Cyber Incident Responder (SIEM, 1-Year Contract)

What You'll Do • Lead technical activities related to security use case definition, design, implementation, and enrichment within the IT Production Security Investigation & Incident Response team, ensuring robust detection across multiple layers based on real-world attack scenarios such as those outlined by MITRE ATT&CK. • Strengthen detection capabilities throughout the Asia Pacific region by participating as a member of the Global Use Case Development Team, aligning local practices with worldwide standards for security monitoring. • Enhance SIEM (Security Information and Event Management) and SOAR (Security Orchestration Automation and Response) capabilities through hands-on involvement in tool optimisation and process refinement. • Act as a reference point for Security Incident Response activities, Anti-Malware/Defence strategies, and Security Detection operations within a team of experts. • Oversee the detection capabilities for the 24/7 regional IT Production Security Operations Centre (SOC), ensuring timely handling of security alerts affecting critical business functions. • Respond promptly to cyber or IT security incidents by evaluating event severity, conducting thorough investigations, and coordinating remediation efforts with relevant stakeholders. • Identify recurring security issues and risks by developing mitigation plans, recommending process improvements, and supporting ongoing risk management initiatives. • Continuously improve SOC frameworks by reviewing policies, updating operational playbooks, and integrating feedback from incident reviews into daily practice. • Contribute to compliance with regulatory requirements and internal policies by supporting incident reporting processes, participating in audits, and providing necessary evidence during control framework assessments. What You'll Need • At least 5 years’ experience as a cybersecurity professional with proven expertise in incident response across large-scale environments. • At least 3 hands-on experience designing, developing, coding, and implementing security use cases—ideally with familiarity in Java/Python programming language. • Comprehensive understanding of SIEM products (such as ELK stack: Elastic Logstash Kibana) coupled with practical experience in Security Incident Management processes. • Proficiency in Linux operating systems (RedHat/Ubuntu) along with strong skills interpreting security logs or instructions into actionable threat models; SecOPS or DevOPS mindset is highly valued. • Demonstrated ability to investigate incidents thoroughly—covering remediation actions, tracking progress through closure, and engaging constructively with stakeholders throughout the process. • Experience conducting threat hunting activities using large data sets; adept at content creation/use case modelling; automation-oriented approach is considered advantageous. Do note that we will only be in touch if your application is shortlisted. Robert Walters (Singapore) Pte Ltd ROC No.: 199706961E | EA Licence No.: 03C5451 EA Registration No.: R1872446 Felicia Valerie Romli