized university or related field (or equivalent experience). At least 1-3 years in cybersecurity role, with hands-on experience in SIEM content management, network security, threat monitoring, or incident response are required.

about the job:

Our client is a globally recognised organisation with a strong presence across the Asia-Pacific region. They are looking to appoint a dedicated Information Security & Business Continuity Management (BCM) Consultant to join their regional risk and governance team based in Singapore. This role plays a pivotal part in ensuring compliance with internal security policies and regional regulatory frameworks, while strengthening the organisation's cybersecurity resilience. You will contribute to the planning, review, and coordination of security initiatives, business continuity programs, and risk management activities across multiple international branches. The successful candidate will serve as a regional point of contact for internal stakeholders and external regulators, while supporting both day-to-day operations and strategic planning for cybersecurity and continuity capabilities.

Key responsibilities include:

• Reviewing and aligning security policies with regional compliance standards.
• Conducting technology risk assessments, third-party reviews, and gap analysis.
• Supporting security awareness initiatives and ensuring implementation of key cyber hygiene controls.
• Collaborating with global teams on business continuity strategies, risk assessments, and recovery plans.
• Tracking remediation efforts following internal audits, incidents, or test scenarios.
• Preparing management reports and dashboards to support regional oversight and governance.

skills and experience required:

• A degree in Information Security, Computer Science, or a related field.
• At least 5 years of experience in information security or governance, ideally in regulated environments.
• Working knowledge of cybersecurity frameworks and regional regulatory requirements (such as MAS TRM, HKMA, PDPA, or equivalents).
• Experience supporting or leading business continuity and disaster recovery planning.
• Familiarity with standards such as ISO 27001, NIST, or ISO 22301 is an advantage.
• Relevant certifications such as CISSP, CISM, CISA, or ISO Lead Implementer credentials will be highly regarded.
• Strong communication and stakeholder engagement skills, with a collaborative approach.
• Proactive mindset with the ability to manage multiple initiatives across various countries and teams.

To apply online please use the apply function, alternatively you may contact Dalpreet Kaur at (EA: 94C3609 /R23111951)

We are seeking a highly skilled Information Security Specialist to join our team. In this role, you will be responsible for providing subject matter expertise in risk assessments, audits, and issue validations across various areas including infrastructure, applications, cybersecurity, resilience, governance, and regulatory compliance.

The successful candidate will lead and deliver audits on time, including issue validation, business monitoring, and governance reviews. They will also advise on key business and change initiatives, offering risk-focused insights and solutions. Additionally, they will develop action plans to address complex control issues using sound judgment and experience.

• Main Responsibilities:
• Provide subject matter expertise in risk assessments, audits, and issue validations.
• Lead and deliver audits on time, including issue validation, business monitoring, and governance reviews.
• Advise on key business and change initiatives, offering risk-focused insights and solutions.
• Develop action plans to address complex control issues.

About You:

• A bachelor's degree or equivalent professional experience in technology or a related discipline is required.
• Professional certifications like CISA, CISSP, CRISC, CEH, or CGEIT are advantageous.
• Knowledge of ISO standards (e.g., ISO 27001, ISO 9001) is a plus.
• At least 3 years of experience in IT auditing, focusing on systems, infrastructure, and processes.
• Strong expertise in data governance, IT infrastructure security, change and application management, production support, and cloud audits (preferably AWS).
• In-depth understanding of cybersecurity controls, including areas like patching, malware protection, data loss prevention, intrusion detection, and incident response.
• Experience with data analytics and familiarity with source code are beneficial.
• Open to additional responsibilities and flexible in approach.

What We Offer:

• Good remuneration and opportunity to work in a dynamic environment.

This is an exciting opportunity for a motivated and experienced professional to join our team and contribute to our success.

The ideal candidate will possess extensive experience in data governance and security, with a strong emphasis on Microsoft Purview Information Protection. They will be expected to leverage their expertise to drive strategic initiatives and collaborate with cross-functional teams.

Key responsibilities include:

This position involves detecting, analyzing, containing, eradicating, and recovering from cybersecurity incidents to minimize their impact on the organization.

The role requires a high level of technical expertise in digital forensics, threat analysis, and incident response.

A strong understanding of security frameworks, protocols, and procedures is also essential for success in this position.

• Digital Forensics
• CEH Certification
• Cybersecurity Framework Application
• Threat Analysis
• Cyber Incident Management

We offer a dynamic work environment that fosters growth and development. Our team is passionate about staying ahead of emerging threats and developing innovative solutions to complex problems.

This position offers an exciting opportunity to join a forward-thinking organization that values collaboration, creativity, and continuous learning. If you are a motivated and detail-oriented individual with a passion for information security, we encourage you to apply for this role.

The ideal candidate will possess strong security administration skills, with a focus on Linux/UNIX environments. They will be responsible for hardening security, performing splunk administration, and ensuring compliance with established standards.

• Responsible for Linux/UNIX security hardening in accordance with established bank's security standards.
• Performing splunk administration tasks.
• Liaising with Application Development team to establish application access control matrix.
• Granting and assignment of access privileges based on approved access control matrix for Linux/UNIX platform.
• Troubleshooting access and privilege issues.
• Implementing and administering System Access Control using SUDO on Linux/UNIX platform.
• Responsible for Linux/UNIX privileged IDs lifecycle management.

