316 Threat Detection jobs in Singapore

• Threat Detection: Monitor various security systems, including SOC, AV, EDR, ITD, Endpoint Security, IDS/IPS, WAF, SIEM, and other security technologies to identify potential threats.
• Incident Response: Investigate security events and incidents, analyze security logs, and coordinate with relevant teams to contain the incident.
• Vulnerability Management: Oversee vulnerability notices, assessments, and penetration testing to identify weaknesses in our systems and networks.
• Security Tool Maintenance: Manage and maintain security tools and technologies, ensuring they are properly set up and configured to mitigate potential risks.
• Security Policy Enforcement: Enforce security policies and procedures across the organization to ensure employees follow best practices and adhere to relevant security standards.

• Education: Bachelor's degree in Computer Science, Information Technology, or a related field is preferred.
• Experience: 3-5 years of experience in security roles, preferably within a security workforce or operations team.
• Skills: Familiarity with SIEM tools, security technologies, and common cyber-attack techniques is essential.
• Certifications: Relevant certifications, such as CEH or CISM, are an added advantage.

Embrace the challenge of maintaining robust digital security, driving operational excellence, and implementing cutting-edge solutions in cybersecurity.

As a Security Operations Vice President in Cybersecurity & Tech Controls, you will contribute significantly to safeguarding the organization's digital assets and infrastructure by proactively detecting, assessing, and responding to threats, vulnerabilities, and security incidents. This team is responsible for enhancing the firm's ability to assess and mitigate Insider Threat Technology Risk through advanced pattern-based and behavior-based detections. This expanded team, known as Global Technology Insider Threat, acts as the central authority for assessing Insider Risks within the Global Technology domain, serving as the primary point of contact for all technological Insider Threat detections and referrals. Our commitment is to proactively hunt insider threats using cutting-edge intelligence, develop sophisticated detection logic, and implement behavior-based detections to safeguard the firm's invaluable assets and data. By leveraging the expertise of our broader

Cybersecurity Operations and Global Security teams, we ensure swift and effective incident response. Our goal is to foster a secure and resilient IT environment, maintaining the highest standards of protection and trust for our organization.

Job responsibilities

• Execute and influence the design of comprehensive security strategies, policies, and procedures to enhance threat detection capabilities and protect the organization's digital assets and infrastructure from cybersecurity threats.

• Proactively monitor and analyze complex data and systems to identify indicators of vulnerabilities and compromises, utilizing advanced tools and techniques to detect anomalies and contribute to the development of strategies for security investigation, threat mitigation, and incident response.

• Collaborate with cross-functional teams to ensure a coordinated approach to security, sharing insights, and promoting best practices across the organization.

• Evaluate and enhance the organization's security posture by staying current with industry trends, emerging threats, and regulatory requirements, driving innovation and process improvements.

• Utilize various data elements from a library of control objectives and procedures, threat behavior and likelihood assessments, prevention and detection policies, and security log data feeds to identify potential insider threats. Recommend appropriate mitigation strategies based on your analysis.

• Actively search for insider threats using advanced intelligence and sophisticated correlation searches to protect the firm's assets and data.

• Create and implement customized pattern-based and behavior-based detection strategies to identify and mitigate insider threats within the organization.

Required qualifications, capabilities, and skills

• Bachelor’s Degree in Computer Science, Cybersecurity, Data Science, or related disciplines

• Formal training or certification on security concepts and 5+ years of applied experience in cybersecurity operations, with a focus on threat detection, incident response, and security infrastructure management.

• Demonstrated expertise in multiple security domains, including network security, malware analysis, threat hunting, and security architecture and design, with proficiency in using Security Information and Event Management (SIEM) tools and advanced analytics techniques.

• Advanced knowledge of network and infrastructure configuration/security, including experience in designing and implementing security solutions for on-prem, cloud, or hybrid environments.

