120 Threat Analyst jobs in Singapore

Work should be challenging.
Your work should challenge the status quo.
You should be defining the future, not being dependent on it.
You don't like it safe and prefer to swim in the deep end while figuring things out.
You want to be avant-garde.
If this resonates with you, then you'll fit right in here at Propine.
Propine is re-inventing capital markets using blockchain technology. We've worked with the Monetary Authority of Singapore (MAS) to become the first licensed custodian for digital assets in the world.
We are re-imagining the issuance and lifecycle management of capital market products like equities, debt, structured products, and funds using blockchain technology to reduce friction and increase value for issuers and investors.
This role requires a 'do-whatever-it-takes' mindset and the ability to operate just outside your comfort zone. If this excites and slightly unnerves you, you might be the right fit.
Seniority:
Associate
Position Title:
Threat and Incident Response Analyst
Job Description:
We seek a highly motivated and skilled Threat and Incident Response Analyst to join our information security team. The ideal candidate will be passionate about security and eager to work with the latest tools to investigate and respond to attacks.
Responsibilities:
Identify and analyze cybersecurity threats impacting the organization.
Proactively discover new attacks using advanced security monitoring tools.
Investigate and respond to security incidents following a defined process.
Create playbooks and response processes.
Collaborate with engineering to automate incident responses.
Update detection and response capabilities based on emerging threats.
Perform threat modeling across organizational technologies and applications.
Identify relevant data sources and onboard them to the SIEM platform.
Operate and administer the SIEM platform.
Utilize security tools like SIEM, EDR, WAF, IDS, and Netflow.
Manage threat intelligence feeds for security event correlation.
Participate in 24x7 on-call support for security operations.
Qualifications:
5-7 years in security/threat analysis, detection, and prevention technologies.
Strong analytical skills and a proactive learning attitude.
Deep knowledge of Unix/Linux, Windows, AD, Databases, Cloud, and DevOps.
Experience with endpoint and network security tools such as IDS, IPS, EDR, ATP, Malware defenses.
Experience with SIEM and log management.
Understanding of Cyber Threat TTPs, Threat Hunting, and the Mitre Attack framework.
Scripting skills.
Familiarity with threat modeling methods like STRIDE and PASTA.
Effective communication with technical and non-technical teams across geographies.
#J-18808-Ljbffr

Why Join
Become a vital defender in OCBC’s digital world. As a Cyber Threat Analyst, you’ll be on the front lines, protecting our customers and the bank from evolving cyber threats. You’ll gain invaluable hands-on experience in a state-of-the-art Security Operations Centre, contributing to a team that safeguards OCBC’s critical assets and strengthens our resilience. This is a launchpad for a rewarding career in cybersecurity.
How you succeed
Embrace continuous learning and a proactive mindset. You’ll need to quickly grasp security concepts and apply them to real-world scenarios. Effective collaboration with the team and a meticulous approach to analysis are essential. Success means contributing to a robust security posture and constantly refining your skills to stay ahead of emerging threats.
What you do
Your responsibilities will include:
Monitoring and analyzing real-time security events to identify potential threats.
Investigating security incidents, determining their impact, and escalating as needed.
Logging security events and managing incidents through to resolution.
Contributing to reports and documentation related to cybersecurity events.
Supporting the team with various cybersecurity-related tasks and projects.
Ensuring adherence to Service Level Agreements for threat detection and response.
Who you work with
Group Operations & Technology co-creates products and solutions, building the underlying technology applications and services and managing the Group’s IT operations & cyber defence 24/7, 365. You’ll be joining a team with singular focus & delivering exceptional customer experience through relentless innovation – at the forefront of our digital transformation journey. Serious investment is made in your development.
Who you are
A recent graduate from a Polytechnic or University with a Diploma or Degree in the relevant field (e.g., Cyber Security, IT, Computer Science).
Possess a foundational understanding of common network tools (e.g., ping, traceroute, nslookup).
Demonstrate knowledge of cyber defence policies and procedures.
Familiar with SIEM and Intrusion Detection System (IDS) tools.
Open to learning and quickly adapting to new technologies and techniques.
Excellent communication skills and the ability to work effectively in a team.
Learning Objectives
This programme will provide you with:
Hands-on experience in a 24/7 Security Operations Centre environment.
In-depth knowledge of cybersecurity monitoring, analysis, and incident response.
Practical skills in using industry-leading security tools and technologies.
Exposure to a wide range of cyber threats and attack vectors.
Opportunities to develop your analytical and problem-solving skills.
Who we are
As Singapore’s longest established bank, we have been dedicated to enabling individuals and businesses to achieve their aspirations since 1932. How? By taking the time to truly understand people. From there, we provide support, services, solutions, and career paths that meet their individual needs and desires.
Today, we’re on a journey of transformation. Leveraging technology and creativity to become a future-ready learning organisation. But for all that change, our strategic ambition is consistently clear and bold, which is to be Asia’s leading financial services partner for a sustainable future.
We invite you to build the bank of the future. Innovate the way we deliver financial services. Work in friendly, supportive teams. Build lasting value in your community. Help people grow their assets, business, and investments. Take your learning as far as you can. Or simply enjoy a vibrant, future-ready career. Your Opportunity Starts Here.
What we offer
Competitive base salary. A suite of holistic, flexible benefits to suit every lifestyle. Community initiatives. Industry-leading learning and professional development opportunities. Equal opportunity. Fair employment. Selection based on ability and fit with our culture and values. Your wellbeing, growth and aspirations are every bit as cared for as the needs of our customers.
#J-18808-Ljbffr

