Question
5-10

Lead, Cyber Security Incident Response

1/17/2026

The role involves owning the full cybersecurity incident lifecycle, including monitoring, triage, investigation, containment, and closure. The candidate will lead responses to various security incidents and collaborate with multiple teams.

Working Hours

40 hours/week

Company Size

11-50 employees

Language

English

Visa Sponsorship

No

About The Company
Cygnify is an on-demand, plug & play TA team on a month-to-month subscription, delivering unlimited global hires with no placement fees. Our Talent Acquisition as a Service (TAaaS) offers companies instant access to a fully managed team of recruitment experts, cutting-edge AI tools, and a 100M+ candidate database. All our monthly plans are transparent, and flexible, with no lock-ins, supporting all roles, levels, and locations globally. Press Play to supercharge your Talent Acquisition—streamlining hiring with a single partner across every location, leveraging our deep market expertise, extensive networks, and proven success in securing top talent. Avoid the high costs of growing an in-house team and agency placement fees. We have it all in our plug & play TA solution.
About the Role

Role: Lead, Cyber Security Incident Response
Location: Singapore

We are partnering with a leading telecom client to hire a Cybersecurity Incident Response SME to lead end-to-end incident detection, investigation, and response across enterprise environments.

Responsibilities:

  • Own the full cybersecurity incident lifecycle: monitoring, triage, investigation, containment, and closure
  • Lead response to malware, data breaches, insider threats, and cloud security incidents
  • Perform threat hunting, log analysis, and forensic investigations
  • Build, tune, and manage SIEM detections (Elastic / ELK preferred)
  • Improve MTTD/MTTR through continuous alert tuning and use-case development
  • Collaborate with SOC, CSIRT, IT, Cloud, and external MSSP teams
  • Present incident reports, root cause analysis, and remediation plans to stakeholders

  • 5–8 years of experience in SOC / Incident Response / Detection Engineering
  • Strong hands-on experience with SIEM (Elastic preferred; Splunk acceptable)
  • Expertise in incident response, threat hunting, and log correlation
  • Solid knowledge of MITRE ATT&CK, malware analysis, and network security
  • Exposure to cloud security (AWS / Azure / GCP)
  • Scripting skills (Python / Bash / PowerShell) are a plus
  • Relevant certifications (CISSP, GCIH, GCIA, CEH, Elastic) preferred
Key Skills
Cyber SecurityIncident ResponseThreat HuntingLog AnalysisForensic InvestigationsSIEMMalware AnalysisNetwork SecurityCloud SecurityScriptingMITRE ATT&CKData BreachesInsider ThreatsElasticAWSAzure
Categories
TechnologySecurity & SafetyData & Analytics
Apply Now

Please let Cygnify know you found this job on InterviewPal. This helps us grow!

Apply Now
Prepare for Your Interview

We scan and aggregate real interview questions reported by candidates across thousands of companies. This role already has a tailored question set waiting for you.

Elevate your application

Generate a resume, cover letter, or prepare with our AI mock interviewer tailored to this job's requirements.

Tailor my ResumeWrite my cover letterFind Your Cover Letter