Jobfoundry
Jobfoundry
Singapore Airlines

Information Technology - Cyber Security Engineer (Threat Management and Incident Response) (Scoot)

Singapore Airlines
BusinessSearch by LocationFull-time5 days ago
Apply Now

About the role

AI summarised

Cyber Security Engineer (Threat Management and Incident Response) at Scoot, part of the Group Information Security Team, responsible for responding to threats and incidents across corporate networks, systems, and digital assets. The role involves security monitoring, incident response, threat hunting, and managing the Security Operations Center.

BusinessFull-time1279

Key Responsibilities

  • Perform security monitoring and incident response activities across the scoot networks, leveraging a variety of tools and techniques.
  • Manage Security Operations center.
  • Detect incidents through proactive 'hunting' across security-relevant data sets.
  • Ability to correlate multiple events from different devices to identify abnormal behaviour.
  • Document incident response analysis activities thoroughly.
  • Develop new, repeatable methods for finding malicious activities.
  • Provide recommendations to enhance detection and protection capabilities.
  • Effectively present technical topics to both technical and non-technical audiences.
  • Develop and follow detailed operational processes and procedures to appropriately analyze, escalate, and assist in the remediation of information security incidents.
  • Prioritize multiple high-priority tasks and formulate responses/recommendations in a fast-paced environment.
  • Prepare documentation for security technical standards, standard operational procedures, and hardening standards.
  • Analyse endpoint, network, and application logs.

Requirements

  • Degree in Computer Engineering, Computer Science, Information Systems, or equivalent qualification.
  • At least 5-6 years of experience in Cybersecurity Incident and Security Operations.
  • Demonstrate experience in Information Security with a focus on Cyber Security Operations, Incident Response and Detection.
  • Experience working in the Security Operations Centre and/or Computer Incident Response Team.
  • Excellent problem-solving skills combined with hands-on experience doing root cause analysis and post-incident reviews.
  • Solid knowledge of computer networks and common protocols.
  • Knowledge of prominent cyber threat actors and APT groups.
  • Experience with Threat Intelligence Platforms.
  • Experience with SIEM (especially Splunk).
  • Professional security related qualifications (i.e. GCIA, CISSP etc) will be an advantage.
  • Preferred certifications: CISSP, CISM, CISA, ISMS, TOGAF, SABS.
  • Good interpersonal skills.
  • Team player and able to work independently.