Enable job alerts via email!

Lead, Cybersecurity Incident Response

StarHub Ltd

Singapore

On-site

SGD 70,000 - 120,000

Full time

3 days ago
Be an early applicant

Generate a tailored resume in minutes

Land an interview and earn more. Learn more

Start fresh or import an existing resume

Job summary

A leading cybersecurity firm is seeking an Assistant Manager for Incident Response and Threat Hunting. The role involves leading the response to cybersecurity incidents, performing forensic analysis, and developing strategies to mitigate risks. Candidates should have strong expertise in incident response, threat hunting, and be familiar with SIEM tools and cloud security. This is a critical position responsible for enhancing the organization's security posture and compliance.

Qualifications

  • Strong expertise in incident response and threat hunting.
  • Experience with SIEM tools like Elastic or Splunk.
  • Knowledge of AI/ML-driven anomaly detection techniques.

Responsibilities

  • Lead response to cybersecurity incidents and malware infections.
  • Perform analysis of security events to identify threats.
  • Coordinate with SOC teams and enhance detection capabilities.

Skills

Incident response
Threat hunting
Forensic analysis
Network security
Malware analysis
Log analysis
Cloud security
Scripting
Automation

Tools

SIEM
Forensic tools
Cloud security tools

Job description

Assistant Manager - Incident Response and Threat Hunting is responsible for leading the detection, investigation, and mitigation of cybersecurity incidents. This role involves proactive threat hunting, forensic analysis, and developing response strategies to minimize risks and impact on an organization's IT infrastructure. The specialist also collaborates with cross-functional teams to improve security posture and ensure compliance with industry standards.

The candidate will report to the Head of Incident Response Team and will plan and oversee the performance of security responses to incidents in an IT environment. They will present cyber-incident reports to senior leaders and identify and analyze cyber threats and their root causes.

Responsibilities:
  1. Lead the response to cybersecurity incidents, including malware infections, data breaches, and insider threats.
  2. Perform real-time and retrospective analysis of security events to identify threats.
  3. Coordinate with MSSP Security Operations Centre (SOC) teams for monitoring and alerting.
  4. Develop and document incident response plans and playbooks.
  5. Handle incidents end-to-end, from detection to resolution.
  6. Conduct proactive threat hunting to identify unknown threats.
  7. Perform digital forensic analysis on compromised systems to determine root causes.
  8. Utilize forensic tools to collect and analyze logs, memory dumps, and disk images.
  9. Work with SIEM tools to detect anomalous behavior and improve detection capabilities.
  10. Analyze logs from firewalls, IDS/IPS, endpoint protection, and cloud security tools.
  11. Enhance detection capabilities by tuning security alerts and creating new rules.
  12. Recommend and implement security controls to reduce exposure.
  13. Provide technical leadership to junior responders and analysts.
Technical Skills:
  • Strong expertise in incident response, threat hunting, and forensic analysis.
  • Experience with SIEM tools (e.g., Elastic, Splunk).
  • Proficiency in network security, malware analysis, and log analysis.
  • Familiarity with cloud security (AWS, Azure, GCP) and container security.
  • Experience with cloud security tools and AI-powered analytics (AWS GuardDuty, Azure Sentinel, Google Chronicle).
  • Knowledge of AI/ML-driven anomaly detection and behavioral analysis techniques.
  • Understanding of security solutions (EDR, XDR, NDR, WAF, Proxy, Firewall, Email Security).
  • Scripting and automation skills (Python, PowerShell, Bash).
  • Deep understanding of MITRE ATT&CK framework, cyber kill chain, and machine learning models for cybersecurity.
  • Excellent communication and report-writing skills, with the ability to work under pressure.
Get your free, confidential resume review.
or drag and drop a PDF, DOC, DOCX, ODT, or PAGES file up to 5MB.