CrawlJobs Logo
Citi Logo Citi · IT - Administration

SOC Incident Responder

Singapore, Singapore · Job Posted December 29, 2025
Apply Position
Job Link Share

Job Description

The Info Sec Tech Lead Analyst is a senior level professional position responsible for driving efforts to prevent, monitor and respond to information/data breaches and cyber-attacks. The overall objective of this role is to ensure the execution of Information Security directives and activities in alignment with Citi's data security policy.

Job Responsibility

  • Identify opportunities to automate and standardize information security controls and for the supported groups
  • Resolve any vulnerabilities or issues detected in an application or infrastructure
  • Analyze source code to mitigate identified weaknesses and vulnerabilities within the system
  • Review and validate automated testing results and prioritize actions that resolve issues based on overall risk
  • Scan and analyze applications with automated tools, and perform manual testing if necessary
  • Reduce risk by analyzing the root cause of issues, their impact, and required corrective actions
  • Direct the development and delivery of secure solutions by coordinating with business and technical contacts
  • Appropriately assess risk when business decisions are made, demonstrating particular consideration for the firm's reputation and safeguarding Citigroup, its clients and assets, by driving compliance with applicable laws, rules and regulations, adhering to Policy, applying sound ethical judgment regarding personal behavior, conduct and business practices, and escalating, managing and reporting control issues with transparency.

Requirements

  • 6-10 years of relevant experience
  • Advanced proficiency with Microsoft Office tools and software
  • Consistently demonstrates clear and concise written and verbal communication
  • Proven influencing and relationship management skills
  • Proven analytical skills
  • Bachelor’s degree/University degree or equivalent experience
  • Master’s degree preferred
Citi - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

SOC Incident Responder

8 matching positions

Cybersecurity Incident Responder

We are currently seeking a Cybersecurity Incident Responder to join our team in ...
Location
Location
United States , Fort Bragg
Salary
Salary:
90146.00 - 150244.00 USD / Year
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum 7 years' of professional experience
  • Minimum 4 years' of experience in cybersecurity, help desk, system administration, SOC, or IR
  • Minimum 1 year of experience in Incident Response lifecycle (Preparation, Identification, Containment, Eradication, Recovery, Lessons Learned)
  • Minimum 1 year of experience in Email phishing investigations
  • Minimum 1 year of experience with one or more: Splunk and Elastic for Cloud, Endpoint Detection & Response (EDR) tools, Antivirus platforms, Vulnerability scanners (ACAS), ServiceNow, Remedy or similar ticketing systems
  • DoD 8570/8140 certification: CompTIA Security+ CE
  • Top Secret Security Clearance, SCI eligible
Job Responsibility
Job Responsibility
  • Detecting, analyzing, containing, eradicating, and recovering from cybersecurity incidents across enterprise, endpoint, network, and cloud environments
  • Conducting investigations and responding to cybersecurity alerts and confirmed incidents across enterprise networks and cloud platforms such as AWS, Microsoft Azure, and Google Cloud
  • Executing containment actions on compromised systems or accounts
  • Supporting eradication and recovery efforts
  • Documenting all response activities through incident closure
  • Analyzing malware infections and responding to indicators of ransomware, trojans, spyware, and unauthorized software
  • Coordinating host containment and remediation actions such as antivirus or EDR scanning, reimaging, and evidence preservation
  • Managing spillage and data-loss events by containing and sanitizing affected systems
  • Coordinating reporting and remediation
  • Supporting insider-threat or data-exfiltration investigations
What we offer
What we offer
  • Medical, dental, and vision insurance with an employer contribution
  • Flexible spending or health savings account
  • Life and AD&D insurance
  • Short and long term disability coverage
  • Paid time off
  • Employee assistance
  • Participation in a 401k program with company match
  • Additional voluntary or legally-required benefits
  • Fulltime
Read More
Arrow Right

