Incident Response Engineer (Cybersecurity)

TL;DR

Incident Response Engineer (Cybersecurity): Refines security processes and leads critical incidents, focusing on threat detection, cyber-attack analysis, containment, and forensics. Focus on building scalable response frameworks leveraging tooling, automation, custom log analysis, and SIEM systems in collaboration with IT, Engineering, Product, and Legal teams.

Location: Singapore

Company

hirify.global runs one of the world’s largest networks that powers millions of websites and other Internet properties.

What you will do

• Oversee security event triage, validation, and response workflows, ensuring timely investigation of high-priority alerts and security anomalies.
• Lead forensic investigations into intrusions, insider threats, APTs, and account compromises.
• Optimize SIEM queries, log ingestion pipelines, and case management systems to improve threat visibility.
• Provide requirements for automated solutions to enhance investigation efficiency.
• Perform disk, memory, and network forensics to uncover hidden indicators of compromise (IOCs) and attacker behaviors.

Requirements

• 1+ years of experience in incident response, security operations, and forensic analysis
• Willingness to lead crisis situations, make data-driven security decisions, and drive technical and operational improvements.
• Knowledge of incident management, root cause analysis, and forensic investigation methodologies.
• Hands-on experience with SIEM (SQL, ELK, etc), SOAR, and EDR (CrowdStrike,) for real-time security monitoring and response.
• Understanding of threat intelligence, attacker tactics (MITRE ATT&CK), and real-world attack chains.

Nice to have

• Experience in security operations, ensuring effective escalation, resolution, and business alignment.
• Certifications: GCFA, GNFA, GREM, GCIH, or equivalent forensic/security certifications.
• Familiarity with SOAR platforms and security case management automation.
• Understanding of cloud-native security monitoring (AWS, GCP, Azure).
• Knowledge of cloud security (AWS, GCP, Azure) and containerized workloads (Kubernetes, Docker) security incident handling.

Culture & Benefits

• Protecting the free and open Internet.
• Equipping journalism and civil society organizations with tools to defend themselves against attacks.
• Ensuring state and local governments have the highest level of protection and reliability.
• Building a faster, more secure and privacy-centric public DNS resolver.