• Good hands on experience in designing and implementing user behavior analytics (UBA) and AI/ML methodologies to detect anomalies.

• Proficient in identifying attacks through log analysis and develop and maintain insider threat detection tools and methodologies.

• Good working knowledge of designing and automating security workflows, working with cloud services, containerization, and orchestration tools.

• Good understanding of cybersecurity organization practices, operational risk management processes, security controls, architectural design, engineering threat detections, and incident response methodologies.

Preferred qualifications, capabilities, and skills

• Experience in security operations, detection engineering, and risk management.

• Experience in automation and cloud technologies.

• Experience with statistical models, data loss prevention, and both endpoint and network security.

• Certifications such as CISSP, CISM, or SANS (GCIA, GCIH, GCDA, GDAT).

• Experience in the financial services or similar industry and their IT systems.

To apply for this position, please use the following URL:

Embrace the challenge of maintaining robust digital security, driving operational excellence, and implementing cutting-edge solutions in cybersecurity.

As a Security Operations Vice President in Cybersecurity & Tech Controls, you will be a technical leader in our Cyber Defense function, enhancing our capabilities to detect, prevent, and disrupt sophisticated cyber threats across a complex hybrid enterprise. You will design scalable detection solutions and play a key role in our detection-as-code framework, ensuring comprehensive coverage across endpoints, networks, cloud infrastructure, and critical business systems. Collaborating closely with Security Operations Center (SOC) analysts, threat hunters, red team members, and internal security engineering teams, you will develop scalable, high-fidelity detections using logs, telemetry, and behavioral analytics from diverse data sources. The ideal candidate will have SOC experience, a passion for researching TTPs and the threat landscape, and the ability to translate this research into high-quality detections.
As a technical lead, your responsibilities will include advanced analysis, threat hunting, evaluating new security technologies, and ensuring the integration of larger technology projects into the Cyber Defense team and monitoring function. You will apply advanced analytical, technical, and problem-solving skills to achieve operational excellence and implement innovative solutions to tackle complex security challenges.

Job responsibilities

• Design, implement, and continuously refine advanced threat detection rules, logic, and models in SIEM, EDR, and cloud-native platforms (e.g., Splunk, Sentinel, CrowdStrike, AWS/Azure/GCP).
• Continuously refine detection strategies based on evolving TTPs (MITRE ATT&CK), threat intelligence, and red/purple team feedback.
• Utilize detection-as-code pipelines and SRE principles to build and maintain detections with appropriate versioning, QA, and testing workflows.
• Perform threat model reviews, architecture reviews and detection gap assessments.
• Operationalize MITRE ATT&CK mappings, threat intel insights, and adversary simulation results to develop precise detection logic.
• Map detection coverage against evolving threat landscapes aligning with industry frameworks and internal threat profiles.
• Partner with Threat Intelligence, Red Team, and Incident Response teams to close the feedback loop between detection hypotheses and real-world adversary behavior.
• Evaluate new telemetry sources and support the onboarding, normalization, and enrichment of log sources to ensure high-fidelity data for detection and analytics.
• Mentor junior analysts and engineers in detection logic design, telemetry analysis, and security operations best practices.
• Evaluate and enhance the organization's security posture by staying current with industry trends, emerging threats, and regulatory requirements, driving innovation and process improvements.

• Bachelor's Degree in Computer Science, Cybersecurity, Data Science, or related disciplines
• 5+ years of experience in cybersecurity with a core focus on threat detection, security engineering, or SOC operations.
• Expertise in SIEM platforms (e.g., Splunk SPL, KQL, Elastic) with a strong command of query optimization, dashboarding, and alert logic development.
• Advanced understanding of attacker TTPs, malware behaviors, lateral movement techniques, and financial-sector-specific threat actors.
• Experience with threat hunting on a large, enterprise network both as an individual and leading hunting exercises with other team members.
• Deep familiarity with telemetry from EDRs, Cloud logging (e.g., AWS, Azure, GCP), Windows/Linux event logs, identity platforms (e.g., Azure AD), and public cloud services.
• Ability to research TTPs, analyze raw log and develop high fidelity detections in various tools/languages.
• Proven experience collaborating with SOC, IR, threat intel, or red teams in a fast-paced environment.
• Strong grasp of security frameworks and taxonomies including MITRE ATT&CK, Cyber Kill Chain, NIST, and SIGMA/YARA formats.
• Proficiency in scripting languages such as Python or PowerShell to support automation and enrichment tasks.
• Experience creating and working with Jupyter Notebooks to automate workflows and processes.

