166 Vulnerability Assessments jobs in Singapore

Select how often (in days) to receive an alert:

NCS is a leading technology services firm that operates across the Asia Pacific region in over 20 cities, providing consulting, digital services, technology solutions, and more. We believe in harnessing the power of technology to achieve extraordinary things, creating lasting value and impact for our communities, partners, and people. Our diverse workforce of 13,000 has delivered large-scale, mission-critical, and multi-platform projects for governments and enterprises in Singapore and the APAC region.

As a Security Analyst, this incumbent will perform initial analysis (e.g. analysing and reviewing alerts, eliminating false positives and determining severity of threats) to determine impact of compromise

What will you do?

• Perform initial analysis (e.g. analysing and reviewing alerts, eliminating false positives and determining severity of threats) to determine impact of compromise
• Conduct basic investigations of security events, including malware infections and unauthorized access attempts.
• Determine the nature, mechanisms and scope of incident by performing event correlation and historical searches to determine the extent of a security compromise
• Escalate complex or highly suspicious alerts for further investigation and response.
• Record details of all activities, including investigations performed, findings and remediation steps taken.
• Collects data, evidence, and context necessary for further escalation.
• Perform event correlation across the In-Scope Institutions to identify similar attack pattern and spread of attack.
• Handling case management, generating tickets and reports when required, and tracking open tickets until closure

The ideal candidate should possess:

• Bachelor’s degree in Information Technology, Cybersecurity, Computer Science, or related field.
• Able to commit to permanent night shifts
• Team player and able to work independently.
• Experience in analysing data and review alerts

We are driven by our AEIOU beliefs—Adventure, Excellence, Integrity, Ownership, and Unity —and we seek individuals who embody these values in both their professional and personal lives. We are committed to our Impact: Valuing our clients, Growing our people, and Creating our future .

Together, we make the extraordinary happen .

Learn more about us at ncs.co and visit our LinkedIn career site.

Select how often (in days) to receive an alert:

NCS is a leading technology services firm that operates across the Asia Pacific region in over 20 cities, providing consulting, digital services, technology solutions, and more. We believe in harnessing the power of technology to achieve extraordinary things, creating lasting value and impact for our communities, partners, and people. Our diverse workforce of 13,000 has delivered large-scale, mission-critical, and multi-platform projects for governments and enterprises in Singapore and the APAC region.

As a Security Analyst, this incumbent will perform initial analysis (e.g. analysing and reviewing alerts, eliminating false positives and determining severity of threats) to determine impact of compromise

What will you do?

• Perform initial analysis (e.g. analysing and reviewing alerts, eliminating false positives and determining severity of threats) to determine impact of compromise
• Conduct basic investigations of security events, including malware infections and unauthorized access attempts.
• Determine the nature, mechanisms and scope of incident by performing event correlation and historical searches to determine the extent of a security compromise
• Escalate complex or highly suspicious alerts for further investigation and response.
• Record details of all activities, including investigations performed, findings and remediation steps taken.
• Collects data, evidence, and context necessary for further escalation.
• Perform event correlation across the In-Scope Institutions to identify similar attack pattern and spread of attack.
• Handling case management, generating tickets and reports when required, and tracking open tickets until closure

The ideal candidate should possess:

• Bachelor’s degree in Information Technology, Cybersecurity, Computer Science, or related field.
• Able to commit to permanent night shifts
• Team player and able to work independently.
• Experience in analysing data and review alerts

We are driven by our AEIOU beliefs—Adventure, Excellence, Integrity, Ownership, and Unity —and we seek individuals who embody these values in both their professional and personal lives. We are committed to our Impact: Valuing our clients, Growing our people, and Creating our future .

Together, we make the extraordinary happen .

Learn more about us at ncs.co and visit our LinkedIn career site.

The Cyber Security Analyst is responsible for safeguarding the organization’s digital assets by identifying and mitigating potential security risks, monitoring network activity for unusual behaviour, and responding to incidents. This role requires a strong understanding of security best practices, hands-on experience with various security tools, and the ability to respond quickly and effectively to emerging threats.

A key focus of this role is on the effective management and optimization of the Security Information and Event Management (SIEM) system, ensuring it provides actionable intelligence for rapid threat response. This role will require strong analytical skills, good collaboration skills, detailed working knowledge of current and emerging security technologies, and the ability to correlate events to identify abnormal behaviour.

•

Responsible to ensure accurate and rapid response to security events

•

Analyze security logs, SIEM alerts, and incident reports to identify and mitigate risks.

•

Respond to and investigate security incidents, including breaches, malware outbreaks, and phishing attacks. Monitor networks and systems for security breaches, alerts, and anomalous activity.