Soc Analyst - Incident Response

As a Senior SOC Analyst, you will be the technical lead for incident response wi...
Location
Location
Australia , Sydney
Salary
Salary:
146197.00 - 154260.00 AUD / Year
https://www.randstad.com Logo
Randstad
Expiration Date
June 10, 2026
Flip Icon
Requirements
Requirements
  • 4–5 years in cyber incident response and digital forensics
  • Highly regarded credentials such as GCIH, GCFA, GPEN, or equivalent
  • A cooperative professional who thrives in a supportive, knowledge-sharing team
  • Permanent Residency or Citizenship are required
  • Bachelor Degree
  • skills: Cyber Security, Incident Response, SOC, Digital Forensics, GCIH, GCFA, Threat Hunting
  • qualifications: GCIH
  • GPEN
  • GCFA
  • SANS Certified Incident Handler
Job Responsibility
Job Responsibility
  • Lead cyber incident investigations and provide specialist forensic guidance
  • Coordinate with third-party managed security services to enhance internal capabilities
  • Manage vulnerability assessments and oversee remediation actions across diverse environments
  • Deliver post-incident reporting and communicate technical findings to executive stakeholders
  • Participate in a weekly first-responder rotation and an after-hours on-call roster
What we offer
What we offer
  • Hybrid work with only 1 day on-site per week
  • Attractive on-call allowances and overtime pay
  • Lead investigations for a complex ICT environment
  • Supportive team culture with internal promotion paths
  • Mentor junior analysts in a collaborative environment
  • +17% superannuation
!
Read More
Arrow Right

Cyber Security Engineer

Location
Location
United Kingdom , London
Salary
Salary:
Not provided
coinshares.com Logo
CoinShares
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5 years' experience in a hands-on cyber security engineering or security operations role, with demonstrable breadth across multiple security domains
  • Experience running security processes end-to-end across multiple domains within a small team environment, operating as a generalist rather than a specialist in a single area
  • Bachelor's degree in Cyber Security, Computer Science, Information Technology, or equivalent practical experience
  • Relevant certifications are desirable (e.g. CISSP, CEH, AWS Security Specialty or CCSP)
  • Prior exposure to digital asset infrastructure, crypto custody or trading environments is advantageous but not required
  • Strong foundational knowledge across core cyber security domains: network security, endpoint security, cloud security, identity and access management, vulnerability management, threat detection, incident response and data security
  • Solid understanding of security frameworks including NIST CSF 2.0 and SOC 2
  • Experience working in a regulated environment
  • exposure to GDPR, DORA, SOX and the SEC Cybersecurity Rule is highly advantageous
  • Hands-on experience with SIEM, SOAR and EDR/XDR platforms - configuration, tuning, alerting, and integration with response workflows
Job Responsibility
Job Responsibility
  • Design, implement and maintain security controls across all systems and environments, spanning enterprise IT, cloud infrastructure and digital asset operations
  • Operate core security functions including endpoint protection, email security, identity and access management, data security and security monitoring
  • Manage and continuously improve the firm's SIEM, SOAR and EDR/XDR tooling, ensuring effective alerting, tuning and integration with incident response processes
  • Lead detection engineering and incident response, acting as the primary technical responder during security events and investigations
  • Lead vulnerability management and remediation across all environments, prioritising based on risk and business impact
  • Partner with IT, engineering and DevOps teams to embed security earlier in the development lifecycle, across infrastructure and into CI/CD pipelines
  • Maintain and improve cloud security controls across AWS, leveraging CSPM tooling to monitor posture and drive remediation
  • Conduct threat modelling, security architecture reviews and risk assessments for new systems, services and third-party integrations
  • Support third-party and vendor risk assessments, including review of SOC 2 reports, penetration test reports and security questionnaires
  • Contribute to the security of CoinShares' digital asset infrastructure, including custody and trading environments
  • Fulltime
Read More
Arrow Right

Domain Consultant

Location
Location
Japan , Chiyoda
Salary
Salary:
Not provided
paloaltonetworks.com Logo
Palo Alto Networks
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 6+years technical sales or equivalent experience highly preferred
  • Desired experience in one or more technology domains: Managing and optimizing SIEM, EDR/XDR, and SOAR solutions. Extensive practical experience in security incident response, encompassing both IR tools and workflow processes, or deep knowledge of SOC operational processes. Proven ability to conduct threat hunting, analyze malware and exploits, and simulate cyberattacks. Deep expertise in cloud security domains such as CSPM, CWP, KSPM, CIEM, and DSPM. Hands-on experience with Infrastructure as Code (IaC) (e.g., CloudFormation, Terraform) and CI/CD tools (e.g., GitLab, Github, Jenkins). Experience in observability, including visualizing, analyzing, and optimizing the state of complex systems
  • knowledge of Email Security and Vulnerability Solutions. Experience with installing, configuring, and integrating complex security environments. Comprehensive Knowledge of AI Security
  • Knowledge of Security Analytics or Threat Intelligence. Familiarity with Unix/Linux and Windows operating systems
  • scripting (Python/PowerShell/JavaScript). Exceptional analytical and problem-solving skills to quickly diagnose and resolve complex security issues. A strong background in the security domain or cloud security is highly preferred.
  • Proficiency in English (both spoken and written), and experience giving presentations to various stakeholders in person and online
  • Demonstrated ability to thrive in a team environment, promoting open knowledge sharing, embodying integrity, and valuing diverse perspectives.
  • A proactive and adaptable individual who is self-driven and a rapid learner, comfortable with continuous change and committed to maintaining expertise at the forefront of an evolving technology landscape.
  • As a field sales role, travel may be required to support customer engagements.
Job Responsibility
Job Responsibility
  • Collaborate with account teams to recommend and develop customer solutions within your assigned specialization area
  • Present to customers as our expert at all levels in the customer hierarchy, from practitioner to senior leadership
  • Lead and support customer demonstrations that showcase our unique value proposition
  • Scope and lead Proof of Value (PoV) projects for prospective customers and partners based on best practices to ensure technical win in your assigned opportunities
  • Drive high technical validation and PoV win rates within your assigned specialization area
  • Architect solutions that will help our customers strengthen and simplify their security posture
  • Accelerate technical validation of proposed solutions within your specialization
  • Document High-Level Design and Key Use Cases to ensure proper implementation and value realization of Palo Alto Networks Solutions
  • Help our customers build and develop further their services around Cortex solutions
  • Lead conversations about industry trends and emerging changes to the security landscape
  • Fulltime
Read More
Arrow Right