• Experience with detection-as-code methodologies and tools (e.g., Git-based pipelines, CI/CD for security content).
• Background in cloud security (AWS/GCP/Azure), particularly around detection and log correlation in IaaS and SaaS environments.
• Familiarity with SOAR platforms, and anomaly-based detection techniques.
• Experience leveraging Large Language Models (LLMs) for security use cases such as log parsing, alert triage, threat narrative generation, or threat intelligence summarization.
• Experience in integrating LLMs into detection workflows to enhance context enrichment, rule generation, or automated investigation support.

1 day ago Be among the first 25 applicants

• 12 months contract
• Onsite work arrangement (first 6 months)
• Work location: Pasir Panjang
  
  

• Person will be responsible preparing the Vulnerability Management Plan and the executes plan through all the phases of Vulnerability Management Lifecycle.
• Ensures that the Vulnerability scans are scheduled, configured in tool and are executed as per the schedule. Any failure of scans is to be investigated and schedule to re-run;
• Conducts periodical discovery of IT Assets and ensures that identified assets are highlighted to CMDB owner for appropriate Asset tagging and also onboards the new asset in Vulnerability Management tool;
• Assess the identified vulnerabilities and study & understand the risk profile, impact as per environmental context;
• Participate and coordinate the discussions with Infrastructure and Application teams and advise them the relevance of vulnerability and help them understand the impact;
• Understand the false positives reported and the technical limitations of the environment and facilitate the process of Risk Acceptance.
• Person will be responsible to liaise with various stakeholders for proposing and maintaining the approvals for such cases;
• Collaborate with Infrastructure teams- Windows, Unix, Networks etc. for the remediation of the identified vulnerabilities.
• Maintain the Vulnerability Dashboard for the scope and submits reports both of Technical teams and Management Reporting;
• Organize work in order to achieve compliance to established KPIs for Vulnerability Management and proactively work towards achieving the same. Maintain periodical reporting on the progress;
• Escalate- discuss and consult- as required to next levels and Management in timely manner;
• Provide Specialist level for the Vulnerability Management service;
• Lead the Penetration testing remediation planning with cross functional teams;
• Conduct new threat exposure scanning across the asset scope and advise the applicability and lead remediation exercises with cross functional teams;
• Participate in meetings with various stake holders as per the schedules;
• Liaise with different teams in different geographical zones;
• Propose, plan and execute Service improvements initiatives;
• Adhere to different policies set out by the organization;
• Prepare and provide different reports (weekly/monthly/ad-hoc) to the Manager as necessary;
• Maintain appropriate knowledge required for successful and efficient delivery of the responsibilities;
• Keeping abreast of new threats and vulnerabilities and provide analysis as per applicability;
• Comply with all applicable legal, regulatory and internal Compliance requirements, including, but not limited to, the Singapore Compliance manual and Compliance policies and procedures as issued from time to time; Financial Security requirements, including, but not limited to, the prevention of Financial Crime and Fraud including reporting obligations to the Money Laundering Reporting Officer.
  