•

Conduct root-cause analysis to prevent future incidents and develop incident response procedures.

•

Provide analysis and trending of security log data from various security devices

•

Configure and maintain SIEM tools to align with the organization’s security objectives and threat landscape.

•

Create custom SIEM dashboards and reports for different stakeholders to visualize critical security metrics and incident data.

•

Develop and optimize SIEM content, including rules, alerts, and correlation logic, to improve threat detection and response.

•

Regularly review and tune SIEM rules to reduce false positives, enhance event correlation, and maintain relevance to evolving threats.

•

Document and update SIEM processes and configurations, ensuring a high level of data accuracy and availability.

•

Perform regular vulnerability scans and assist in patch management processes. Work with IT teams to prioritize and remediate them.

•

Recommend solutions to mitigate risks in any activity that may potentially impact security of existing IT and information management

•

Ensure compliance with industry regulations (e.g. GDPR, ISO 27001) and company policies.

•

Assist in the development, implementation, and maintenance of security policies, standards, and guidelines.

•

Assist in training staff on security best practices, including phishing awareness and data protection.

•

Help develop educational materials and conduct periodic security awareness training.

•

Advise and consult internal/ external customers on risk assessment, threat modelling and vulnerability management. Perform risk assessments and recommend security measures to mitigate potential risks.

•

Document risks, vulnerabilities, and remediation strategies in a detailed risk management report.

•

Maintain up-to-date knowledge of the IT security industry, including awareness of new or revised security solutions, improved security processes and development of new attacks and threat vectors

•

Manage and optimize security tools, such as firewalls, antivirus software, and intrusion detection/prevention systems (IDPS).

•

Perform 1st level troubleshooting on servers and network issues with regards to log collection/ security tools

•

Generate reports on security metrics, incidents, and remediation efforts for management.

•

Maintain accurate documentation of incidents, security changes, and system configurations.

•

Any other ad-hoc duties as required or assigned.

•

Strong knowledge of cybersecurity principles, practices, and technologies.

•

Expertise in SIEM tools and content management, including rule creation, alert tuning, and report customization.

•

Proficiency with security tools like firewalls, IDPS, antivirus, and vulnerability scanners.

•

Knowledge of scripting (Python, PowerShell) for automation within the SIEM environment is a plus.

•

Ability to analyze and interpret security data to identify vulnerabilities and potential threats.

•

Excellent communication skills, with the ability to explain complex security concepts to non-technical stakeholders.

•

Strong analytical skills and attention to detail.

•

Ability to work on-call or off-hours as needed to respond to security incidents.

•

May require occasional travel for training or workshop.

•

Bachelor Degree or Advanced Diploma in Computer Science, Information Technology, Cybersecurity from a recognized university or related field (or equivalent experience)

•

At least 1-3 years in a cybersecurity role, with hands-on experience in SIEM content management, network security, threat monitoring, or incident response.

•

Experience in the application of threat modelling or other risk identification techniques

•

Detailed knowledge of system security vulnerabilities and remediation techniques, including penetration testing and the development of exploits

•

Breadth of knowledge in information security space with emphasis on TCP/IP network security, operating system security, common attack patterns and exploitation techniques

•

Relevant certifications (e.g., CompTIA Security+, Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), GIAC Security Essentials (GSEC)) are a plus

•

Effective leadership skills and a team player

•

Strong sense of ownership and drive

1 year ago Be among the first 25 applicants

Get AI-powered advice on this job and more exclusive features.

Job Description

Develop and continually refine the security framework, information security policies, processes, procedures, and guidelines.

Ensure compliance with these policies and procedures through regular security reviews and audits, including log analysis and security assessments of customer ICT systems.

Conduct security risk management exercises and table-top exercises.

Perform vulnerability assessments and coordinate penetration testing activities.

Deliver information security awareness training.

Develop and manage the customer’s security incident response plan.

Lead and support the customer in resolving and responding to security incidents.

Serve as the primary point of contact and advisor for the customer on ICT security-related matters.

Manage project activities and deliverables during the implementation phase.

Job Requirements

Minimum of 5 years of experience in IT security.

Experience with networks, servers (Windows and UNIX), and databases.

Proven track record in IT security auditing and security assessments.

Proficient in analyzing logs from various sources and understanding protocols and traffic flows.

Knowledge of Active Directory, endpoint protection solutions, Early Detection and Response solutions, Database Activity Monitoring tools, and SIEM.

Adaptable, team-oriented, and proactive personality.

Ability to independently organize and plan work.

Capable of working effectively in a rapidly changing environment.

