Cybersecurity Detection & Incident Response Engineer (SIEM / SOC) - Toa Payoh

Summary:

The ideal candidate will bring deep technical knowledge of security monitoring, incident response, and detection engineering, along with strong experience in SIEM tools, threat intelligence, and automation.

Responsibilities:

• Lead the design, development, and enrichment of security detection use cases based on frameworks such as MITRE ATT&CK.
• Enhance SIEM/SOAR capabilities and detection mechanisms across various security layers.
• Conduct threat hunting and evaluate real-world attack scenarios to improve detection coverage.
• Manage and respond to cybersecurity incidents, perform in-depth investigation, and provide incident handling guidance.
• Collaborate with global and regional teams to ensure a unified detection and response strategy.
• Support the improvement of SOC processes, policies, and operational playbooks.
• Monitor recurring security threats and work with internal teams on mitigation plans.
• Partner with internal CSIRT teams to ensure coordinated response to security events.
• Contribute to regulatory compliance efforts and provide audit evidence as required.

Requirements:

• Minimum 7 years of experience in cybersecurity roles, with at least 4 years focused on detection engineering and incident response.
• Strong experience in security use case development and SIEM platforms (preferably ELK stack).
• Proficient in Java and scripting languages.
• Solid understanding of Linux systems (RedHat/Ubuntu).
• Hands-on experience in analyzing logs, threat modeling, and performing incident investigations.
• Familiarity with SOC environments, automation techniques, and SecOps/DevOps integration.
• Ability to interpret and act on threat intelligence, and create meaningful detection models.
• Experience working with large datasets and automating detection/response pipelines.

Qualifications:

• Bachelor’s degree in Computer Science, Cybersecurity, or related field.
• Security certifications such as CISSP, OSCP, or SANS GIAC are preferred.
• Strong written and verbal communication skills (English is a must).
• Ability to work independently in high-pressure environments.
• Experience with regulatory compliance in financial institutions is a plus.