We are looking for a Senior Security Threat Hunter to join our Critical Infrastructure Research team in Singapore.
This role focuses on proactive threat hunting, advanced investigations, and deep security analysis across highly sensitive and complex environments. You will work closely with research and security teams to identify emerging threats, investigate sophisticated incidents, and generate actionable insights to strengthen detection, response, and overall defensive posture.
Responsibilities
- Conduct proactive threat hunting across endpoint, network, identity, and cloud environments
- Investigate complex security events and incidents in production environments
- Analyze large-scale datasets to identify anomalies, attacker behavior, and meaningful findings
- Develop and improve detection methodologies and investigative approaches to enhance visibility and threat detection capabilities
- Research emerging threats, techniques, and trends, and apply insights in practice
- Build scripts and tooling to support automation and research efforts
- Collaborate with internal teams and external stakeholders to communicate findings and drive remediation, with a focus on improving detection coverage and defensive capabilities
Must Have
- 5+ years of hands-on experience in Threat Hunting, Threat Intelligence, or SOC roles – MUST
- Experience with SIEM, EDR, and security event investigation and conducting advanced threat hunting activities
- Strong analytical and problem-solving skills
- Experience investigating real-world security incidents
- Ability to write scripts for analysis or automation (Python / Bash or similar)
- Deep understanding of attacker techniques, threat landscapes, and adversary behavior across endpoint, identity, network, cloud, and application environments
- Excellent English communication skills (written and verbal)
Nice to Have
- Experience with detection engineering (Sigma rules, correlations, etc.)
- Familiarity with modern attacker techniques and threat landscapes
- Experience working with large-scale security datasets
- Experience with Threat Intelligence platforms
- Background in on-premise or complex enterprise environments
- Experience improving SOC maturity (SOC-CMM or similar frameworks)
