Enable job alerts via email!
Lead, Cyber Security Incident Response
CYGNIFY PTE. LTD.
Singapore
On-site
SGD 80,000 - 120,000
Full time
Generate a tailored resume in minutes
Land an interview and earn more. Learn more
Job summary
A telecom cybersecurity firm in Singapore is seeking a Cyber Security Incident Response Lead to manage the entire incident lifecycle, from detection to closure. The ideal candidate should possess over 5 years of relevant experience in SOC or incident response, with strong expertise in SIEM and threat hunting. This position requires collaboration with various teams and a solid understanding of cloud security principles. Certifications such as CISSP or GCIH are preferred, offering an opportunity to lead critical cybersecurity initiatives.
Qualifications
- 5–8 years of experience in SOC, Incident Response, or Detection Engineering.
- Strong hands-on experience with SIEM, preferably Elastic.
- Expertise in incident response, threat hunting, and log correlation.
- Solid knowledge of MITRE ATT&CK and malware analysis.
- Experience with cloud security services like AWS, Azure, or GCP.
Responsibilities
- Own the cybersecurity incident lifecycle: monitoring, investigation, and response.
- Lead response to malware, data breaches, insider threats, and cloud security incidents.
- Perform threat hunting and forensic investigations.
- Build and manage SIEM detections.
- Collaborate with teams to present incident reports.
Skills
Tools
Role:Lead, Cyber Security Incident Response
Location: Singapore
We are partnering with a leading telecom client to hire a Cybersecurity Incident Response SME to lead end-to-end incident detection, investigation, and response across enterprise environments.
Responsibilities:
- Own the full cybersecurity incident lifecycle: monitoring, triage, investigation, containment, and closure
- Lead response to malware, data breaches, insider threats, and cloud security incidents
- Perform threat hunting, log analysis, and forensic investigations
- Build, tune, and manage SIEM detections (Elastic / ELK preferred)
- Improve MTTD/MTTR through continuous alert tuning and use-case development
- Collaborate with SOC, CSIRT, IT, Cloud, and external MSSP teams
- Present incident reports, root cause analysis, and remediation plans to stakeholders
- 5–8 years of experience in SOC / Incident Response / Detection Engineering
- Strong hands-on experience with SIEM (Elastic preferred; Splunk acceptable)
- Expertise in incident response, threat hunting, and log correlation
- Solid knowledge of MITRE ATT&CK, malware analysis, and network security
- Exposure to cloud security (AWS / Azure / GCP)
- Scripting skills (Python / Bash / PowerShell) are a plus
- Relevant certifications (CISSP, GCIH, GCIA, CEH, Elastic) preferred
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
