Job Description
Job Title:  Analyst, Threat Detection and Response
Job Location:  Inflight Catering Centre 1

About Us

SATS is Asia's leading provider of food solutions and gateway services. Using innovative food technologies and resilient supply chains, we create tasty, quality food in sustainable ways for airlines, foodservice chains, retailers and institutions. With heartfelt service and advanced technology, we connect people, businesses and communities seamlessly through our comprehensive gateway services for customers such as airlines, cruise lines, freight forwarders, postal services and eCommerce companies.

Fulfilling our purpose to feed and connect communities, SATS delights customers in over 55 locations and 14 countries across the Asia Pacific, UK, and the Middle East. SATS has been listed on the Singapore Exchange since May 2000. For more information, please visit www.sats.com.sg.

Job Description: 

About Us

Headquartered in Singapore, SATS Ltd. is one of the world’s largest providers of air cargo handling services and Asia’s leading airline caterer. SATS Gateway Services provides airfreight and ground handling services including passenger services, ramp and baggage handling, aviation security services, aircraft cleaning and aviation laundry. SATS Food Solutions serves airlines and institutions, and operates central kitchens with large-scale food production and distribution capabilities for a wide range of cuisines.

SATS is present in the Asia-Pacific, the Americas, Europe, the Middle East and Africa, powering an interconnected world of trade, travel and taste. Following the acquisition of Worldwide Flight Services (WFS) in 2023, the combined SATS and WFS network operates over 225 stations in 27 countries. These cover trade routes responsible for more than 50% of global air cargo volume. SATS has been listed on the Singapore Exchange since May 2000. For more information, please visit www.sats.com.sg

Why Join Us

At SATS, people are our greatest asset and we build our success on the knowledge, expertise and performance of every contributor, by embracing diversity and uniqueness. As part of our holistic approach and commitment to embracing FAM (Fulfilling, Appreciated, Meaningful) in the workplace, we offer the runway to develop Fulfilling careers that foster your career growth, recognising and Appreciating the strength of talent and capabilities that we continue to build internally; and inspiring and encouraging each other to make Meaningful contributions in the work we do at SATS.

Key Responsibilities

The Role

This position serves as a threat detection and response analyst with day to day focus on alert triage, detection, incident response, and threat hunting. The role supports a global organization with team members in North America, EMEA, and APAC regions. 
This role is designed for an analyst building foundational expertise in threat detection and incident response. The successful candidate will work under the guidance of senior team members, develop proficiency across the incident lifecycle, and progressively take on more complex investigations as their skillset grows. A strong foundation in IT, networking, or systems administration is ideal. 

Key Responsibilities
•    Investigate security alerts and events, triage to determine scope and severity, and escalate to senior analysts when appropriate
•    Support root cause analysis under senior analyst guidance, helping identify attack vectors and affected systems
•    Execute defined incident response actions under guidance, including initial containment steps, evidence preservation, and supporting eradication and recovery efforts
•    Coordinate with IT stakeholders, as directed, to support response actions and threat remediation
•    Participate in threat hunting operations across a global, distributed technology environment
•    Hunt for indicators of compromise and suspicious activity in logs, network traffic, and endpoint telemetry, using help refine hunting procedures and playbooks
•    Assist with tuning SIEM/EDR detection rules and thresholds, and help identify opportunities to automate repetitive response actions
•    Stay current on new vulnerabilities and adversary tactics relevant to ongoing investigations
•    Work closely with global TDR team members and collaborate with colleagues in other regions (e.g. joint investigations or hand-offs) to ensure seamless coverage and knowledge sharing
•    Document investigation steps, findings, and actions taken for each incident in a clear and concise manner, and contribute to incident reports and post-incident review meetings
•    Assist in developing and updating incident response playbooks, standard operating procedures, and knowledge base documentation. 

Key Requirements

  • Bachelor’s degree in Cybersecurity, Computer Science, Information Systems, or equivalent practical experience in IT or security operations
  • Certifications such as Security+, Network+, A+ or equivalent are a plus; willingness to pursue certifications is expected
  • 2-3 years of experience in one or more or the following disciplines:
    • Threat Detection & Analysis (leveraging SIEM tools, IDS/IPS, endpoint detection, log analysis, etc.)
    • Incident Response & Management (developing response plans, executing playbooks, forensic investigations, root cause analysis)
    • Threat Hunting (identifying undetected threats through proactive analysis and hypothesis-driven investigation)
    • Cyber Threat Intelligence (gathering and analyzing threat intelligence to inform detection capabilities and preventive measures)
    • Network Security (TCP/IP protocols, firewalls, intrusion prevention systems, and network traffic analysis)
    • Exposure to securing and monitoring operating system and cloud environments (AWS, Azure, GCP), including reviewing cloud service logs and configurations for suspicious activity
  • Demonstrated ability to:
    • Function as a Level 1 or Level 2 Analyst (triaging and responding to cybersecurity alerts and incidents)
  • Preferred Experience:
    • Experience with automation tools and some proficiency in shell scripting languages (e.g., Python, PowerShell) to automate repetitive tasks and streamline investigations