Cybersecurity Incident Response (IR) Consultant

About the Role

We are seeking an experienced Cybersecurity Incident Response (IR) Consultant with a proven track record of leading complex incident investigations and managing cyber threats in enterprise environments. The ideal candidate will have at least 7 years of experience in incident detection, containment, eradication, and post-incident reporting, with a deep understanding of threat intelligence, malware analysis, and digital forensics.

This role will be key in helping clients strengthen their cyber resilience, minimize risk exposure, and respond effectively to advanced cyber threats.

• Incident Handling & Response: Lead the full incident response lifecycle - detection, triage, containment, eradication, recovery, and lessons learned.
• Threat Hunting: Conduct proactive threat hunting and identify potential indicators of compromise (IOCs).
• Forensics & Analysis: Perform root cause analysis, malware reverse engineering (where required), and log correlation to determine attack vectors.
• Playbook Development: Design, implement, and enhance IR playbooks, workflows, and standard operating procedures.
• Advisory & Consulting: Act as a trusted advisor to clients, providing recommendations to improve security posture and reduce dwell time.
• Collaboration: Work closely with SOC analysts, threat intelligence teams, and IT stakeholders to coordinate effective response actions.
• Reporting & Communication: Prepare detailed incident reports and deliver executive-level presentations for stakeholders and regulators.
• Continuous Improvement: Stay up to date with emerging threats, TTPs (Tactics, Techniques, Procedures), and security technologies.

• Experience: Minimum 7 years of experience in Cybersecurity with a focus on Incident Response, Digital Forensics, or SOC operations.
• Technical Skills:
• Strong knowledge of SIEM tools (e.g., Splunk, QRadar, Sentinel) and EDR solutions (e.g., CrowdStrike, Carbon Black).
• Hands-on experience with incident response tools (Volatility, Mandiant Redline, Wireshark, etc.).
• Understanding of MITRE ATT&CK framework, threat intelligence feeds, and adversary simulation.
• Proficiency in analyzing logs, network traffic, and system artifacts.
• Certifications: CISSP, GCIH, GCFA, GCIA, or equivalent industry certifications preferred.
• Soft Skills: Excellent communication, documentation, and stakeholder management skills. Ability to remain calm under pressure.
• Location: Must be based in Singapore and willing to support on-call/after-hours incident escalations if needed.