Cyber Security Incident Response Analyst:

This is a hybrid position working 3 to 4 days from the office in Singapore and the remaining 1 or 2 days working from home.

This position is offered on a rolling 12 month contract basis.

We're CyberOwl, a dynamic cyber security company that operates globally with colleagues based in the UK, Greece, Singapore, Malaysia, Poland and the Philippines. CyberOwl helps maritime and CNI asset operators gain visibility, cybersecurity, and compliance of systems on their distributed, remote assets. We work with ship owners and managers where our technologies provide near-real-time visibility of the onboard IT and OT assets and their communication patterns, raises early warning of cyber-attacks, suspicious behaviours and monitors for non-compliance. We complement this with a managed service (SOC) and specific cybersecurity advisory services to further support the asset operator. We were recently acquired by DNV, further enhancing our ability to service our maritime customers.

Our team is 60+ Owls strong and always growing. We’re experiencing another significant growth phase and a move towards scaling our services and operations. We’re recognised as market innovators - we have a bias for action, and our team prides itself on their ability to plan, execute, and iterate at a rapid pace. We value the ability to challenge each other, hold each other to account, develop each other personally and professionally, and celebrate each other’s successes.

Our culture is at the heart of everything that we do and we live by our values; BE OWLS. We celebrate diversity with 13 nationalities, 17 languages, many more dialects, and lots of owls. We are spread across 2 continents and 6 countries.

The Role:

We’re continuing to grow our Security Operations (SOC) team due to increasing customer demand. We now seek a Cyber Security Incident Response Analyst who will work closely with CyberOwl’s internal SOC and our external customers own IT team. You’ll be managing alerts raised through our proprietary Medulla platform and carrying out appropriate remedial actions within the customers IT infrastructure.

What You Will Do:

• Manage and validate alerts generated by CyberOwl’s Medulla platform.
• Assess the scope, impact and severity of incidents.
• Document initial findings within the Medulla platform.
• Coordinate with stakeholders including ship crews and IT teams to limit or stop active threats.
• Utilise EDR tools to manage containment by disconnecting affected devices and blocking malicious IPs.
• Apply temporary security configurations to limit further incidents.
• Remove malicious malicious scripts and malware.
• Enhance cybersecurity posture by applying patches and implementing secure configuration changes.
• Liaise with the CyberOwl SOC to confirm that all remediation actions are completed.
• Ensure systems and devices are restored to the normal operating state.
• Maintain records in Medulla of all actions taken and outcomes.
• Contribute to incident response lessons learnt.
• Validate and confirm case closure.
• Provide clear guidance to technical and non technical stakeholders.

Person specification:

Essential attributes

• Experience of working within a SOC environment, specifically in incident response.
• Experience of working within an international multi disciplinary team
• Effective communication skills in written and spoken English. Mandarin and Japanese would be advantageous though not essential.
• Flexibility on working hours to engage with teams in Singapore and APAC
• Occasionally be available on call to attend to emergency incidents (this is not a 24/7 role)

Desirable attributes

• Based within commuting distance of Singapore CBD (central business district)
• Experience in maritime and or OT environments IT environments.
• Experience of working on call / emergency response.

Equality Diversity & Inclusion:

CyberOwl is an equal opportunities employer and welcomes applications from all suitably qualified persons, regardless of their race, sex, disability, religion/belief, sexual orientation, gender, marriage/civil partnerships, pregnancy, maternity, or age.

Applicants may request reasonable adjustments to facilitate their application and the selection process.

Data Protection:

When you apply for a job, the personal data contained in your application will be collected by CyberOwl Limited (“Controller”), which is registered at 5th Floor Vivo Building, 30 Stamford Street, London, England, SE1 9LQ and can be contacted by emailing [email protected]. Your personal data will be processed for the purposes of managing CyberOwl’s recruitment related activities, which include setting up and conducting interviews and tests for applicants, evaluating and assessing the results thereto, and as is otherwise needed in the recruitment and hiring processes. Such processing is legally permissible under Art. 6(1)(f) of Regulation (EU) 2016/679 (General Data Protection Regulation) as necessary for the purposes of the legitimate interests pursued by the Controller, which are the solicitation, evaluation, and selection of applicants for employment.

Your personal data will be retained by CyberOwl Limited for as long as CyberOwl determines it is necessary to evaluate your application for employment. Under the GDPR, you have the right to request access to your personal data, to request that your personal data be rectified or erased, and to request that processing of your personal data be restricted. You also have the right to data portability. In addition, you may lodge a complaint with an EU supervisory authority.

We regret that we are unable to reply to all job applications.

Fraud Warning:

Please be aware that CyberOwl will never request payment of any kind from applicants to secure employment. Any request for payments or financial information as part of the recruitment process should be considered fraudulent. This role is not being recruited through employment agencies.