Security Engineer – Incident Response

About the Role

As a Security Engineer specializing in Incident Response, you will play a central role in defending DKatalis’ systems, data, and platforms against evolving threats. You will collaborate closely with infrastructure, SRE, and engineering teams to detect, analyze, contain, and respond to security incidents while continuously improving our detection and response capabilities.

You will combine hands-on technical expertise with strong analytical and communication skills, helping transform lessons learned from incidents into stronger preventive and detective controls. This role is both operational and strategic — you’ll be on the front lines during incidents, but also driving initiatives that make future responses faster, smarter, and more resilient.

What You Will Do

• Detect, triage, and respond to security incidents across applications, infrastructure, and cloud environments.

• Investigate alerts, logs, and telemetry data from multiple sources (EDR, SIEM, cloud monitoring tools, application logs) to identify potential threats or compromise indicators.

• Perform root cause analysis and digital forensics on affected systems, and coordinate containment, eradication, and recovery actions with SRE and engineering teams.

• Develop and maintain incident response runbooks, playbooks, and escalation processes.

• Collaborate with internal and external stakeholders to ensure timely and coordinated response during security events.

• Lead post-incident reviews, document findings, and work with teams to strengthen detection and prevention controls.

• Improve observability and detection by integrating new data sources and automation into the monitoring stack.

• Participate in red/blue/purple team exercises to improve incident readiness and validate detection capabilities.

• Provide security awareness and response training to engineering and operational teams.

• Be part of the on-call rotation for critical security incidents requiring immediate attention.

What You Need to Have

• 5+ years of experience in security engineering, incident response, or related fields.

• Strong understanding of operating systems (Linux, Windows, Mac) and their common attack surfaces.

• Experience with log analysis, threat hunting, and investigation using SIEM, EDR, and forensic tools.

• Practical knowledge of attacker techniques, tactics, and procedures (TTPs) 

• Hands-on skills in scripting or automation (Python, Bash, PowerShell, etc.) to streamline investigation and response workflows.

• Familiarity with cloud security monitoring (GCP, AWS, or Azure) and container security (Kubernetes, Docker).

• Understanding of network protocols and traffic analysis tools

• Ability to communicate in English, and work calmly under pressure, make decisions quickly, and communicate clearly during incidents.

• Strong collaboration and communication skills across distributed teams.

About DKatalis

DKatalis is a financial technology company with multiple offices across the APAC region. Our mission is to build a better financial world through an ecosystem-linked approach to financial services. We are founded and backed by industry veterans with decades of experience in finance, banking, and technology across Bank BTPN, Danamon, Citibank, McKinsey & Co, Northstar, Farallon Capital, and HSBC.