Why Join

Become a vital defender in OCBC’s digital world. As a Cyber Threat Analyst, you’ll be on the front lines, protecting our customers and the bank from evolving cyber threats. You’ll gain invaluable hands-on experience in a state-of-the-art Security Operations Centre, contributing to a team that safeguards OCBC’s critical assets and strengthens our resilience. This is a launchpad for a rewarding career in cybersecurity.

How you succeed

Embrace continuous learning and a proactive mindset. You’ll need to quickly grasp security concepts and apply them to real-world scenarios. Effective collaboration with the team and a meticulous approach to analysis are essential. Success means contributing to a robust security posture and constantly refining your skills to stay ahead of emerging threats.

What you do
Your responsibilities will include:

• Monitoring and analyzing real-time security events to identify potential threats.
• Investigating security incidents, determining their impact, and escalating as needed.
• Logging security events and managing incidents through to resolution.
• Contributing to reports and documentation related to cybersecurity events.
• Supporting the team with various cybersecurity-related tasks and projects.
• Ensuring adherence to Service Level Agreements for threat detection and response.

Who you work with

Group Operations & Technology co-creates products and solutions, building the underlying technology applications and services and managing the Group’s IT operations & cyber defence 24/7, 365. You’ll be joining a team with singular focus & delivering exceptional customer experience through relentless innovation – at the forefront of our digital transformation journey. Serious investment is made in your development.

Who you are

• A recent graduate from a Polytechnic or University with a Diploma or Degree in the relevant field (e.g., Cyber Security, IT, Computer Science).
• Possess a foundational understanding of common network tools (e.g., ping, traceroute, nslookup).
• Demonstrate knowledge of cyber defence policies and procedures.
• Familiar with SIEM and Intrusion Detection System (IDS) tools.
• Open to learning and quickly adapting to new technologies and techniques.
• Excellent communication skills and the ability to work effectively in a team.

Learning Objectives

This programme will provide you with:

• Hands-on experience in a 24/7 Security Operations Centre environment.
• In-depth knowledge of cybersecurity monitoring, analysis, and incident response.
• Practical skills in using industry-leading security tools and technologies.
• Exposure to a wide range of cyber threats and attack vectors.
• Opportunities to develop your analytical and problem-solving skills.

Who we are

As Singapore’s longest established bank, we have been dedicated to enabling individuals and businesses to achieve their aspirations since 1932. How? By taking the time to truly understand people. From there, we provide support, services, solutions, and career paths that meet their individual needs and desires.

