Security Engineer - Detection & Response

Funding Societies | Modalku is the largest SME digital finance platform in Southeast Asia. We are licensed and operating in Singapore, Indonesia, Thailand, Malaysia and Vietnam, and backed by Sequoia India (Peak XV), Softbank Vision Fund, Khazanah and SMBC bank amongst many others. Funding Societies | Modalku provides business financing to small and medium-sized enterprises (SMEs), which is funded by individual and institutional investors, as well as payments solutions to SMEs and consumers.

Here at Funding Societies | Modalku we live by our core values GETFS:

• Serve with Obsession: Build win-win relationships for the long-term by having a customer obsession.
• Grow Relentlessly: Strive to become our best, most authentic selves.
• Enable Teamwork, Disable Politics: Only by forging togetherness, we help each other succeed.
• Test Measure Act: Stay curious and reinvent ourselves, through innovation and experimentation.
• Focus on Impact: Create impact through bias for action and tangible results.

We are looking for a Security Engineer - Detection & Response to join our Information Security Team and lead efforts to identify, analyse, evaluate, and act upon security risks and threats. In this role, you'll develop and operationalise scalable detections and work closely with IT, DevOps, Engineering, and Compliance to protect our systems and customer data.

What you will do:

Detection Engineering

• Build and maintain detection rules for TTPs aligned with MITRE ATT&CK across Endpoint , Cloud and application layers.
• Maintain detection coverage maps and tune alerts for high-fidelity signal-to-noise ratio.
• Integrate threat intelligence (internal + external) into detection logic and enrich alert context.
• Leverage generative AI to build and enhance autonomous detection and response workflows, improving speed, accuracy, and scalability of threat identification and mitigation.
• Automate detection & response tasks using SOAR platforms or custom scripts (e.g., Python).
• Collaborate with Managed Security Service Provider (MSSP) and other internal security teams to develop and finetune correlation rules and alerts.

Security Operations

• Triage, investigate, and coordinate response for security alerts and incidents, including those originating from internal telemetry as well as external sources such as MSSP and MDR partners.
• Maintain and evolve playbooks and runbooks for different attack scenarios.
• Conduct DFIR activities including log forensics, memory analysis, and malware triage to support root cause analysis and recovery.
• Act as the first line of escalation for real-time alerts across cloud, endpoint, and application layers.
• Lead root cause analysis (RCA) for incidents and contribute to post-mortem reports.
• Log management and Integrations
• Configure and integrate log sources into Splunk cloud and create dashboards for various use cases.
• Develop and maintain log management strategies to ensure the collection and indexing of relevant data.
• Troubleshoot and optimise log sources to enhance data accuracy and completeness.
• Integrate Splunk into the needed log sources, if needed.

Governance & Collaboration

• Ensure logging and detection controls are compliant with regulatory requirements.
• Work closely with IT , Engineering and Risk teams to identify gaps and implement security-by-design controls.
• Participate in security audits , technical simulations and tabletop exercises across the region.

Requirements

What we are looking for:

• 3+ years of hands-on experience in detection engineering, SOC, or security operations.
• Experience with SIEM platforms (e.g., Splunk, Elastic, Sentinel).
• Strong understanding of adversary behaviours, detection logic, and the MITRE ATT&CK framework.
• Proficient in scripting (ex: Python) for log parsing, enrichment, and automation.
• Familiarity with cloud-native telemetry . (CloudTrail, GCP Audit Logs etc.).
• Active participations on platforms such as Blue Team Labs Online(BTLO) or other relevant certifications (Offence/Defensive) or equivalent .
• Nice to Have : Experience in regulated industries (FinTech, Banking)
• Nice to Have : Contributions to open-source detection projects or blog / research.

Benefits

Other Benefits:

• Time off - We would love you to take time off to rest and rejuvenate. We offer flexible paid vacations as well as many other observed holidays by country. We also like to have our people take a day off for special days like birthdays and work anniversaries.
• Flexible working - We believe in giving back the control of work & life to our people. We trust our people and love to provide the space to accommodate each and everyone's working style and personal life.
• Medical benefits - We offer health insurance coverage for our employees and dependents. Our people focus on our mission knowing we have their backs for their loved ones too.
• Mental health and wellness - We understand that our team productivity is directly linked to our mental and physical health. Hence we organize org-wide fitness initiatives and engage partners to provide well-being coaching.
• Tech support - We provide a company laptop for our employees and the best possible support for the right equipment/tools to enable high productivity

Interested to know more about us? Learn about our Stories here.