Key Responsibilities
- Monitor open-source and restricted channels for relevant threats, vulnerabilities and indicators of compromise.
- Assess exposure and impact through vulnerability and configuration information.
- Analyse malware, phishing campaigns and network intrusions to identify threat actors’ tactics, techniques and procedures.
- Develop and maintain threat profiles on adversary groups, detailing their objectives, capabilities and methods of operations.
- Create and disseminate threat intelligence reports to internal stakeholders, including executive summaries suitable for non-technical audiences.
- Work closely with the cyber security incident response team to provide real-time analysis during active security incidents.
- Collaborate with external partners, industry groups and government agencies to share intelligence and best practices.
- Monitor external attack surface and security posture and work with asset owners to remediate the findings.
- External threat intelligence monitoring, including dark web intelligence for credential exposure and brand abuse, as well as continuous monitoring of threat intelligence, advisories, and public reporting related to third and fourth party vendors to identify emerging risks that may impact Income.
Qualifications
- Diploma or Bachelor’s degree in Computer Science, Information Technology, Information Security Management or a related field.
- 3-5 years of experience in cybersecurity, with a focus on threat intelligence, incident response, vulnerability management or a related area.
- CISSP, CISM, GCTI certified.
- Hands-on experience on threat intelligence platforms, EASM, SPM, SIEM and vulnerability assessment tools.
- Working knowledge on frameworks, best practices, industry standard scoring models such as MITRE, CIS, CVSS, EPSS.
- Strong written and verbal communication skills, including the ability to present complex technical information in a clear and concise manner.
- Proficiency in one or more programming languages (Python, PowerShell, etc) is a plus.
Skills Required
- Diploma or Bachelor's degree in Computer Science, Information Technology, Information Security Management or a related field
- 3-5 years of experience in cybersecurity, focusing on threat intelligence, incident response, or vulnerability management
- CISSP, CISM, GCTI certified
- Hands-on experience with threat intelligence platforms, EASM, SPM, SIEM and vulnerability assessment tools
- Working knowledge of frameworks such as MITRE, CIS, CVSS, EPSS
- Strong written and verbal communication skills
- Proficiency in one or more programming languages such as Python or PowerShell
What We Do
Income Insurance Limited (Income Insurance) is one of the leading composite insurers in Singapore, offering life, health and general insurance. Established in Singapore to plug a social need for insurance in 1970, Income Insurance continues to put people first by serving the protection, savings and investment needs of individuals, families and businesses today. Its lifestyle-centric and data-driven approach to insurance and financial planning puts the company at the forefront of innovative solutions that empowers the people it serves with better financial well-being. Additionally, Income Insurance is committed to being a responsible business that champions the environment and builds stronger communities by supporting financial inclusion, education for youth-in-need and seniors’ well-being. For more information, please visit www.income.com.sg
