Cyber Incident Responder (SIEM, 1-Year Contract)

A leading international financial institution is seeking a highly skilled Cyber Incident Responder to join its APAC Production Security team in Singapore. This is an exceptional opportunity for you to play a pivotal role in safeguarding the organisation’s digital assets across the Asia Pacific region. You will be at the forefront of cyber defence, contributing to global security initiatives, enhancing detection capabilities, and responding to sophisticated threats.

What You'll Do

• Lead technical activities related to security use case definition, design, implementation, and enrichment within the IT Production Security Investigation & Incident Response team, ensuring robust detection across multiple layers based on real-world attack scenarios such as those outlined by MITRE ATT&CK.
• Strengthen detection capabilities throughout the Asia Pacific region by participating as a member of the Global Use Case Development Team, aligning local practices with worldwide standards for security monitoring.
• Enhance SIEM (Security Information and Event Management) and SOAR (Security Orchestration Automation and Response) capabilities through hands-on involvement in tool optimisation and process refinement.
• Act as a reference point for Security Incident Response activities, Anti-Malware/Defence strategies, and Security Detection operations within a team of experts.
• Oversee the detection capabilities for the 24/7 regional IT Production Security Operations Centre (SOC), ensuring timely handling of security alerts affecting critical business functions.
• Respond promptly to cyber or IT security incidents by evaluating event severity, conducting thorough investigations, and coordinating remediation efforts with relevant stakeholders.
• Identify recurring security issues and risks by developing mitigation plans, recommending process improvements, and supporting ongoing risk management initiatives.
• Continuously improve SOC frameworks by reviewing policies, updating operational playbooks, and integrating feedback from incident reviews into daily practice.
• Contribute to compliance with regulatory requirements and internal policies by supporting incident reporting processes, participating in audits, and providing necessary evidence during control framework assessments.

What You'll Need

• At least 5 years’ experience as a cybersecurity professional with proven expertise in incident response across large-scale environments.
• At least 3 hands-on experience designing, developing, coding, and implementing security use cases—ideally with familiarity in Java/Python programming language.
• Comprehensive understanding of SIEM products (such as ELK stack: Elastic Logstash Kibana) coupled with practical experience in Security Incident Management processes.
• Proficiency in Linux operating systems (RedHat/Ubuntu) along with strong skills interpreting security logs or instructions into actionable threat models; SecOPS or DevOPS mindset is highly valued.
• Demonstrated ability to investigate incidents thoroughly—covering remediation actions, tracking progress through closure, and engaging constructively with stakeholders throughout the process.
• Experience conducting threat hunting activities using large data sets; adept at content creation/use case modelling; automation-oriented approach is considered advantageous.

Do note that we will only be in touch if your application is shortlisted.
Robert Walters (Singapore) Pte Ltd
ROC No.: 199706961E | EA Licence No.: 03C5451
EA Registration No.: R1872446 Felicia Valerie Romli