Incident Handler II, Detection & Response Services

We are looking for people with a passion for investigation and forensic analysis...
Location
Location
United States , VA
Salary
Salary:
Not provided
rapid7.com Logo
Rapid7
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 3-4 years of experience in a cybersecurity related position (SOC and/or SIEM analysis experience preferred)
  • Dedication to putting each customer's needs and concerns at the forefront of all decision making
  • Understanding of core operating system concepts in Windows, MacOS/Darwin, and Linux - this includes at least an understanding of common internal system tools and directory structures
  • Proficiency with analyzing forensic artifacts to determine root cause analysis in investigation - Windows largely preferred, but bonus points for experience with Linux, AWS, Azure, and GCP
  • A fundamental understanding of how threat actors utilize tactics such as lateral movement, privilege escalation, defense evasion, persistence, command and control, and exfiltration
  • Effective verbal communication skills that foster collaboration between the MDR SOC and the Incident Response team
  • Strong written communication skills
  • Some experience with static and dynamic malware analysis
  • Passion for continuous learning and growth in the cybersecurity world
Job Responsibility
Job Responsibility
  • Conduct investigations into a variety of malicious activity on workstations, servers, and in the cloud
  • Investigate all levels of incidents, including Incident Response engagements in which you will provide analysis assistance to Rapid7's Incident Responders, including scoping, timeline analysis, finding IAV, and helping update documents as needed
  • Own complex investigations that may need various levels of delegation, customer communication, documentation, and collaboration across teams
  • Be an escalation point for complex and advanced incidents
  • Communicate with Cybersecurity Advisors regarding investigation findings, Requests For Information from clients, and remediation and mitigation recommendations
  • Directly communicate with customers regarding investigation findings or to assist in driving an investigation forward as needed
  • Prepare Incident Reports for each minor incident investigation you complete, which follow MITRE's ATT&CK Framework and include your own forensic, malware, and root-cause analysis
  • Communicate with other analysts to share new intelligence regarding tactics, techniques, and trends utilized by threat actors
  • Provide continuous input to Rapid7's Threat Intelligence and Detection Engineering team regarding new detection opportunities
  • Assist in customer engagement opportunities pertaining to the function of your role in the MDR service as necessary
  • Fulltime
Read More
Arrow Right
New