Today, we’re on a journey of transformation. Leveraging technology and creativity to become a future-ready learning organisation. But for all that change, our strategic ambition is consistently clear and bold, which is to be Asia’s leading financial services partner for a sustainable future.

We invite you to build the bank of the future. Innovate the way we deliver financial services. Work in friendly, supportive teams. Build lasting value in your community. Help people grow their assets, business, and investments. Take your learning as far as you can. Or simply enjoy a vibrant, future-ready career. Your Opportunity Starts Here.

What we offer

Competitive base salary. A suite of holistic, flexible benefits to suit every lifestyle. Community initiatives. Industry-leading learning and professional development opportunities. Equal opportunity. Fair employment. Selection based on ability and fit with our culture and values. Your wellbeing, growth and aspirations are every bit as cared for as the needs of our customers.

Threat Intelligence Analyst
Apply locations IMD - Mapletree Business City, MBC BLK 10 time type Full time posted on Posted 12 Days Ago job requisition id JR- .
Responsibilities
Work with a team of Threat Intelligence analysts to maintain situational awareness for Infocomm and Media sectors.
Keep abreast with related threat groups’ tactics and techniques and produce timely, relevant and accurate cyber intelligence for our stakeholders.
Recommend and review intelligence requirements, collection sources to support intelligence analysis and production.
Research cyber threats affecting Telecommunication, Media infrastructure and systems and recommend mitigations to prevent and threat uses case/signature to detect related attacks.
Produce cyber intelligence products, briefings including specific (ad-hoc) threat report, monthly threat trends, annual threat landscape.
Support cyber incident investigation, threat and cyber security risk assessment, malware analysis, cyber exercises, with research and analysis.
Ensure processes are documented and updated.
Requirements
Background in Information Security; or Bachelor’s degree in engineering/Computer Science/Information Security or equivalent.
5 years or more experience as Threat Intelligence analyst, with 1 year or more experience leading the team.
Experience preparing and presenting threat briefings to information security and technology stakeholders in senior management, operations and to customers.
Experience publishing cyber threat or vulnerability research, writing cyber incident or threat assessment report, with MITRE ATT&CK tactics and techniques, indicators of attack/compromise and mitigations recommended.
Proficiency in Threat Intelligence Platforms and integrations with security solutions.
Knowledge in telecommunications, broadcast, media equipment and technologies, enterprise environments.
Experience with network traffic/log analysis, computer/mobile forensics or malware analysis.
Experience creating and improving threat detection query in Endpoint Detection and Response system is advantageous.
Knowledge of network and operating systems (Windows, Linux) security, cloud architecture or application security.
Relevant professional certifications including CREST CCTIM, CRTIA, CPTIA, GIAC GCFA, GREM, GCFE or GCIH.
Strong analytical skills with passion to overcome challenges.
Good communication and interpersonal skills.
#J-18808-Ljbffr

