Lead, Cyber Security Incident Response Specialist

Date: 23 Nov 2023

Location: Singapore, Singapore

Company: Singtel Group

At Singtel, our mission is to Empower Every Generation. We are dedicated to fostering an equitable and forward-thinking work environment where our employees experience a strong sense of Belonging, to make meaningful Impact and Grow both personally and professionally. By joining Singtel, you will be part of a caring, inclusive and diverse workforce that creates positive impact and a sustainable future for all.



Be a Part of Something BIG! 


In Group IT, we create great technology that can change the future, and we're looking for people to be part of our digital and 5G journey. If you like to work in a dynamic, leading communications technology group to deliver innovations and excellence across the region, come join our digital, software engineering, data and cyber security teams!


Apply now, and ignite our digital future together.


Make an Impact by


  • Monitor security systems, logs, and alerts to identify potential security incidents and breaches. Employ intrusion detection tools and threat intelligence sources to stay ahead of emerging threats.
  • Assess the severity and scope of security incidents. Prioritize incidents based on their impact and potential risk to the organization.
  • Conduct in-depth investigations to determine the root cause and extent of security incidents. Analyze malware, conduct forensic analysis, and gather evidence for incident reports.
  • Develop and implement strategies to contain and eradicate security threats. Coordinate with relevant teams to isolate affected systems and prevent further damage.
  • Assist in the recovery process following security incidents, ensuring systems are restored securely and all lessons learned are applied to prevent future incidents.
  • Maintain detailed records of security incidents, including incident timelines, actions taken, and outcomes. Generate incident reports for management and regulatory purposes.
  • Communicate effectively with internal stakeholders, including IT teams, legal, and management, to ensure a coordinated response to security incidents. Provide updates on incident status and recommendations for remediation.
  • Collaborate with the vulnerability management team to identify and address vulnerabilities that could be exploited in future incidents.
  • Stay current with the latest cybersecurity threats, trends, and best practices. Continuously improve incident response processes and procedures.
  • Collaborate with cross-functional teams to ensure security operations has the capabilities for timely detection, investigation, and resolution of security incidents. This may include creation of effective threat detection use cases, machine learning based use cases and SOAR runbooks and program scripts to automate various security operations work.
  • Develop, maintain, and continuously improve a comprehensive security incident playbook that outlines step-by-step procedures for responding to various types of security incidents. This playbook should encompass incident detection, containment, eradication, recovery, and communication procedures.
  • Conduct tabletop exercises and simulations to test the effectiveness of the security incident playbook and identify areas for improvement. Document findings and implement necessary updates.


Skills for Success 


  • Diploma in Cybersecurity, Computer Science, Computer Engineering, or other relevant field of study
  • Professional cyber security certifications in areas like Incident Response, SIEM, SOAR, specialized SANS certifications, or other similar credentials, is required.
  • Minimum 5 years of experience as in cybersecurity roles.
  • Minimum 3 years of practical experience in SOCs, responding and managing cyber security incidents, developing cyber security incident response runbooks.
  • Minimum 2 years of practical experience in developing SOAR runbooks, application development, programming, and Infrastructure as Code.
  • Working knowledge of and experience in the policy and regulatory environment of information security in telecommunication industry.
  • Expert level competence in the following:
    • Incident Response and Management
    • SIEM
    • Security Monitoring Tools
    • Network Security Technology
    • Platform Security Technology
    • Endpoint Security Technology
  • Advanced understanding in the following areas:
    • Computer Forensics
    • Threat Analysis and Defence
    • Threat Intelligence and Detection
    • SOAR
  • Advanced competence in the following:
    • Problem analysis and solving
  • Have exposure to developing threat detection and response capabilities based on MITRE ATT&CK and DEFEND framework


Rewards that Go Beyond  


  • Hybrid work arrangements  
  • Full suite of health and wellness benefits   
  • Ongoing training and development programs   
  • Internal mobility opportunities


Your Career Growth Starts Here. Apply Now! 


We are committed to a safe and healthy environment for our employees & customers and will require all prospective employees to be fully vaccinated.