  

• 8 -10 years of IT experience with 4-7 years of IT Security experience and 4+ years of experience in managing Vulnerability Management process for an enterprise.
• Professional Certifications (highly preferred)
  
  

• GIAC Enterprise Vulnerability Assessor (GEVA), or any other Vulnerability Management Certification
• CREST certification
• Working & hands-on experience in managing Vulnerability Management process;
• Strong technical understanding and experience assessing vulnerabilities and identifying weaknesses in multiple operating system platforms, networks, database, and application servers.
• Ability to assess vulnerabilities and prioritize remediation planning;
• Experience in working collaboratively with cross-functional/transverse IT teams in Production setup (Operations) mode;
• Ability to apply Risk based approach while working on assigned responsibilities;
• Must have working experience in administrating and operating Tenable (Nessus) Security Center vulnerability management tool for a Large enterprise level environment;
• Good understanding of Reporting needs at various levels of organization and ability to design, create and present the same;
• Hands-on experience of creating reports using various tools such as Excel, PowerPoint, Word in graphical formats, trending;
• Experience in working with any BI tools like Power BI etc. to prepare the dashboard;
• Knowledge of different domains of Information Security;
• Working experience in financial organization is highly preferred;
• Excellent in analytical, communication and documentation skills;
• Ability to organize work and be able to priories work as per the Operation’s needs;
• Must have strong understanding of ITIL processes and comfortable working in process-oriented environment;
• Ability to work independently and as well as a part of team and is able to work under minimal supervision;
• Should have time management skills and able to manage work in fast moving environment;
  
  

• Seniority level Mid-Senior level

• Employment type Contract

• Job function Other
• Industries Staffing and Recruiting

Referrals increase your chances of interviewing at Peoplebank by 2x

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

Job description:

• Work cross-functionally with different teams to identify and assess vulnerabilities
• Guide users through the full remediation lifecycle in a timely fashion
• Utilize programming language to analyze big data dump related to systems and applications to extract key information for vulnerability impact analysis
• Analyze and propose for improvement on the security of the company’s products and services
• Stay up to date on emerging security vulnerabilities and threats

Requirements:

• BS in Computer Science, Information Technology, Information Security, or related field
• 3 years experience in information security or related field
• Self-Starter with experience supporting a global team across different time zone
• In-depth understanding of vulnerability scanning tools like Tenable, Qualys, etc.
• Familiarity with common security vulnerabilities and the ability to judge their severity and impact to the business
• Ability to analyze vulnerabilities and understand criticality to provide remediation guidance
• Ability to communicate, support and drive remediation for identified vulnerabilities independently
• Ability to run proof of concept for known vulnerabilities
• Demonstrable understanding of IPv4 and IPV6 networks
• Familiar with one or more of the following programming languages: Python, Go, Rust, and/or Bash scripting
• Experience with SQL and Linux
• Experience with penetration testing is a plus
• Proficient in source code review
• Keen interest in network, system, and web security

Job description:

• Work cross-functionally with different teams to identify and assess vulnerabilities
• Guide users through the full remediation lifecycle in a timely fashion
• Utilize programming language to analyze big data dump related to systems and applications to extract key information for vulnerability impact analysis
• Analyze and propose for improvement on the security of the company’s products and services
• Stay up to date on emerging security vulnerabilities and threats

Requirements:

• BS in Computer Science, Information Technology, Information Security, or related field
• 3 years experience in information security or related field
• Self-Starter with experience supporting a global team across different time zone
• In-depth understanding of vulnerability scanning tools like Tenable, Qualys, etc.
• Familiarity with common security vulnerabilities and the ability to judge their severity and impact to the business
• Ability to analyze vulnerabilities and understand criticality to provide remediation guidance
• Ability to communicate, support and drive remediation for identified vulnerabilities independently
• Ability to run proof of concept for known vulnerabilities
• Demonstrable understanding of IPv4 and IPV6 networks
• Familiar with one or more of the following programming languages: Python, Go, Rust, and/or Bash scripting
• Experience with SQL and Linux
• Experience with penetration testing is a plus
• Proficient in source code review
• Keen interest in network, system, and web security

We are seeking a skilled Vulnerability Management Specialist to join our team.