Join to apply for the
CYBER THREAT SECURITY ANALYST
role at
Lumen Technologies
Join to apply for the
CYBER THREAT SECURITY ANALYST
role at
Lumen Technologies
About Lumen
Lumen connects the world. We are igniting business growth by connecting people, data and applications – quickly, securely, and effortlessly. Together, we are building a culture and company from the people up – committed to teamwork, trust and transparency. People power progress.
About Lumen
Lumen connects the world. We are igniting business growth by connecting people, data and applications – quickly, securely, and effortlessly. Together, we are building a culture and company from the people up – committed to teamwork, trust and transparency. People power progress.
We’re looking for top-tier talent and offer the flexibility you need to thrive and deliver lasting impact. Join us as we digitally connect the world and shape the future.
The Role
The Cyber Threat Security Analyst role will focus on security event and incident monitoring, threat hunting, and deep analysis of threat information within SIEM environments, various log sources, and within security control technologies directly. The Security Analyst will work directly with customers to determine and communicate relevant risk and potential impact, as well as make recommendations for risk mitigation. This role will also provide direction for SIEM rule changes, customer escalations and inquiries, and help develop improved threat analysis process and procedures.
The Cyber Threat Security Analyst role is expected to participate in a shift schedule and on-call rotation to accommodate a global 24x7x365 Managed Threat Security Services program.
The Main Responsibilities
Perform security incident and event monitoring support, including deep dive data analysis and response
Develop and manage customer security event analysis notifications with thoughtful analysis details, evidence, conclusions, and recommendations
Respond and manage customer issues and questions regarding security events, including evidence supporting risk identification and recommended risk mitigation, via trouble ticket, email, and phone
Review threat detection rules and correlations, and make recommendations for improved fidelity
Qualifications & Skills
What We Look For in a Candidate
Required
Requires Bachelor’s degree in related field or equivalent combination of education and experience.
Possess strong customer service skills
Communicate effectively with managers, customers and vendors
Maintain solid working relationships, including collaborative technical activities with peers
Good written and verbal communication skills
Good analytical and problem-solving skills
Attention to detail with good organizational skills
Basic experience performing security monitoring, hunting, and analysis within SIEM platforms and security controls
Preferred
1 or more years in a Security Operations environment performing cyber threat hunting and incident response support
Security industry certifications (examples):
GIAC
CISSP
CRISC
CISM
Security+
CCNA
CEH
Basic knowledge and skills of at least one programming language (python preferred)
Compensation
What to Expect Next
Requisition #:
Background Screening
If you are selected for a position, there will be a background screen, which may include checks for criminal records and/or motor vehicle reports and/or drug screening, depending on the position requirements. For more information on these checks, please refer to the Post Offer section of our FAQ page. Job-related concerns identified during the background screening may disqualify you from the new position or your current role. Background results will be evaluated on a case-by-case basis.
Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.
Equal Employment Opportunities
We are committed to providing equal employment opportunities to all persons regardless of race, color, ancestry, citizenship, national origin, religion, veteran status, disability, genetic characteristic or information, age, gender, sexual orientation, gender identity, gender expression, marital status, family status, pregnancy, or other legally protected status (collectively, “protected statuses”). We do not tolerate unlawful discrimination in any employment decisions, including recruiting, hiring, compensation, promotion, benefits, discipline, termination, job assignments or training.
Disclaimer
The job responsibilities described above indicate the general nature and level of work performed by employees within this classification. It is not intended to include a comprehensive inventory of all duties and responsibilities for this job. Job duties and responsibilities are subject to change based on evolving business needs and conditions.
In any materials you submit, you may redact or remove age-identifying information such as age, date of birth, or dates of school attendance or graduation. You will not be penalized for redacting or removing this information.
Please be advised that Lumen does not require any form of payment from job applicants during the recruitment process. All legitimate job openings will be posted on our official website or communicated through official company email addresses. If you encounter any job offers that request payment in exchange for employment at Lumen, they are not for employment with us, but may relate to another company with a similar name.
Seniority level
Seniority level Entry level
Employment type
Employment type Full-time
Job function
Job function Information Technology
Industries Telecommunications
Referrals increase your chances of interviewing at Lumen Technologies by 2x
Sign in to set job alerts for “Cyber Security Analyst” roles.
Information Technology - Cyber Security Analyst (Scoot)
Information Security Analyst Level II - SIEM, Tues-Sat 7am-3pm
Graduate Hiring - Cybersecurity Engineer
Information Technology - Cyber Security Specialist (Risk and Governance)
Information Technology - Cyber Security Engineer (Threat Management and Incident Response) (Scoot)
Information Technology Security Engineer
Junior Specialist, Cyber Security Defense Operations
Information Security Analyst / IT Support Engineer
Intern - ONT, Information Security, Fall (July to Dec 2025)
Technology & Cyber Security Risk Analyst
Information Technology Security Engineer
Application Security Engineer (Pentester)
Security Operations Engineer (Shift) - 2 year contract
We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.
#J-18808-Ljbffr

