Cyber Threat Analyst (L2)

Apply now »

Date: 30 Mar 2026

Location: Braddell, SG

Company: Network For Electronic Transfers (S)

BCS is NETS’ wholly owned subsidiary, and is an entity within the NETS Group. It manages and operates clearing and payment infrastructure for the Singapore Automated Clearing House, including Fast And Secure Transfers (FAST), Inter-bank GIRO (IBG), Cheque Truncation System (CTS), and provides services for PayNow and SGQR Central Repository.

Responsibilities:

  • Investigate alerts escalated from L1 and determine the scope, impact, and severity of potential security incidents.
  • Lead incident response activities, including containment, eradication, and recovery, following established playbooks and procedures.
  • Correlate logs and data from SIEM, EDR, network security tools, and cloud platforms to identify malicious activity and confirm incident root causes.
  • Assess threats, vulnerabilities, and exploits affecting the environment, and recommend timely mitigation steps.
  • Develop scripts or use automation tools to streamline investigation, enrichment, and reporting tasks.
  • Prepare clear and complete incident documentation, including timelines, supporting evidence, and post-incident findings.
  • Use threat intelligence to enrich investigations, map activity to MITRE ATT&CK, and identify potential threat actor tactics and techniques.
  • Perform targeted IOC based hunting in support of ongoing investigations or emerging threats.
  • Work closely with L1 and CSOC teams to provide guidance, escalate complex incidents, and continuously improve SOC processes.

 

Requirements:

Education and Experience

  • Degree or Diploma in Computer Science, Computer Engineering, Information Security, or related fields.
  • Minimum of 6 years of experience in a Security Operations Centre (SOC), Computer Emergency Response Team (CERT/CIRT), or similar incident response function.

Skills and Knowledge

  • Solid understanding of security incident investigation, including log analysis, event correlation, and root cause identification.
  • Good ability to assess the scope impact, and severity of incidents, and recommend appropriate containment and mitigation measures.
  • Hands-on experience responding to incidents such as phishing, malware infections, credential compromise, system misconfigurations, or suspicious network activity.
  • Good working knowledge of network protocols, system logs, Windows and Linux operating environments, and common attack techniques.
  • Basic scripting capability in languages such as Python, Bash or PowerShell are preferred.
  • Familiarity with industry frameworks and standards such as MITRE ATT&CK, Cyber Kill Chain, CVSS, and OWASP Top 10.
  • Experience working with SIEM, EDR, and SOAR platforms, and able to tune rules or write basic scripts to improve investigation workflows.
  • Ability to document investigations clearly and support evidence collection when required.
  • Able to work independently and collaboratively, especially in high-pressure situations.
  • Able to work 12-hour shift with shift patterns subject to changes due to operational and business requirements.

Banking Computer Services Pte Ltd (a subsidiary of Network for Electronic Transfers (Singapore) Pte Ltd)