The ideal candidate will have experience in identifying, assessing, and remediating vulnerabilities in a timely manner. They will work closely with cross-functional teams to analyze and prioritize vulnerability threats, guide users through the full remediation lifecycle, and utilize programming skills to analyze big data related to systems and applications.

• Collaboration: Collaborate with cross-functional teams to analyze and prioritize vulnerability threats
• Remediation Guidance: Guide users through the full remediation lifecycle to ensure effective vulnerability management
• Data Analysis: Utilize programming skills to analyze big data related to systems and applications, extracting key information for vulnerability impact analysis
• Improvement Proposals: Analyze and propose improvements to enhance the security of products and services
• Automation: Perform scripting to automate vulnerability scanning, reporting, and remediation workflows

• Education: Bachelor's degree in Computer Science, Information Technology, Information Security, or related field
• Experience: 3+ years of experience in information security or related field
• Programming Skills: Proficient in at least one or more programming languages: Python, Go, Rust, Bash scripting
• Vulnerability Scanning Tools: In-depth understanding of vulnerability scanning tools like Tenable, Qualys
• Vulnerability Management: Understanding of vulnerability management across network infrastructure and host systems
• Security Vulnerabilities: Familiarity with common security vulnerabilities and ability to judge severity and impact
• Analytical Skills: Ability to analyze vulnerabilities and provide remediation guidance
• Penetration Testing: Experience with penetration testing, source code review, and web security

This role offers opportunities for growth and development in a dynamic and supportive environment.

Please note that all applicants must be eligible to work in their respective countries.

We are seeking a skilled Vulnerability Management Specialist to join our team. The successful candidate will be responsible for leading and managing vulnerability management activities across the organization.

This role involves working closely with cross-functional teams to identify, assess, and remediate vulnerabilities in our infrastructure. You will be expected to provide expert-level guidance on vulnerability assessment and remediation methodologies, as well as proficiency in vulnerability management tools such as Qualys.

The ideal candidate will have strong leadership and project management skills, with a proven track record of successfully managing hybrid projects. Excellent interpersonal and communication skills are also essential, as you will be required to influence and motivate stakeholders at all levels.

• Deep understanding of vulnerability assessment and remediation methodologies
• Proficient in infrastructure security best practices, technologies, and security concepts
• Expertise in vulnerability management tools (e.g. Qualys)
• Strong leadership and project management skills
• Excellent interpersonal and communication skills

This role offers a competitive salary and benefits package, as well as opportunities for professional growth and development. If you are a motivated and experienced vulnerability management specialist looking for a new challenge, we encourage you to apply.

Familiarity with security compliance frameworks such as PCI-DSS, ISO 27001 is an asset.

Attractive Incentives

Family friendly environment

Near MRT

Job Description:

• Take full ownership of Tenable and Nexus as an administrator, ensuring accurate scanning, troubleshooting issues, and optimising configurations.
• Administer, maintain, and enhance security technologies including IDS/IPS, DLP, PAM, IAM, NGFW, and email defenses.
• Support and participate in VAPT, Red Team exercises, table-top drills, and security-by-design reviews for new solutions.
• Act as first-level technical support, work directly with vendors to resolve issues, and make informed procurement and configuration decisions.

Requirements:

• At least a degree in computer science or relevant certifications.
• At least 5 year of related experience in cybersecurity operations.
• Familiar with cybersecurity tools, programming/scripting (Python, PowerShell), IT infrastructure, and OS knowledge (Linux, Unix, Windows).

To apply, please include the following details inside your CV for faster processing:

• Reasons for leaving each past & current employment
• Salary drawn for each past & current employment
• Expected Salary
• Earliest availability date

We regret that only short-listed candidates will be contacted shortly.

Loh Puay Hwee David

EA License | 24C2215

EA Registration Number | R1766892