Cloud Security Incident Responder

1 week ago

Singapore Citigroup Full time

**Responsibilities**:
Related activities include but are not limited to:

- Lead and/or support in-depth triage and investigations of assigned cyber incidents in cloud.
- Perform incident response functions including but not limited to
- Detailed cloud focused investigations by analyzing logs relevant to the underlying cloud service provider (CSP)
- Execution of automation to gather forensic artifacts such as memory, disk, etc. for in-depth analysis and investigations.
- Execution of cloud-native automation to run resource containment actions as relevant to sources of compromise and/or malicious activities in scope.
- Conduct host-based analytical functions (e.g. digital forensics, metadata and data analysis) to uncover Indicators of Compromise (IOCs) and/or Tactics, Techniques and Procedures (TTPs)
- Documentation of investigation analysis objectively capturing the Who, What, When, Where, Why and How related to the incident
- Develop, document and maintain operationally effective playbooks to deal with cloud-based incidents.
- Take ownership for and drive the development of new automation capabilities and supporting playbooks as per assigned domains within cloud.
- Collaborate with global multidisciplinary groups for triaging, defining the scope and investigating large-scale security incidents.
- Build and nurture key stakeholder relationships with partners in the CISO business function that are essential to the IR team success.
- Actively participate in Threat modeling of new services/capabilities, readiness exercises such as purple team, tabletops, CTF’s etc.

Qualifications:

- Strong technical expertise in relevant Cloud security tools and technologies (e.g. EDR, SIEM, Container security, SSPM, CNAPP, etc.)
- Solid team player with the ability to work in multi-disciplinary team of teams with DevSecOps practitioners
- Exceptional communication and presentation skills to simplify and convey complex technical matters to senior security stakeholders and leadership
- Strong understanding of security incident response processes, excellent technical documentation skills and proven analytical skills
- Demonstrable experience on most of the following:

- Advanced proficiency with cloud security focused services such as Guard Duty, SCC, IAM, etc.
- Hands-on experience with CI/CD methodologies and tools that support modern deployment practices into public cloud and associated security best practices
- Proficient with public cloud services focused on automation such as SSM, Lambda, Cloud Functions, etc.
- Experience with various log aggregation/data analytics tools, such as Splunk, Sentinel, etc.
- Familiarity with security constructs of SaaS and PaaS offerings such as Snowflake, MongoDB desired
- Windows Operating Systems / UNIX specifically in command line use and basic file system knowledge
- Prior experience of using security-oriented tools such as Aquasec, Twistlock, Wiz, Lacework, AppOmni, etc. is an advantage

This job description provides a high-level review of the types of work performed. Other job-related duties may be assigned as required.

This role requires occasional flexibility to support critical security incidents when they occur out of regular office hoursJob Family Group:
Technology
- **Job Family**:
Information Security
- Time Type:
Full time

View Citi’s EEO Policy Statement and the Know Your Rights poster.

  • Cloud Security Incident Responder

    1 week ago

    Singapore Citi Full time

    **Responsibilities** Related activities include but are not limited to: - Lead and/or support in-depth triage and investigations of assigned cyber incidents in cloud. - Perform incident response functions including but not limited to - Detailed cloud focused investigations by analyzing logs relevant to the underlying cloud service provider (CSP) -...

  • Senior Incident Responder

    1 week ago

    Singapore SIX FINANCIAL INFORMATION SINGAPORE PTE. LTD. Full time

    SIX operates the infrastructure underpinning the Swiss financial sector and offers a comprehensive range of services around the world in the fields of securities trading and settlement, financial information and payment transactions.- **JJob Introduction The SIX Security Monitoring & Incident Response (SMIR) is the central incident response team for the SIX...

  • Principal Incident Responder

    1 week ago

    Singapore LSEG (London Stock Exchange Group) Full time

    LSEG Security Operations is a central function employing people, process and technology to continuously monitor and respond to cyber security incidents. Security Operations spans multiple domains including cyber threat intelligence, cyber threat detection, data loss prevention and cyber incident response. This role will act help to protect the Group from...

  • Cyber Security Incident Responder

    2 weeks ago

    Singapore JJ Consulting Services Full time

    **Roles and Responsibilities** - Manage Security Incidents from detection to closure - Analyse security events and confirm security incidents - Drive response and resolution of security incidents - Coordinate with Major Incident Management Team and WAR room setup - Lead root cause analysis, post-mortem reporting and preventive actions. **Requirements**: -...

  • Cyber Security Incident Responder

    1 week ago

    Singapore JJ CONSULTING SERVICES Full time

    ** **Roles and Responsibilities** - Manage Security Incidents from detection to closure - Analyse security events and confirm security incidents - Drive response and resolution of security incidents - Coordinate with Major Incident Management Team and WAR room setup - Lead root cause analysis, post-mortem reporting and preventive...

  • Cyber Incident Responder

    1 week ago

    Singapore UBS Full time

    Singapore Risk Group Functions **Job Reference #** 247495BR **City** Singapore **Job Type** Full Time **Your role** Are you from the World of Cyber? Are you the one to defend the organization against advance threat? Do you have what it takes to coordinate and respond to cyber-attacks? - respond to cyber security incidents covering all phases...

  • Senior Incident Responder

    3 days ago

    Singapore SIX Full time

    We drive the transformation of the financial markets. That’s why we invest in bright minds, in their ideas, knowledge and development. We do that by combining our best sides. Singapore | working from home up to 60% | Reference 5304 The SIX Security Monitoring & Incident Response (SMIR) is the central incident response team for the SIX Group. The team is...

  • Cyber Incident Responder

    1 week ago

    Central Singapore BNP Paribas Full time

    **POSITION PURPOSE**: APAC Production Security teams are responsible for multiple IT Security activities for BNP Paribas in Asia Pacific region, such as: IT Production Security Governance, PMO & Risks Network Security and Security Design & Architecture Vulnerability & Compliance Management IAM Production Production CSIRT, Detection & SIEM...

  • Cyber Incident Responder

    2 weeks ago

    Singapore UBS Full time

    Job Reference # BR Job Type Full Time Your role Are you keen on working in world class Cyber Security Operations Center for one of the best Swiss private banks? Do you have related experience and are willing to take it further by learning how to defend an enterprise against cyber-attacks? We are looking for an incident response expert who will:...

  • Network & Cloud Security Engineer - Incident Response

    7 days ago

    Singapore The Supreme HR Advisory Full time

    A leading HR consultancy in Singapore is looking for a Network and Security Engineer. The role requires 3-5 years of hands-on experience with firewalls and security systems. Responsibilities include designing security solutions, responding to incidents, and collaborating with cross-functional teams. Familiarity with Microsoft 365 Security and cloud security...