Strong multi-tasking skills and the ability to switch contexts effectively between different activities and teams.

CISSP, CISM, Security+, or other relevant IT security certifications (e.g., Imperva, Carbon Black) are advantageous.

EA Licence No.:18S9405 / EA Reg. No.:R1330864

Skills & Competencies

IT security,CISSP,CISM,Security+

• Seniority level Mid-Senior level

• Employment type Full-time

• Job function Information Technology
• Industries IT Services and IT Consulting

Referrals increase your chances of interviewing at Percept Solutions by 2x

Get notified about new Information Security Analyst jobs in Singapore .

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

• Lead in-depth investigations to uncover abuse tactics, product vulnerabilities, and process gaps.
• Analyse large datasets to identify signals and patterns linked to fraud and abuse.
• Reverse-engineer scaled attacks and develop rapid-response mitigation strategies.

We are seeking a skilled and driven professional to join our Business Integrity team, focusing on identifying and mitigating fraud and abuse within business products. This role involves investigative work, data analysis, and cross-functional collaboration to uncover and address complex abuse patterns. If you are passionate about protecting users and businesses from harm and thrive in fast-paced, dynamic environments, this opportunity is for you.

Key Responsibilities:

·Lead in-depth investigations to uncover abuse tactics, product vulnerabilities, and process gaps.

·Analyse large datasets to identify signals and patterns linked to fraud and abuse.

·Reverse-engineer scaled attacks and develop rapid-response mitigation strategies.

·Prototype workflows and enforcement rules to disrupt ongoing abuse.

·Collaborate cross-functionally with Engineering, Product, and Operations teams to develop scalable solutions.

·Investigate networks of malicious actors, including off-platform research.

·Occasionally accommodate flexible working hours to collaborate with global teams.

Qualifications:

·2+ years of experience in investigative analysis or similar roles.

·1+ year of hands-on experience with SQL for data analysis and reporting.

·Experience with scripting languages such as Python, PHP, or R.

·Strong critical thinking and problem-solving skills.

·Ability to manage and own projects independently with minimal supervision.

·Excellent organizational, documentation, and presentation skills.

·Familiarity with trust and safety, online fraud investigations, or cybersecurity is a plus.

·Ability to think like an adversary and anticipate threat actor behaviour.

·Comfortable working across time zones and adapting to a dynamic work environment.

We regret to inform that only shortlisted candidates will be notified.

EA Registration No: 10C4544, Lim Jing Kai, Russell

Allegis Group Singapore Pte Ltd, Company Reg No. 200909448N, EA License No. 10C4544

XTX Markets is a leading algorithmic trading firm which uses state-of-the-art machine learning technology to produce price forecasts for over 50,000 financial instruments across equities, fixed income, currencies, commodities and crypto. It uses those forecasts to trade on exchanges and alternative trading venues, and to offer differentiated liquidity directly to clients worldwide. The firm trades over $250bn a day across 35 countries and has over 250 employees based in London, Singapore, New York, Paris, Bristol, Mumbai, Yerevan and Kajaani.

We leverage the talent of the people who work here, modern computational techniques and state-of-the-art research infrastructure to analyse large data sets across markets quickly and efficiently, to maximize the effectiveness of our proprietary trading algorithms. We are actively seeking new methods and ideas. The models that drive our trading strategies have evolved considerably over the last 10 years, from econometric methods that gave our company its name, to trees, to neural networks, to modern deep learning architectures.

XTX Markets has an unrivalled level of computational resources in the trading industry, with a growing research cluster currently containing over 25,000 GPUs with 650 petabytes of usable storage. Teams across the firm include world-class researchers with backgrounds in pure math, programming, physics, computer science and machine learning. The firm is also constructing a large-scale data centre in Finland to future-proof its significant computational capabilities.

At XTX Markets technology is our business and we are a diverse organization which attracts outstanding talent from across all industry backgrounds. We are focused on teamwork and our people collaborate on all aspects of the business, working openly and with respect for each other, our clients and the market. Our culture is non-hierarchical and one where everyone is valued. We strive for excellence in everything we do.

The Team

The Information Security team at XTX Markets are accountable for all aspects of the firm’s physical and IT security. From obtaining and transforming events and signals into actionable intelligence to helping design and implement authentication/authorisation systems, alongside third-party risk assessment and global regulatory compliance. This role is based in our Singapore office, and you will work closely with the Risk and Information Security teams in our London HQ.

The Role

As our first Information Security Analyst, you’ll work to ensure that XTX Markets’ data and infrastructure meet – and, where appropriate, exceed – the requirements of global regulators and auditors.

