Cyber Incident Response - Singapore at Sopra Steria

Singapore, , Singapore -

Full Time

Start Date

Immediate

Expiry Date

22 Sep, 26

Salary

0.0

Posted On

24 Jun, 26

Experience

5 year(s) or above

Remote Job

Yes

Telecommute

Yes

Sponsor Visa

Skills

Incident Response, Security Use Case Design, SIEM, ELK Stack, Python, PowerShell, Bash, SQL, Java, Linux, Threat Hunting, MITRE ATT&CK, Security Log Analysis, Threat Modeling, DevOps, SecOps

Industry

Information Technology & Services

Description

Company Description Sopra Steria is a listed European technology leader specializing in Consulting, Digital Services, and Software. With over 51,000 employees worldwide across Europe, North America and Asia, the Group supports organizations in driving their digital transformation and delivering sustainable business value. In Asia Pacific, Singapore serves as the regional headquarter for Sopra Steria’s Infrastructure, Cloud and Cybersecurity services. Job Description Responsibilities: Lead technical activities (security usecase definition, design, implementation & enrichment) in the team of IT Production Security Investigation & Incident Response based on real-world attack scenarios and framework like MITRE ATT&CK, ensuring robust security detection posture across various layers. Understand ongoing security threats in the wild and propose security usecase to detect and when possible, protect or mitigate. Be autonomous on technical activities (definition, R&D/threat hunting) in the team of IT Production Security Investigation & Incident Response and oversee the detection capabilities of the 24/7 regional IT Production SOC Respond to Cyber / IT security incidents and evaluates the type and severity of security events. Identify recurring security issues and risks and develops mitigation plans and recommends process improvements. Partner with global, regional and local stakeholders to ensure organizational and procedural efficiency and readiness for detection of suspicious events and reaction Continuously improve the processes to strengthen the current SOC framework via review of policies and operational playbooks Contributing Responsibilities: Partner with the APAC Business CSIRT for integrated security monitoring and alert/incident handling operations. Contribute to local security incident response outside the direct scope of responsibilities (i.e.,local IT production in some APAC business entities) Contribute to the Bank compliance with regulatory requirements and internal policies Contribute to the reporting of all incidents according to the Incident Management System Contribute to the control frameworks in day‐to‐day business activities, such as Control Plan; Participate to Audit interview and provide the require evidence Qualifications Leverage at least 5+ years of experience in cybersecurity incident response, including 4+ years in security use case design, development and coding. Demonstrate experience with SIEM platforms, ideally ELK (Elastic, Logstash, Kibana). Hold (or pursue) relevant certifications such as SANS, CISSP or OSCP. Use scripting languages (Python, PowerShell, Bash, SQL) to enhance automation and operational efficiency. Personal Attributes Demonstrate strong problem-solving capabilities. Communicate effectively in English (French is a plus). Maintain a positive mindset and commit to continuous upskilling and in-depth troubleshooting. Work autonomously, anticipate issues and act proactively. Collaborate effectively within a team and build strong interpersonal relationships. Take ownership with energy and accountability. Manage multiple priorities and deliver within agreed deadlines. Technical Requirements: Leverage your 7+ years of experience as a security professional to deliver high-value security outcomes. Design and develop security use cases with a solid understanding of Java. Operate effectively within Linux environments (RedHat, Ubuntu). Interpret security logs and translate findings into threat models with a SecOps/DevOps mindset. Investigate incidents, coordinate remediation, and track closure with relevant stakeholders. Apply your expertise in SIEM tools and Security Incident Management platforms. Perform incident response activities including threat hunting, event analysis, investigation and reporting. Handle large datasets by collecting, analyzing and leveraging data to develop use cases, models and automation approaches. Additional Information •Work-life balance: Hybrid working mode and Work-from-Abroad benefits, 18 days of Annual leave •Health & insurance: Comprehensive coverage including General Practitioner, hospitalization, dental, and optical •Performance incentives: Annual bonus based on individual performance •Learning & development: Training programs, certification opportunities, and training incentives to support career growth •Team culture: Regular team-building activities and social events

Responsibilities

Lead technical activities for security investigation and incident response, focusing on use case definition and detection posture using the MITRE ATT&CK framework. Coordinate with stakeholders to manage cyber incidents, improve SOC processes, and ensure regulatory compliance.