Enable job alerts via email!

Analyst, Cybersecurity DFIR

ICE DATA SERVICES SINGAPORE PTE. LTD.

Singapore

On-site

SGD 50,000 - 90,000

Full time

Today

Be an early applicant

Job summary

A leading financial cybersecurity firm in Singapore is seeking cybersecurity analysts and engineers to defend critical financial infrastructure against global cyber threats. Responsibilities include analyzing threats, responding to incidents, and utilizing various security tools. Ideal candidates will hold a degree in Cybersecurity or related fields and possess relevant certifications and experience. This role offers growth opportunities and requires proficiency in scripting languages and security tools.

Qualifications

Bachelor’s degree in Cybersecurity, Computer Science or equivalent experience.
Proficient in at least one scripting language.
Hands-on experience with enterprise security tools is required.

Responsibilities

Review and triage phishing attempts and malicious content.
Analyze DLP alerts to detect data exfiltration.
Monitor security tools for signs of compromise.

Skills

Email Threat Analysis

Data Loss Prevention

Incident Detection and Response

Behavioral Analysis

Cloud and Container Security

Education

Bachelor’s degree in Cybersecurity or related field

Relevant certifications (e.g., GIAC, CISSP)

Tools

SIEM (e.g., Splunk, QRadar)

Forensic suites (e.g., EnCase, Autopsy)

Malware analysis platforms

Job Purpose

The ICE Cybersecurity Digital Forensics and Incident Response (DFIR) team is responsible for defending critical financial infrastructure from Global Cyber threats. This role is suited for both entry-level analysts and experienced engineers, with responsibilities and growth opportunities tailored to each level. You will work alongside experienced professionals to investigate security events, analyze data, and contribute to protection of ICE’s digital assets.

Responsibilities

Email Threat Analysis: Review and triage user reported emails to identify phishing attempts, malware delivery, and other malicious content. Take appropriate containment actions and support eradication efforts to prevent recurrence.
Data Loss Prevention: Analyze DLP alerts to detect potential data exfiltration or policy violations.
Operations: Handle stakeholder requests and enquiries related to cybersecurity operations. Address security concerns by providing guidance, resolving access or policy-related issues, and coordinating with internal teams to ensure timely and secure solutions.
Incident Detection and Response: Detect, document, investigate, and resolve security incidents in an efficient manner.
Intrusion Detection & Alert Tuning: Monitor security tools and telemetry for signs of compromise. Contribute to tuning detection rules to reduce false positives and improve alert fidelity.
Behavioral Analysis: Develop and implement criteria to detect anomalous user behavior that may indicate insider threats or policy violations.

Desirable Knowledge and Experience

Bachelor’s degree in Cybersecurity, Computer Science, Information Systems, related technical field, or equivalent practical experience.
Exposure to software development environments or financial services is a plus.
Hands-on experience with enterprise security tools including SIEM (e.g., Splunk, QRadar), IDS/IPS, forensic suites (e.g. EnCase, Volatility, Autopsy, X-Ways, Magnet Axiom), and malware analysis platforms.
Proficient in at least one scripting language (e.g. Python, Bash, PowerShell, JavaScript, etc.)
Experience in cloud and container security, including incident response in AWS, Azure, and hybrid environments.
Familiarity with MITRE ATT&CK framework and threat intelligence platforms.
Demonstrated ability to communicate complex technical findings to both technical and non-technical audiences.
Relevant certifications such as GIAC GCFA, GCIA, GCIH, CISSP, or OSCP.

Get your free, confidential resume review.

or drag and drop a PDF, DOC, DOCX, ODT, or PAGES file up to 5MB.