You will:

• Develop and automate compliance workflows (detection, analysis, business justifications, evidence-gathering).
• Liaise with external auditors to resolve findings and document compensating controls.
• Manage third-party/vendor risk assessments and ongoing security reviews.

You’ll also have opportunities to contribute across the security function: improving our vulnerability-management program, enhancing our detection framework, and helping triage and respond to security alerts. You will actively collaborate with a range of stakeholders within the firm.

• 3+ years in Information Security, with a focus on audit/compliance.
• Programming/scripting skills (e.g. Python, PowerShell) particularly for automating repeatable tasks.
• Strong written and verbal communication skills.
• Rapid learner with outstanding attention to detail.
• Self-starter: able to work autonomously, prioritise tasks, and admit mistakes.
• Able to write clear, succinct business justifications and technical documentation.
• Hands-on proficiency with vulnerability management/compliance platforms (e.g. Tenable Nessus).
• Familiarity with Indian information-security regulations and audit practices (SEBI, NSE, etc.)
• An academic foundation in computer science or a related subject would be beneficial.

• Seniority level Associate

• Employment type Full-time

• Job function Information Technology
• Industries Financial Services and Capital Markets

Referrals increase your chances of interviewing at XTX Markets by 2x

Get notified about new Information Security Analyst jobs in Singapore, Singapore .

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

XTX Markets is a leading algorithmic trading firm which uses state-of-the-art machine learning technology to produce price forecasts for over 50,000 financial instruments across equities, fixed income, currencies, commodities and crypto. It uses those forecasts to trade on exchanges and alternative trading venues, and to offer differentiated liquidity directly to clients worldwide. The firm trades over $250bn a day across 35 countries and has over 250 employees based in London, Singapore, New York, Paris, Bristol, Mumbai, Yerevan and Kajaani.

We leverage the talent of the people who work here, modern computational techniques and state-of-the-art research infrastructure to analyse large data sets across markets quickly and efficiently, to maximize the effectiveness of our proprietary trading algorithms. We are actively seeking new methods and ideas. The models that drive our trading strategies have evolved considerably over the last 10 years, from econometric methods that gave our company its name, to trees, to neural networks, to modern deep learning architectures.

XTX Markets has an unrivalled level of computational resources in the trading industry, with a growing research cluster currently containing over 25,000 GPUs with 650 petabytes of usable storage. Teams across the firm include world-class researchers with backgrounds in pure math, programming, physics, computer science and machine learning. The firm is also constructing a large-scale data centre in Finland to future-proof its significant computational capabilities.

At XTX Markets technology is our business and we are a diverse organization which attracts outstanding talent from across all industry backgrounds. We are focused on teamwork and our people collaborate on all aspects of the business, working openly and with respect for each other, our clients and the market. Our culture is non-hierarchical and one where everyone is valued. We strive for excellence in everything we do.

The Team

The Information Security team at XTX Markets are accountable for all aspects of the firm’s physical and IT security. From obtaining and transforming events and signals into actionable intelligence to helping design and implement authentication/authorisation systems, alongside third-party risk assessment and global regulatory compliance. This role is based in our Singapore office, and you will work closely with the Risk and Information Security teams in our London HQ.

The Role

As our first Information Security Analyst, you’ll work to ensure that XTX Markets’ data and infrastructure meet – and, where appropriate, exceed – the requirements of global regulators and auditors.

You will:

• Develop and automate compliance workflows (detection, analysis, business justifications, evidence-gathering).
• Liaise with external auditors to resolve findings and document compensating controls.
• Manage third-party/vendor risk assessments and ongoing security reviews.

You’ll also have opportunities to contribute across the security function: improving our vulnerability-management program, enhancing our detection framework, and helping triage and respond to security alerts. You will actively collaborate with a range of stakeholders within the firm.

• 3+ years in Information Security, with a focus on audit/compliance.
• Programming/scripting skills (e.g. Python, PowerShell) particularly for automating repeatable tasks.
• Strong written and verbal communication skills.
• Rapid learner with outstanding attention to detail.
• Self-starter: able to work autonomously, prioritise tasks, and admit mistakes.
• Able to write clear, succinct business justifications and technical documentation.
• Hands-on proficiency with vulnerability management/compliance platforms (e.g. Tenable Nessus).
• Familiarity with Indian information-security regulations and audit practices (SEBI, NSE, etc.)
• An academic foundation in computer science or a related subject would be beneficial.

*

indicates a required field

First Name *

Last Name *

Preferred First Name

Email *

Phone

Resume/CV

Enter manually

Accepted file types: pdf, doc, docx, txt, rtf

Enter manually

Accepted file types: pdf, doc, docx, txt, rtf

Website

Please indicate what right to work you have in Singapore. * Select.