Press Tab to Move to Skip to Content Link
Select how often (in days) to receive an alert: Create Alert
At Tetra Pak we commit to making food safe and available, everywhere; and we protect what's good – protecting food, protecting people, and protecting the planet. By doing so we touch millions of people's lives every day.
And we need people like you to make it happen.
We empower you to reach your potential with opportunities to make an impact to be proud of – for food, people and the planet.
The Incident Response (IR) Lead leads a 24/7 virtual team who monitor and respond to ISIRT major incidents. This role requires management of Incident Response activities and team communication with SOC analysts, SME and other IT technical personnel. This role is also required to work closely with stakeholders and cybersecurity’s leadership team. Additionally, the Incident Response Lead will ensure staff members prioritize their work related to suspected and confirmed incidents, which may vary in severity and impact. The Incident Response Lead will direct analysts to investigate, validate, remediate and communicate known details about the incident and is a point of contact for escalation.
Due to coverage requirements, this is a permanent position based in a country within the Asia time zone.
What you will do
Role and responsibilities:
The Incident Response Lead will analyze and organize to help the team rank complex work. As a central figure, Incident Response Lead brings order to a fast-paced, constantly evolving operation. Incident Response Lead to enforce policies, playbooks and methodologies, which have been adopted for the best course of action.
Personal, organizational, communication and analytical skills are vital, as well as the ability to communicate effectively with cybersecurity leadership. This role requires technical aptitude, and managers are also expected to be adept at working well with people who will be under stress and subject to burnout.
Key Responsibilities:

• Manage a team of incident responders for ISIRT response and interact with cybersecurity leadership and business stakeholders.
• Coordinate and ensure ISIRT incidents are prioritized at all hours of the day.
• Implement a cross-functional team of analysts working closely with cybersecurity, IT and developers.
• Serve as a point of escalation and incident commander.
• Review ISIRT incidents that may be related to ransomware, host compromise, account compromise, phishing, anomalous user behavior, third parties and data leakage.
• Ensure the ISIRT response team is following processes embraced by leadership and adhering to best practices.
• Measure and give feedback to the team to improve mean time to respond, key performance indicators (KPIs) and service-level objectives.
• Proactively adjust to upcoming company changes affecting the operation to modify ISIRT response processes.
• Possess advanced knowledge of attackers’ methods of escalation; lateral movement; and tactics, techniques and procedures.
• Present incident analysis and trend reporting to leadership, highlighting KPIs.
• Review events and process effectiveness and make recommendations for change to leadership.
• Require participation in ISIRT tabletop exercises designed to identify gaps, improve skills, enhance communication and engage with key stakeholders.
• Oversee IR playbooks, policies, procedures and guidelines to ensure they align with industry best practices.
• Collaborate with infrastructure, IT, vulnerability, threat intelligence and application security leads.
• Participate in monitoring internal and external events and stay tightly aligned with infrastructure and third-party, hosted, on-premises and end-user systems.
• Review and communicate ISIRT incident details from initial investigation through root cause analysis and post-mortem.
• Maintain operational rigor and recognize when team members need time away to refocus and refresh.
• Identify strengths and weaknesses in ISIRT team members and provide training to improve skills and knowledge.
• Remain current with emerging threats and share knowledge with colleagues to improve incident response. Perform other duties as assigned.

