Security Incident Responder (FSI, Contract)

Cyber Security Incident Responder

Company: Global Bank (1-year renewable contract)

Function: IT Production Security / SOC

About the Team

We are looking for a Cybersecurity Subject Matter Expert (SME) specializing in Security Incident Response, Detection Engineering, and Security Investigation to join the SOC and Incident Response team.

Role Overview

Role: Security Incident Response (Detection Engineering & Investigation)

This role is critical in strengthening regional and global detection capabilities, improving SOC maturity, and responding to cybersecurity incidents in a complex global banking environment.

Key Responsibilities

Primary Responsibilities

• Strengthen security detection capabilities and contribute to the global security use‑case development program
• Design, implement, and enrich security detection use cases based on real‑world attack scenarios and frameworks such as MITRE ATT&CK
• Enhance SIEM and SOAR capabilities to improve detection, automation, and response efficiency
• Act as a technical reference for Security Incident Response, Anti‑Malware/Defense, and Detection Engineering
• Oversee detection operations for the 24/7 regional IT Production SOC
• Perform threat hunting, R&D, and continuous improvement of detection coverage
• Respond to cybersecurity incidents, assess severity and impact, and coordinate remediation efforts
• Identify recurring security risks and propose mitigation strategies and process improvements
• Continuously improve SOC frameworks through policy reviews and operational playbooks
• Partner with global, regional, and local stakeholders to ensure detection readiness and effective response

Contributing Responsibilities

• Collaborate closely with the Business CSIRT to enable integrated monitoring and incident handling
• Support local security incident response activities beyond direct scope when required
• Contribute to regulatory compliance and adherence to internal security policies
• Ensure timely and accurate incident reporting through the Incident Management System
• Support control frameworks, control plans, and audit activities, including evidence preparation

Required Skills & Experience

Technical Skills

• 7+ years of experience as a cybersecurity professional
• Strong experience in security use‑case design and development, with working knowledge of Java
• Solid Linux expertise (RedHat / Ubuntu)
• Ability to translate logs and telemetry into actionable threat models
• Strong SecOps / DevOps mindset
• Hands‑on experience with Security Incident Response, threat hunting and investigation, and SIEM platforms and Security Incident Management
• Comfortable working with large datasets and driving automation in detection and response workflows

Qualifications & Certifications

• 7+ years of overall cybersecurity incident response experience
• 4+ years focused on security detection use‑case design, development, and coding
• Experience with ELK Stack (Elasticsearch, Logstash, Kibana) is a strong plus
• Proficiency in scripting languages such as Python, PowerShell, Bash, or SQL is a plus
• Industry certifications such as SANS, CISSP, or OSCP are advantageous

Argyll Scott Asia is acting as an Employment Business in relation to this vacancy.