Security Officer GSOC Operator

As a GSOC Operator, you will serve and safeguard clients in a range of industrie...
Location
Location
United States , Allentown
Salary
Salary:
25.13 USD / Hour
aus.com Logo
Allied Universal®
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 21+ Years of Age
  • Valid Driver's License - AU Driver Policy Requirements
  • Demonstrated ability to work in a dynamic environment and manage multiple tasks
  • Strong communication and interpersonal skills
  • Proficiency in computer skills (Word, Excel, PowerPoint, and Outlook)
  • Basic knowledge of access control, video management, and intrusion detection systems
  • Familiarity with incident management processes
  • Analytical mindset with the ability to identify and escalate critical issues
  • Attention to detail and accuracy in work
  • Awareness of relevant regulations and compliance requirements
Job Responsibility
Job Responsibility
  • The Security Global Operations Center (GSOC) Specialist supports the monitoring and response to internal and external security events with potential impact on senior leadership, staff, business assets, reputation, and facilities
  • This role assists in conducting video patrols, monitoring security camera feeds, and investigating security alarms
  • The Specialist contributes to the analysis of security incidents and the monitoring of open-source media for security-related events
  • They provide support in executing security policies, maintaining physical security systems, and communicating significant matters to the management team
  • Assigned shifts are subject to change to meet the operational needs of the SOC
  • Assists in monitoring internal and external security events to identify potential threats and vulnerabilities
  • Contributes to the analysis of security incidents, reviewing findings, and identifying patterns or trends
  • Supports the monitoring of open-source media for security-related events and potential impacts
  • Provides timely and accurate information to support the protection of people, assets/intellectual property, and facilities
  • Follows security policies and procedures to ensure compliance and contribute to process improvement
What we offer
What we offer
  • Medical, dental, vision, basic life, AD&D, and disability insurance
  • Enrollment in our company’s 401 (k) or Supplemental Income Plan, subject to eligibility requirements
  • Eight paid holidays annually, five sick days, and four personal day
  • 40 hours of vacation after one year of employment at eligible work assignments
  • Fulltime
Read More
Arrow Right

Senior Consultant - CRM (Proactive Services) Unit 42

As a Senior Consultant in Unit 42 you will have the opportunity to work across a...
Location
Location
South Korea , Seoul
Salary
Salary:
Not provided
paloaltonetworks.com Logo
Palo Alto Networks
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 3+ years of consulting experience in SOC, security engineering, SIEM administration, and incident management and demonstrated success with serving large, multinational organisations in designing and implementing an organisation's security operations program, organisational structures, and capabilities
  • Possess a deep technical knowledge in Security Incident and Event Management (SIEM) platforms, Security Orchestration and Response (SOAR) technologies, Endpoint Protection and Response/Next Gen Protection and Response (EDR/XDR) tools, Next GenFirewalls, Threat Intelligence and Hunting platforms
  • Defensive Security Skills (desired)
  • Experience in security operations design, engineering and/or analysis and investigations, ideally in complex environments, with security event correlations across a variety of sources i.e. cloud, network, endpoint, logs
  • Ability to perform detailed assessments, identify areas for improvement and make recommendations to transform an organisation's cyber security operations and capabilities to better protect, detect and rapidly respond to modern threats
  • Demonstrated experience in improving an organisations security operations capabilities such as improvements in asset visibility, threat detection capabilities, automation techniques, case management, enablement of compliance and regulatory requirements
  • Experience in conducting threat hunting and/or compromise assessments to identify active or dormant indicators of compromise (IoCs) or evidence of unknown threats within an organisations digital environment
  • Relevant industry certifications including GIAC Defensible Security Architect (GDSA), GIAC Intrusion Analyst (GCIA), GIAC Continuous Monitoring (GMON), CISSP
  • Understanding of cyber risk frameworks or industry standards such as 800-53, ISO 27001/2, PCI, CIS 18, CMMC
  • 3+ years of experience performing cloud security advisement and risk assessments based upon industry-accepted standards
Job Responsibility
Job Responsibility
  • SOC Advisory
  • Principal Cloud Security
  • Principal Cyber Risk Management
Read More
Arrow Right

Security Technical Services Systems Integration Specialist

Make an impact with NTT DATA Join a company that is pushing the boundaries of wh...
Location
Location
Slovakia
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Seasoned understanding and appreciation of technical design and business principles
  • Seasoned project fundamental and administration ability
  • Seasoned project skills which are demonstrated in the execution of installations and other assignments
  • Excellent customer engagement skills
  • Demonstrate relevant domain specialist knowledge
  • Excellent verbal communication skills
  • Client focused and displays a proactive approach to solving problems
  • Ability to work under pressure
  • Ability to coach, mentor and provide guidance to team members
  • Seasoned knowledge on security concepts and application of those concepts
Job Responsibility
Job Responsibility
  • Interacts with clients on site and remote to meet complex requirements of a solution
  • Escalates unresolved problems and issues to the relevant third parties
  • Responds to escalated client requests
  • Escalates complex problems to the relevant third parties
  • Writes reports and proposals and completes and maintains project documentation
  • Assists with the documentation of standard operating procedures relating to installations and fixes
  • Acts as coach and mentor to more junior Implementation Engineers and Technicians
  • Assumes responsibility for the coordination of the activities of the junior Engineers, in line with performance targets
  • Included in higher complexity design work, with input to the design expected
  • Expected to take ownership of relevant technologies according to domain or specialization
  • Fulltime
Read More
Arrow Right