We believe you have
Strong organizational and team management skills are required to excel in this role, as well as previous experience in security administration, IR and security operations center (SOC) roles.
Seven-plus years’ experience in security administration and SOC, with three-plus years’ security IR.
Demonstrated experience leading people both in person and remotely distributed.
Self-aware and capable of remaining calm under intense pressure.
Strong written and oral communication skills across varying levels of the organization.
Excellent judgment and the ability to make quick decisions when working with complex situations.
Organized, with the ability to prioritize and respond within defined SLAs and maintain composure.
Understanding of threats and vulnerabilities, as well as principles of ISIRT incident response and chain of custody.
Knowledge with multiple solutions such as security orchestration, automation and response; SIEM; threat intelligence platform; directory services; malware sandboxes; vulnerability management; MITRE ATT&CK; IR playbooks; and endpoint/extended detection and response
Generally familiar with one or more but not limited to: NIST, ISO 27001, NIS 2, CRA
Track record of acting with integrity, taking pride in work, seeking to excel, and being curious and flexible.
High degree of integrity, trustworthiness, professionalism and character.
Education Requirements:
Bachelor’s degree preferred in cybersecurity, computer science, engineering or related field.
Certification in CRISC, CISSP, CISA, CISM will be a plus.
We Offer You
A variety of exciting challenges with ample opportunities for development and training in a truly global landscape
A culture that pioneers a spirit of innovation where our industry experts drive visible results
An equal opportunity employment experience that values diversity and inclusion
Market competitive compensation and benefits with flexible working arrangements
Apply Now
If you are inspired to be part of our promise to protect what’s good; for food, people, and the planet, apply through our careers page at .
If you have any questions about your application, please contact
Ephraim Kwa .
Diversity, equity, and inclusion is an everyday part of how we work. We give people a place to belong and support to thrive, an environment where everyone can be comfortable being themselves and has equal opportunities to grow and succeed. We embrace difference, celebrate people for who they are, and for the diversity they bring that helps us better understand and connect with our customers and communities worldwide.
#J-18808-Ljbffr

Overview
We are seeking a highly skilled and experienced Senior SOC Analyst to join our Cyber Threat team in the Security Operations Center (SOC). The Global SOC operates in a 24x7, follow the sun model and is the firm's first line of defense against evolving cyber threats, ensuring the safety and integrity of our digital assets. This role requires a deep understanding of SOC processes, incident response, reviewing content/use cases and security automation. As a senior analyst, the role would require coaching junior analysts in SOC and providing critical support to management in handling cyber security incidents.
Responsibilities
Analyze security events to identify potential threats and intrusions. Events include but are not limited to Intrusion Detection/Prevention tools, anomaly detection systems, firewalls, antivirus and EDR systems, proxy devices, cloud security solutions, and data leakage prevention systems.
Act as a Level 2 escalation point for incident triage, investigation, and response.
Perform a holistic use case review and tuning to enhance monitoring value and efficiency.
Develop and maintain advanced security monitoring content such as detection rules, correlation use cases, and security alerts.
Implement and optimize security automation to improve process efficiency and response times.
Lead incident response activities including root cause analysis, containment and remediation efforts.
Collaborate with security infrastructure teams to ensure effective integration of security technologies with operational processes.
Create and maintain comprehensive documentation for SOC procedures.
Participate in/support cyber drills, regulatory, and audit requests.
Provide mentorship for junior analysts within the SOC team.
Stay updated with the latest cybersecurity trends, emerging threats, and technologies.
Qualifications and desired qualities
Bachelor’s degree or higher; major in Cybersecurity is a plus.
Certifications: GCIA, GCIH, CISSP, CISM, GSEC or similar certification preferable.
Strong investigative and analytical mindset with attention to detail.
Team player, self-driven, and able to act as an individual contributor.
Clear and concise written and verbal communication.
Ability to manage work relationships with peers and partners.
Work Experience
8+ years of relevant experience in cybersecurity operations.
Security Operations Center experience required.
Understanding of the lifecycle of network threats, web attacks, attack vectors, methods of exploitation, and awareness of the evolving cyber threat landscape.
Ability to conduct analysis utilizing various logs to identify unusual behavior that may indicate malicious activity.
Good understanding of computer networks, email flow, and operating system logs.
Experience with automation and scripting, preferably PowerShell/Python.
Experience in XSOAR platforms.
We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.
Citi is an equal opportunity employer, and qualified candidates will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, status as a protected veteran, or any other characteristic protected by law. If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity, please review Accessibility at Citi. View Citi’s EEO Policy Statement and the Know Your Rights poster.
#J-18808-Ljbffr