Junior Incident Responder, Singapore

Job Description

Company: Blackpanda

Location: SG

About Blackpanda
Blackpanda is a Lloyd’s of London–accredited insurance coverholder and Asia’s leading local cyber incident response firm, delivering end-to-end digital emergency support across the region. We are pioneering the A2I (Assurance-to-Insurance) model in cybersecurity — uniting preparation, response, and insurance into a seamless pathway that minimizes financial and operational impact from cyber attack.

Through expert consulting services, response assurance subscriptions, and innovative cyber insurance, we help organisations get ready, respond, and recover from cyber attacks — all delivered by local specialists working in concert. Our mission is clear: to bring complete cyber peace of mind to every organisation in Asia, from the first moment of breach through full recovery and beyond.

How We Work Blackpanda is a tech-enabled services team. We invest heavily in AI and are constantly pushing to do better, faster, and at scale. You are given freedom to use the approved tools in the team, but you are to take ownership of outcomes.

We prefer smart work over hard work, welcome good ideas regardless of where they come from, and have deliberately kept red tape out of the way of innovation. If you want to join a team building the best response practice in Asia — and shaping the tools and methods that get us there — you’ll be in good company.

A note on levelling
This posting reflects a single role title; however, we hire across a range of seniority levels from this brief. The final title, whether DFIR Analyst, DFIR Specialist, or an adjacent level, will be determined by the depth and breadth of cybersecurity and incident response capabilities demonstrated throughout the interview process. If your experience sits near the edge of these levels, we encourage you to apply regardless.

Your Mission: Junior Incident Responder
As a Junior Incident Responder, you will work alongside senior responders on live engagements — helping clients contain, investigate, and recover from real cyber attacks. This is a delivery-focused role: your job is to do the work, learn the craft, and grow into a fully fledged responder under direct mentorship.

We hire for attitude and aptitude. We don’t expect you to have seen everything yet — we expect you to be curious, coachable, and serious about building a career in incident response. The right candidate can demonstrate a genuine interest in IR through their experience, side projects, study, or community involvement, and shows up ready to learn fast in a real-world environment.

Core Responsibilities
Delivery Alongside Senior Responders

• Support senior consultants on active incidents — assisting with containment, evidence collection, forensic analysis, and reporting.

• Acquire and triage forensic artifacts across Windows, Linux, macOS, and cloud environments under the guidance of more experienced team members.

• Analyse logs, endpoint telemetry, network data, and malware artifacts, and contribute findings to investigation timelines.

• Use scripting (Python, Bash, or PowerShell) to assist with collection, parsing, and automation tasks where useful.

Client-Ready Professionalism

• Document findings clearly and accurately, contributing sections to client deliverables under senior review.

• Maintain a calm, professional posture in client-facing settings — even when the situation around you is anything but calm.

• Follow operational procedures, chain-of-custody requirements, and quality standards as taught and reinforced through mentorship.

Learning and Growth

• Take ownership of your own development — ask questions, study actively, and apply feedback quickly.

• Participate in instructor-led training, internal exercises, and on-the-job mentoring designed to accelerate your tradecraft.

• Contribute observations, ideas, and improvements back to the team — innovation is welcomed regardless of seniority.

Minimum Requirements

• 1+ year of experience in cybersecurity, IT, or an adjacent technical field (e.g. SOC analysis, sysadmin, helpdesk, network engineering, software engineering).

• Demonstrable, genuine interest in incident response — through study, side projects, CTFs, home labs, community involvement, or prior work.

• Working comfort with at least one of Windows, Linux, or macOS, and a willingness to become competent across all three.

• Basic scripting ability in Python, Bash, or PowerShell — enough to read and adapt scripts, with the appetite to grow further.

• Clear written and verbal English; able to take notes, write up findings, and communicate professionally with teammates and clients.

• Coachable, curious, and resilient — willing to be

Source: BeBee