IT Security Specialist

QCP Large volume trading in volatile markets requires personalised solutions, round-the-clock support and unparalleled execution. Established in 2017, QCP is one of the first digital asset trading firms in Singapore, with a vision to partner the next generation of investors to unlock institutional opportunities in digital assets. QCP brings to clients deep expertise gained from thriving through multiple market cycles. A global market maker in digital asset derivatives with a vast network of liquidity providers and counterparties, we are shaping the future of digital asset markets through greater access and efficiency. We offer a range of tailored derivatives and spot trading as well as structured solutions to institutional, professional and accredited investors. We also provide 24/7 liquidity across various markets in partnership with various exchanges and platforms. QCP is headquartered in Singapore and is supported by a strong team of professionals in trading, business development, operations, risk and compliance teams. Responsibilities Continuously monitor SIEM systems, SOAR, EDR, and threat intelligence platforms to detect and respond to threats. Oversee and respond to the incident, collaborating with DFIR teams and stakeholders to ensure thorough analysis, remediation, and enhanced forensic capabilities. Lead the vulnerability management programme, conducting regular Vulnerability Assessments and Penetration Testing (VAPT) to ensure compliance and risk mitigation. Manage and optimise security tools, including EDR, NDR, and monitoring tools, to improve detection and response capabilities. Develop, maintain, and operate Standard Operating Procedures (SOPs), runbooks, and playbooks to standardise and streamline incident response and security operations. Conduct in-depth analyses of security threats, attack vectors, vulnerabilities, and Tactics, Techniques, and Procedures (TTPs), including OSINT and Indicators of Compromise (IoCs). Prepare and present data-driven reports on threat trends and vulnerability insights to stakeholders, aiding informed decision-making. Drive continuous improvement in security operations, fostering a culture of innovation and ongoing professional development within the team. Manage project priorities, deadlines, and deliverables, alongside ad-hoc duties. Requirements Degree in Information Systems, Computer Science, Cybersecurity, or a related field. Certifications such as CISSP, CISM, CEH, or GIAC are desirable. Minimum of 3 years’ experience in IT security operations, incident analysis, DFIR coordination, and vulnerability management. Demonstrated experience in incident handling, threat intelligence, vulnerability management, and VAPT; relevant certifications preferred. Proficiency in SIEM, EDR, NDR, traffic and packet analysis, and OSINT-based threat hunting. Strong technical knowledge of Windows Server, Linux, Windows 10/11, macOS, iOS, and cloud infrastructure (AWS and Azure). Hands-on experience with networking, wireless technology, network access control, Secure Web Gateway (SWG), DLP, and firewalls. Familiarity with IDS and IPS systems, RADIUS, and TACACS protocols. Knowledge of industry standards and information security policies. Skilled in gap analysis, process automation, and regulatory compliance. Ability to document incidents, prepare reports, and communicate complex security issues to both technical and non-technical stakeholders. Proven ability to lead initiatives, drive change, and address complex threats under pressure. Knowledge of Python, Bash, or other scripting languages for automation in security testing is advantageous. The Environment We Offer As a growing firm with a tightly-knit team, we respect and listen to all our employees. You will get the chance to make an impact by having your voice heard by everyone, including the management. Our employees enjoy a high level of autonomy at work. We focus on substance, not form - as long as you can perform, you will be recognized and rewarded. We are also dedicated to supporting our staff and ensuring they develop holistically to maximize their potential in the long-term. We also provide flexible working arrangements as required and a casual and fun environment to boot!#J-18808-Ljbffr