• Degree in Engineering/Computer Science/IT/Cyber Security from recognized education institution.
• Minimum 5+ years experience with Linux (Red Hat, Suse, CentOS) and UNIX (Solaris, AIX) security administration.
• Strong system administration experience on Windows, Database and Network devices.
• Ability to write documentation and create security standards.
• Experience in software configuration management tools (Chef) and log monitoring tools (Splunk).

As a key member of our Group Information Security Team, you will play a pivotal role in safeguarding our corporate networks, systems (on-prem and cloud), and digital assets.

• You will be responsible for monitoring security threats and responding to incidents across our SCOOT networks, leveraging a variety of tools and techniques.
• Manage our Security Operations center with expertise.
• Detect potential threats through proactive 'hunting' across security-relevant data sets.
• Corroborate multiple events from different devices to identify unusual behavior
• Document incident response analysis activities thoroughly.
• Develop innovative methods for finding malicious activities.
• Provide recommendations to enhance detection and protection capabilities.
• Present technical topics effectively to both technical and non-technical audiences.
• Establish detailed operational processes and procedures to analyze, escalate, and assist in the remediation of information security incidents.
• Prioritize high-priority tasks and formulate responses/recommendations in a fast-paced environment.
• Prepare documentation for security technical standards, standard operational procedures, and hardening standards.
• Analyze endpoint, network, and application logs.
• Collaborate with other IT teams on security-related matters.
• Engage with vendors and partners for security reviews.

• Bachelor's degree in Computer Engineering, Computer Science, Information Systems, or equivalent qualification.
• Minimum 5-6 years of experience in Cybersecurity Incident Response and Security Operations.
• Demonstrate expertise in Information Security, focusing on Cyber Security Operations, Incident Response, and Detection.
• Experience working in a Security Operations Centre and/or Computer Incident Response Team.
• Exceptional problem-solving skills combined with hands-on experience in root cause analysis and post-incident reviews.
• In-depth knowledge of computer networks and common protocols.
• Awareness of prominent cyber threat actors and APT groups.
• Proficiency with Threat Intelligence Platforms.
• Experience with SIEM (especially Splunk).
• Relevant professional security qualifications (i.e. GCIA, CISSP etc) are an advantage.
• Preferred certifications: CISSP, CISM, CISA, ISMS, TOGAF, SABS
• Strong interpersonal skills.

We are seeking a skilled and highly motivated Cybersecurity Specialist to join our team. The ideal candidate must hold a valid CREST certification and have proven experience in identifying vulnerabilities, simulating cyberattacks, and recommending effective remediation strategies to improve overall security posture.

• Perform comprehensive penetration testing on applications, systems, networks, and cloud infrastructure
• Identify, assess, and report vulnerabilities and security weaknesses
• Provide detailed technical documentation, risk assessments, and remediation guidance
• Collaborate with development, infrastructure, and IT teams to address findings
• Simulate real-world cyberattacks (red teaming/threat emulation) to assess system resilience
• Participate in security assessments, audits, and compliance initiatives
• Stay updated on the latest security trends, tools, and threat landscapes
• Support incident response and threat hunting activities when required

• CREST certification is mandatory (e.g., CREST Registered Penetration Tester, CREST Certified Infrastructure Tester, etc.)
• Proven experience in penetration testing, vulnerability assessment, and exploit development
• Strong knowledge of common attack vectors, tools (e.g., Burp Suite, Metasploit, Nmap, Kali Linux), and scripting languages (e.g., Python, PowerShell)
• Familiarity with OWASP Top 10, MITRE ATT&CK, and other industry standards
• Experience with reporting tools and security documentation
• Excellent analytical, communication, and problem-solving skills
• Bachelor's degree in Computer Science, Cybersecurity, or a related field (or equivalent experience)

• Experience with red teaming or purple teaming exercises
• Other relevant certifications such as OSCP, GIAC (GPEN, GWAPT), or CEH
• Knowledge of cloud security testing (AWS, Azure, GCP)
• Experience in secure software development practices

The Cybersecurity Engineer will play a pivotal role in safeguarding the security and integrity of our IT systems and networks. Their primary responsibility will be to identify vulnerabilities, implement patches, and develop strategies to prevent cyber threats.

• Analyzing and interpreting vulnerability findings to translate into actionable remediations
• Understanding CVSS (Common Vulnerability Scoring System) and applying it in prioritization
• Familiarity with secure configuration standards (e.g., CIS Benchmarks, NIST 800-53)
• BASIC scripting knowledge (e.g., Python, PowerShell, or Bash) to automate scanning or reporting tasks
• Knowledge of operating systems (Windows, Linux, macOS) and their patching mechanisms
• Strong communication and collaboration skills to work across teams
• Organizational skills to manage scanning cadence, documentation, and remediation
• Technical aptitude to operate and maintain scanning technologies
• Problem-solving mindset with attention to detail and risk prioritization
• Strong communication and interpersonal skills

PREFERRED QUALIFICATIONS:

• Exposure to external web application scanning tools (e.g., Invicti/Netsparker)
• Experience with cloud-native security platforms (e.g., Aqua Security)
• Familiarity with API security tools (e.g., F5, Akamai)
• Academic or hands-on exposure to penetration testing concepts
• Security certifications such as Security+, CEH, or vendor-specific credentials

About Our Company:


We are a leading IT company based in Singapore, providing innovative solutions to businesses and individuals. Our team is passionate about delivering high-quality services that meet the needs of our clients.