SOC Insider Threat Analyst Job at Citi (Singapore)

SOC Insider Threat Lead Analyst

SOC Insider Threat Lead Analyst position at Citi, responsible for monitoring, re...

Location

Singapore , Singapore

Salary:

Not provided

Citi

Expiration Date

Until further notice

Requirements

6+ years working in the security & operations fields
Bachelor's degree or higher (Computer Science or Cybersecurity preferred) or equivalent work experience
Excellent knowledge of network security, TCP/IP, various operating systems (Windows/UNIX), and web technologies
Ability to read and understand packet level data
Experience with user behavior analytics, DLP, IDS/IPS, firewalls, and host security products (HIPS, AV, EDR, etc)
Certifications from EC-Council, GIAC, or (ISC)² are preferred [CISSP, C|EH, GCIA, CCNA]
Good communication skills with the ability to articulate clearly in high stress situations
Skills and proficiency with MS PowerPoint, Excel, Access or other analytical tools

Job Responsibility

Perform monitoring, research, assessment and analysis on alerts from various security tools
Recommend and review new use cases for insider threat monitoring
Follow pre-defined actions to investigate security incidents or perform incident response actions
Execute daily ad hoc tasks or lead projects as needed
Participate in or lead daily and ad-hoc conference calls
Create, update or provide process documentation, or provide requested evidence for compliance & controls requests

Fulltime

SOC Insider Threat Lead Analyst

The analyst will perform monitoring, research, assessment and analysis on alerts...

Location

Singapore , Singapore

Salary:

Not provided

Citi

Expiration Date

Until further notice

Requirements

6+ years working in the security & operations fields
Bachelor’s degree or higher (Computer Science or Cybersecurity preferred) or equivalent work experience
Excellent knowledge of network security, TCP/IP, various operating systems (Windows/UNIX), and web technologies (focusing on Internet security)
Ability to read and understand packet level data
Experience with user behavior analytics, DLP, IDS/IPS, firewalls, and host security products (HIPS, AV, EDR, etc)
Good communication skills with the ability to articulate clearly in high stress situations
Work independently and are self-directed
Detail oriented and perseverant individual
Positive attitude with the drive to get the work done
Self-starter with good problem solving skills, and you continuously look for ways to improve things

Job Responsibility

Perform monitoring, research, assessment and analysis on alerts from various security tools, including firewalls, antivirus systems, user behavior analytics tools, proxy devices and SIEM tools
Recommend and review new use cases for insider threat monitoring
Follow pre-defined actions to investigate security incidents or perform incident response actions, including escalating to other support groups
Execute daily ad hoc tasks or lead projects as needed
Participate in or lead daily and ad-hoc conference calls
Create, update or provide process documentation, or provide requested evidence for compliance & controls requests

Fulltime

Director - Cyber Incident Response

The Cyber Incident Response Director will play a key role in building and leadin...

Location

India , Pune

Salary:

Not provided

Cencora

Expiration Date

February 28, 2026

Requirements

Bachelor’s degree in Computer Science, Cybersecurity, Information Technology, or a related discipline required
Master’s degree preferred
10–15 years of progressive experience in cybersecurity
at least 5 years focused on SOC operations or incident response
Minimum of 5 years in a people management role, leading incident response or SOC analyst teams
Hands-on experience with SIEM, EDR, SOAR, and forensic tools (e.g., Splunk, CrowdStrike, Microsoft Defender, etc)
Proven experience responding to advanced threats, ransomware, phishing campaigns, and insider incidents
Demonstrated success in building or scaling SOC teams in a global enterprise environment
Strong communication skills, with the ability to brief technical and non-technical stakeholders during incidents
Strong knowledge of incident response methodology, SOC operations, and security frameworks (e.g., NIST, MITRE ATT&CK)