Direct message the job poster from Elliott Moss Consulting

We are seeking a dynamic and experienced Analyst to join our CyberArk Automation team. This role focuses on automating CyberArk solutions to enhance security protocols and streamline operational efficiency. The ideal candidate should have a solid background in cybersecurity, automation scripting, and stakeholder coordination.

Key Responsibilities:

• Security Assessments: Conduct regular assessments to identify automation-related security vulnerabilities and improvement opportunities.
• Incident Response Support: Assist in incident response activities by automating threat detection, response, and mitigation workflows.
• Credential Management:
• Collate and reconcile actions related to Type B and Type C accounts across Lines of Business Teams (LOBTs).
• Collect and analyze credential management data for 600+ applications spanning 5 countries.
• Document and maintain Access Matrix templates for all Business Units (BUs).
• Stakeholder Engagement:
• Collaborate with key stakeholders to ensure credential-related actions are completed.
• Communicate credential management decisions clearly and handle related queries.
• Reporting & Metrics: Prepare and deliver reports, dashboards, and presentations to stakeholders on project status, KPIs, and compliance metrics.
• BAU Support: Handle day-to-day Password Management activities and provide ongoing operational support.

Required Qualifications:

• Education: Diploma or bachelor's degree in computer science, Information Technology, Cybersecurity, or related discipline.
• Experience:
• Minimum 3 years of experience in Cybersecurity, with at least 2 years in CyberArk and automation-related roles.
• Proven experience in stakeholder coordination and project tracking.
• Familiarity with credential types and reconciliation processes (Type B and Type C).
• Hands-on experience with CyberArk components and automation scripting (PowerShell, Python, etc.).
• Understanding of Identity & Access Management (IAM) best practices.
• Soft Skills:
• Strong interpersonal and communication skills for effective stakeholder management.
• Skilled in documentation, reporting, and presentation to both technical and non-technical audiences.
• Ability to work independently and manage multiple priorities under tight timelines.

Preferred Qualifications (Optional):

• CyberArk certifications (e.g., Defender, Sentry).
• Familiarity with regulatory compliance (e.g., GDPR, SOX) as it relates to privileged access.
• Exposure to project management tools (e.g., JIRA, Confluence).

• Seniority level Mid-Senior level

• Employment type Contract

• Job function Information Technology, Analyst, and Strategy/Planning
• Industries Banking, Government Administration, and IT Services and IT Consulting

Referrals increase your chances of interviewing at Elliott Moss Consulting by 2x

Get notified about new Cyber Security Analyst jobs in Singapore, Singapore .

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

Press Tab to Move to Skip to Content Link

Select how often (in days) to receive an alert:

JOB MAIN PURPOSE :

This role is responsible for assessing, managing, and enhancing the security measures of Bayer’s systems, networks, and data. Especially using data analytics for monitoring of Bayer's security systems and applications

YOUR ROLE & RESPONSIBILITIES:

• Oversee security alerts and incidents, executing timely responses to mitigate potential risks and minimize operational impact.
• Collaborate with IT and security personnel to implement and verify the effectiveness of comprehensive security protocols.
• Remain updated on current cybersecurity developments, threats, and industry best practices to enhance the organization's security framework.
• Monitor and evaluate operational logs, event console activities, intelligence feeds, and pertinent data to detect security-related occurrences and trends, ensuring compliance with established industry standards and regulations such as ISO 27001, NIST, and GDPR.
• Develop and refine cybersecurity processes and protocols, ensuring adherence to relevant industry standards and regulatory requirements.
• Perform analysis and testing to identify vulnerabilities, misconfigurations, or other security exposures
• Conduct root cause analyses and investigations to recommend prevention strategies and configuration modifications.
• Execute penetration testing to identify vulnerabilities within infrastructure, web applications, and other systems, differentiating between vulnerability assessments and penetration testing methodologies.
• Investigate incidents and respond to events in real time

YOUR SKILLS AND KEY QUALIFICATIONS:

• First experience with regulatory compliance and information security management frameworks, such as ISO 27000, COBIT, and NIST 800.
• Not required but desired: Professional certifications such as CCP-SIRA (Senior), CISSP, and ISACA certifications, along with familiarity with standards like BSI ISO 27001 and PCI DSS
• First experience monitoring SIEM systems and tools
• First experience with network and security technologies, such as firewalls, IDS/IPS First experience configuring and utilizing vulnerability assessment technologies
• First experience with monitoring networks, detecting threats, and responding to incidents
• Proficiency in report writing, investigational techniques, and communicating to large audiences