Senior Cyber Security Incident Response (L2&L3)

We are seeking a Senior Cybersecurity Incident Responder to join our team on a long-term engagement. The successful candidate will play a key role in incident triage, response, and investigation, operating at Level 2 to Level 3 (L2–L3) within the Security Operations Center (SOC).

• This is a 12-month extendable contract with strong potential for renewal based on performance as the project is on a long-term basis.

This position is ideal for an experienced security analyst with strong technical skills and hands-on experience using CrowdStrike, conducting log analysis, and managing real-world incident investigations.

Key Responsibilities

• Perform advanced incident triage, response and investigation of security alerts from various sources
• Lead or support L2–L3 incident response efforts, including containment, eradication, and recovery
• Analyze logs from firewalls, intrusion prevention systems (IPS), proxies, and other security platforms
• Use CrowdStrike EDR to identify and respond to threats across endpoints
• Collaborate with SOC, threat intel, and infrastructure teams for coordinated response
• Document findings and create incident reports, timelines, and root cause analysis
• Contribute to playbook updates and process improvements based on lessons learned
• Participate in threat hunting and detection rule tuning as needed

Requirements

• 4–6+ years of experience in Cybersecurity Incident Response / SOC operations
• Experience in advanced incident triage, response and investigation of security alerts from various sources
• Hands-on experience with:
  • CrowdStrike or similar EDR platforms
  • Log analysis from firewall, IPS, proxy, and endpoint systems
  • SIEM tools for alert triage and investigation
• Deep understanding of attack vectors, malware behavior, and threat actor TTPs (MITRE ATT&CK)
• Familiarity with incident management frameworks (e.g., NIST, SANS)
• Excellent analytical, documentation, and communication skills
• Ability to work independently and under pressure in fast-paced environments
• Relevant certifications a plus: GCIH, GCFA, CEH, or equivalent

Argyll Scott Consulting Pte Ltd

Argyll Scott Asia is acting as an Employment Business in relation to this vacancy.