Job Responsibility

Build, lead and manage the SOC team in Pune, including hiring, training, mentoring, and performance management of analysts and responders
Oversee daily incident detection, analysis, containment, eradication, and recovery efforts
Serve as the escalation point for high-priority or complex cyber incidents, ensuring timely response and communication to global stakeholders
Develop and maintain incident response playbooks, runbooks, and standard operating procedures
Partner with global SOC teams to align processes, technology, and reporting standards
Collaborate with threat intelligence, vulnerability management, forensics, and insider threat teams to drive a unified defense strategy
Manage relationships with key stakeholders in IT, Legal, Compliance, and Corporate Security during incident investigations
Provide executive-level reporting and updates on incident trends, SOC performance metrics, and operational risks
Ensure incident response activities comply with global regulatory and organizational requirements
Drive continuous improvement of detection rules, automation, and response workflows in the SOC

Fulltime

Senior Detection Engineer

This is a detection engineering role that leverages knowledge of monitoring, ana...

Location

Singapore , Singapore

Salary:

Not provided

Marriott Bonvoy

Expiration Date

Until further notice

Requirements

Bachelor’s degree in Computer Sciences or related field or equivalent experience/certification
3+ years of collective experience in Splunk SIEM (Splunk Enterprise Security) threat detection use case development or UEBA (Exabeam) use case development for insider threat use case development
5+ years of experience in security functions such as SOC, CIRT, security engineering, risk management, vulnerability management or technical infrastructure operations, administration, or systems engineering
scripting or programming language, including Python
Current information security certification such as Certified Information Security Manager (CISM), Certified Information Systems Security Professional (CISSP) preferred
offensive and defensive security certifications such as CEH, IGAC Cyber Defense, OSCP or other related certifications preferred
Splunk Certification, including Splunk Enterprise Security Certified Admin preferred
use case development experience on the Exabeam platform preferred
working knowledge of the NIST Cyber Security Framework and ISO/IEC 27001:2022 preferred
working knowledge of the MITRE ATT&CK Framework preferred

Job Responsibility

Lead collaboration sessions within the cyber security tower and other business units to devise security monitoring use cases
engage and collaborate with other security engineers and architects as needed to keep pace with the evolution of corporate infrastructure and applications and share that knowledge with peers as appropriate
document prospective security monitoring use cases with MITRE ATT&ACK mappings using standard templates and methodologies
inform and consult other cyber ops teams of required data onboarding and integrations for use case development
develop analytics, correlation searches, dashboards, reports and alerts within the SIEM and UEBA platforms
solicit feedback for pre-production security monitoring content through peer review process and user acceptance testing for tuning
document developed security monitoring content in a documentation registry using department standard templates and methodologies
manage field mapping and transmission of security monitoring alerts to the security incident response platform for SOC analyst consumption as outlined in process documentation
provide governance support for the content development function entailing content development standards compliance, change management approvals for SIEM or UEBA content, and lifecycle management of developed security monitoring content
service operational requests in queue such as analytics content performance tuning, filtering, search refinement, parsing issues

Fulltime

Engineer III - Cyber Incident Response

The Engineer III, Cyber Incident Response, is a senior technical role within the...

Location

United States , Conshohocken; Remote

Salary:

Not provided

Cencora

Expiration Date

March 23, 2026

Requirements

Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or equivalent work experience
Master’s degree preferred
Strong knowledge of incident response methodologies, digital forensics, and adversary tactics
Familiarity with security frameworks such as NIST, MITRE ATT&CK, and ISO 27035
5–7 years of progressive experience in cybersecurity, with at least 3 years in incident response or SOC operations
Hands-on experience with SIEM, EDR, SOAR, and forensic tools (e.g., Splunk, CrowdStrike, EnCase, Wireshark)
Proven ability to investigate advanced threats and coordinate response activities across teams
Demonstrated success in mentoring junior analysts and improving SOC processes
Strong written and verbal communication skills with the ability to document and present technical findings clearly

