Job Detail

Senior Cybersecurity Incident Response Specialist


Job Description

Job Description

The candidate will report to Head (CSIRT) and assist in responding to security incidents in an IT environment, such as investigate causes of intrusion, attack, loss or breach occurring in an organisation. You will identify and define cyber threats and root causes. You will require to develop reports that detail incident timeline, evidence, findings, conclusions and recommendations. In response to incident, you are responsible for managing cyber incidents and resolving the incidents in a timely manner. This includes preparation of reports, communication of findings to senior stakeholders, and recommendation of corrective actions to prevent and mitigate internal control failures. You are required to be on standby with on-call availability with varied shifts including nights, weekends, and holidays.  You are required to be familiarised with industrial cyber security standards, protocols, frameworks and have good knowledge in using various cyber security tools and techniques to resolve incidents.


1. Develop and implement cyber incident response strategy 

  • Develop approaches to combat cyber threats and mitigate risks to information systems assets
  • Develop guidelines to perform incident response strategies and policies
  • Implement processes and guidelines to perform incident response protocols, analyses data, and create incident reports 
  • Implement mechanisms to improve cyber security measures and incident response times
  • Develop incident handling processes, standard operating procedures, playbooks and runbooks
  • Identify and develop workflows supported with technology to automate repetitive manual tasks

2. Manage cyber security incidents

  • Communicate and escalate security activities to leadership
  • Handle responses to cyber security incidents 
  • Lead the recovery of contained cyber security incidents, following established processes and policies
  • Utilize appropriate cyber incident management techniques to resolve challenges

3. Oversee cyber threat analysis

  •     Collect, analyze and store cyber threat intelligence information
  •     Analyze past cyber-attacks to draw insights and implications on the organization
  •     Recommend ways to enhance the resilience and security of IT systems
  •     Propose mitigation techniques and countermeasures to ensure cyber threats are kept at a minimum

Job Requirement


Bachelor’s degree in computer science or related field, or a similar field. Ideally, you have completed or are about to complete a Security certification (e.g. Security+, GCIA, GCIH, CISSP)

Experiences in following areas:

1. Cyber Forensics    

  • Able to coordinate the collection and preservation of evidence and analyse forensic evidence to draw inferences.
  • Experience with one or more scripting languages (PowerShell, Python, Bash, etc.)

2. Cyber and Data Breach Incident Management    

  • 3-4 years of Information Security or Incident Response related experience.
  • Proven experience in day-to-day operational processes such as security monitoring, data correlation, troubleshooting, security operations etc.
  • Troubleshoot incidents, escalate alerts to relevant stakeholder, and analyse root causes and implications of incidents.

3. Cyber Risk Management    

  • Develop cyber risk assessment techniques and roll-out endorsed measures to address identified cyber security risks, threats and vulnerabilities

4. Security Assessment and Testing    

  • Conduct authorised penetration testing of systems and to expose threats, vulnerabilities and potential attack vectors in systems

5. Stakeholder Management    

  • Serve as the organisation's main contact point for stakeholder communications, clarifying responsibilities among stakeholders, and engaging them to align expectations

6. Threat Analysis and Defense    

  • Perform static, dynamic or behavioural analysis on malicious codes and threats, debug malware and thwart malicious attacks
  • Experience in analyzing system and application logs to investigate security issues and/or complex operational issues. Hands on experience of any SIEM, Elasticsearch, Logstash, and Kibana (ELK), Entity Behavior Analysis (UEBA) technologies and/or log management solution and competent performing log analysis, data correlation, etc.

7. Threat Intelligence and Detection    

  • Implement intrusion detection technology and analyse multi-source information to identify vulnerabilities, potential exploits, methods, motives, and capabilities

8. General knowledge in mainstream operating systems (Windows, Linux, etc.), network protocols, security infrastructure, etc.    

  • Good knowledge of one or more of the following: Windows/AD file system, registry functions and memory artefacts, Unix/Linux file systems and memory artefacts, Mac file systems and memory artefacts, TCP/IP communications & knowledge of how common protocols and applications work at the network level, including DNS, HTTP and SMB, and etc.


*We regret that only shortlisted candidates will be notified.


Full Name*
Email address*
Upload a different Resume (Your application will be submitted using this resume instead)
Choose a file
Only .pdf is allowed