Job Responsibility

Lead the investigation and resolution of complex security incidents, including advanced persistent threats, ransomware, phishing campaigns, and insider activities
Perform forensic analysis across endpoints, networks, and cloud environments to identify root causes and scope of compromise
Develop and enhance incident response playbooks, runbooks, and detection use cases
Collaborate with threat intelligence, vulnerability management, and countermeasures teams to strengthen defenses
Escalate high-severity incidents to senior leadership and provide clear, actionable reporting
Act as a technical escalation point for Engineer I/II analysts during incident investigations
Contribute to red team and purple team exercises to validate and improve response capabilities
Participate in after-action reviews and lessons-learned sessions to improve SOC processes
Mentor and train junior engineers on incident response best practices and investigative techniques

What we offer

medical
dental
vision care
comprehensive suite of benefits focusing on physical, emotional, financial, and social aspects of wellness
support for working families
backup dependent care
adoption assistance
infertility coverage
family building support
behavioral health solutions

Fulltime

NIRT SOC Analyst - Junior to Mid Level

We're looking for a Security Operations Analyst to join the National Incident Re...

Location

United States

Salary:

Not provided

MMC Group LP

Expiration Date

Until further notice

Requirements

Bachelor's degree in Computer Science, Cybersecurity, or a related field (preferred), or equivalent hands-on experience (0-2 years post-degree or 6-8 years total without degree)
Must be a U.S. Citizen able to obtain and maintain a Public Trust or higher-level security clearance
Familiarity with TCP/IP, network packet analysis, and common network protocols
Understanding of core IT infrastructure concepts: firewalls, IDS/IPS, endpoint protection, operating systems, databases, and encryption technologies
Proficiency with SIEM tools and log aggregation systems for real-time event monitoring
Analytical ability to identify anomalies across large, diverse datasets
Knowledge of contemporary cyber threats, attacker methodologies, and digital forensics fundamentals
Strong written and verbal communication for documenting findings and collaborating with technical peers
Ability to work independently while maintaining situational awareness within a team setting
Curiosity and drive to continually research and adapt to evolving security challenges

Job Responsibility

Monitor and analyze system logs, network data, and alerts to detect potential security incidents
Perform event triage and escalation, ensuring prompt attention to high-risk or anomalous activity
Investigate suspicious behaviors using multiple monitoring platforms and data sources
Assess data sets, structured and unstructured, to detect emerging patterns, trends, or indicators of compromise
Utilize SIEM and analytics tools to correlate data from various systems and enhance situational awareness
Provide timely and detailed documentation of incidents, observations, and resolutions
Participate in root-cause analysis to improve defenses and reduce recurring threats
Collaborate with internal response teams to coordinate containment and remediation actions
Research current security trends, attacker tactics, and emerging threat vectors to stay ahead of the evolving landscape
Respond to diverse threat types, including malware infections, phishing attempts, insider risk, denial-of-service attacks, and data exfiltration efforts

What we offer

Medical, dental, and vision coverage
Life and disability insurance
Additional voluntary benefits

New

Principal Applied Scientist, Experimentation Platform - CoreAI

CoreAI sits at the center of Microsoft’s mission to redefine how software is bui...

Location

United States , Redmond

Salary:

139900.00 - 274800.00 USD / Year

Microsoft Corporation

Expiration Date

Until further notice

Requirements

Bachelor's Degree in Statistics, Econometrics, Computer Science, Electrical or Computer Engineering, or related field AND 6+ years related experience (e.g., statistics, predictive analytics, research)
OR Master's Degree in Statistics, Econometrics, Computer Science, Electrical or Computer Engineering, or related field AND 4+ years related experience
OR Doctorate in Statistics, Econometrics, Computer Science, Electrical or Computer Engineering, or related field AND 3+ years related experience
OR equivalent experience
Ability to meet Microsoft, customer and/or government security screening requirements
Microsoft Cloud Background Check

Job Responsibility

Collaborate with and bridge the gaps between researchers (e.g., across CoreAI, Microsoft Research [MSR] and open source communities) to translate applied research into differentiated, production-quality features
Provide technical guidance and deep industry insight, advising cross-functional teams on the adoption of cutting-edge AI tools, technologies, and methodologies to ensure successful experimentation programs and uphold the highest standards of quality and scientific rigor
Ensure teams develop and apply advanced subject matter expertise across a diverse set of specialized tools and methods, driving measurable business outcomes and elevating the scope and impact of Microsoft’s experimentation initiatives
Interface with experimentation partners across Microsoft to translate requirements into platform capabilities and lower barriers requiring advanced subject matter expertise
Provide mentorship and coaching to less experienced and mid-level team members by sharing expertise to build team capabilities and guiding team members in projects, and their careers

Fulltime

New

Assistant Controller

Amanda Warren with Robert Half is looking for a dedicated Assistant Controller t...

Location

United States , Sacramento

Salary:

Not provided

Robert Half

Expiration Date

Until further notice

Requirements

Minimum of 7–10 years of progressive accounting experience
3–5 years in construction accounting preferred
Proven supervisory experience managing accounting teams
Expertise in job cost analysis, revenue recognition, and cost allocation
Proficiency with Sage accounting software and advanced Excel skills
Strong documentation skills for creating and maintaining accounting procedures
Familiarity with industry-specific standards, including DCAA compliance
Bachelor’s degree in Accounting or a related field is required
a Master’s degree or CPA certification is preferred
Ability to adapt to changing priorities while maintaining a high level of accuracy and accountability

Job Responsibility

Manage daily accounting operations, including Accounts Payable, Accounts Receivable, Payroll, and general ledger activities
Ensure the accuracy of financial data, including job cost analysis, revenue recognition, and cost allocation
Oversee monthly and year-end close processes to ensure timely and accurate reporting
Develop and maintain Standard Operating Procedures to streamline accounting workflows
Lead efforts to improve internal controls and identify opportunities for increased efficiency
Mentor and support accounting staff, fostering attention to detail and ensuring team alignment
Review and approve account reconciliations to guarantee financial integrity
Collaborate with the Financial Controller in auditing processes and preparing financial statements
Utilize construction accounting knowledge to address industry-specific challenges and requirements
Drive process consistency across all accounting functions to enhance operational performance

What we offer

medical
vision
dental
life and disability insurance
401(k) plan

SOC Insider Threat Analyst

Citi

Location:
Singapore , Singapore

Category:
IT - Administration

Contract Type:
Not provided

Salary:

Job Description:

Job Responsibility:

Requirements:

Nice to have:

Additional Information:

Job Posted:
January 06, 2026

Looking for more opportunities? Search for other job offers that match your skills and interests.

Similar Jobs for SOC Insider Threat Analyst

SOC Insider Threat Lead Analyst

SOC Insider Threat Lead Analyst

Director - Cyber Incident Response

Senior Detection Engineer

Engineer III - Cyber Incident Response

NIRT SOC Analyst - Junior to Mid Level

Principal Applied Scientist, Experimentation Platform - CoreAI

Assistant Controller

SOC Insider Threat Analyst

Citi

Location:Singapore , Singapore

Category:IT - Administration

Contract Type:Not provided

Salary:

Job Description:

Job Responsibility:

Requirements:

Nice to have:

Additional Information:

Job Posted:January 06, 2026

Looking for more opportunities? Search for other job offers that match your skills and interests.

Similar Jobs for SOC Insider Threat Analyst

SOC Insider Threat Lead Analyst

SOC Insider Threat Lead Analyst

Director - Cyber Incident Response

Senior Detection Engineer

Engineer III - Cyber Incident Response

NIRT SOC Analyst - Junior to Mid Level

Principal Applied Scientist, Experimentation Platform - CoreAI

Assistant Controller

Location:
Singapore , Singapore

Category:
IT - Administration

Contract Type:
Not provided

Job Posted:
January 06, 2026