kate spade new york

Cybersecurity Analyst-1

kate spade new york · Singapore, Singapore

Retail Apparel and Fashion · 5,001-10,000 employees

7 h ago
Mid (2-5 yrs) Full-time Singapore
Log in to apply, save this posting, or score it against your profile with AI.

About the role

The role splits time equally between Blue Team operations, focusing on responding to and investigating security alerts, and Purple Team engineering to improve detections. The analyst will translate adversary insights into practical defensive wins and measurable improvements across the security program.

What they look for

SIEM EDR Incident Response Threat Intelligence MITRE ATT&CK Vulnerability Management Root-Cause Analysis Detection Engineering Blue Teaming Purple Teaming Cloud Security Network Security Identity Security Event Triage Adversary Emulation Security Testing

Requirements

The candidate must be able to perform event triage, root-cause analysis, and build detection logic across various security platforms. Proficiency in mapping detections to the MITRE ATT&CK framework and collaborating with global IT and security teams is required.

Full description

Explore the possibilities across our global house of brands.

Defined by inclusivity rather than exclusivity, Tapestry embraces the exploration of individuality and invests in helping you grow personally and professionally. Every individual in our global house has the opportunity to make an impact, learn and be part of our growing and unique story.

At Tapestry, we have the freedom to express ourselves and run with our best ideas across Coach and Kate Spade New York. We share a profound belief in both our individual and collective potential, and know that with hard work and dedication, anything is possible.

Primary Purpose:

We’re looking for a Cybersecurity Analyst who likes chasing signals, investigating suspicious activity, and turning lessons from incidents into stronger defenses. You’ll be part of the Cybersecurity team in APAC, reporting to the Director, Cybersecurity — APAC. You’ll collaborate closely with global security operations, threat intelligence, security engineering, infrastructure, IT, and business teams.

Expect a role with variety: some days you’ll be deep in logs and endpoint data; other days you’ll be building detections, validating controls, tracking remediation, or helping the team understand what a real-world adversary technique means for our environment.

Based in Singapore, this role sits at the intersection of Blue Team operations and Purple Team engineering. You’ll spend roughly 50% of your time responding to security events and supporting day-to-day defensive operations, and 50% translating adversary insights into better detections, mitigations, and measurable improvements across our security program.

In short, you’ll help defend the business today while making sure we’re harder to attack tomorrow.

The key responsibilities are:

Blue Team: Respond, Investigate, Defend — 50%

You’ll be on the front line of security operations, helping identify, triage, investigate, and respond to suspicious activity across our environment.

  • Monitor and respond to security alerts from SIEM, EDR, email security, identity, cloud, and network platforms.
  • Investigate suspicious activity, determine scope and impact, and drive incidents toward clear resolution.
  • Perform event triage, evidence collection, timeline development, and root-cause analysis.
  • Partner with global security, IT, infrastructure, and business teams during security investigations.
  • Tune alerts to improve signal quality and reduce noise.
  • Document investigations, response actions, lessons learned, and recommended improvements.
  • Support incident readiness activities, including playbooks, tabletop exercises, and response process improvements.

Purple Team: Learn from the Adversary, Improve the Defense — 50%

You’ll help turn attacker tradecraft, incident learnings, vulnerability findings, and threat insights into practical defensive wins. This means improving detection and mitigation coverage while strengthening operational readiness.

  • Translate adversary behaviors, tactics, techniques, and procedures into actionable detection opportunities.
  • Build, test, and improve detection logic across SIEM, EDR, identity, cloud, and other security tools.
  • Map detections and mitigations to frameworks such as MITRE ATT&CK.
  • Partner with red team, threat intelligence, vulnerability management, and security engineering teams to validate control effectiveness.
  • Convert purple team findings into practical improvements: new alerts, better telemetry, hardened configurations, response playbooks, mitigation recommendations, or control enhancements.
  • Support vulnerability assessment, remediation tracking, and security testing activities such as system assessments, code review support, or validation exercises.
  • Measure detection quality, coverage, false-positive rates, and response readiness.
  • Help create repeatable test cases, adversary emulation scenarios, and operational documentation to continuously improve defenses.

Our Competencies for All Employees Courage: Doesn’t hold back anything that needs to be said; provides current, direct, complete, and “actionable” positive and corrective feedback to others; lets people know where they stand; faces up to people problems on any person or situation (not including direct reports) quickly and directly; is not afraid to take negative action when necessary. Creativity: Comes up with a lot of new and unique ideas; easily makes connections among previously unrelated notions; tends to be seen as original and value-added in brainstorming settings. Customer Focus: Is dedicated to meeting the expectations and requirements of internal and external customers; gets first-hand customer information and uses it for improvements in products and services; acts with customers in mind; establishes and maintains effective relationships with customers and gains their trust and respect. Dealing with Ambiguity: Can effectively cope with change; can shift gears comfortably; can decide and act without having the total picture; isn’t upset when things are up in the air; doesn’t have to finish things before moving on; can comfortably handle risk and uncertainty. Drive for Results: Can be counted on to exceed goals successfully; is constantly and consistently one of the top performers; very bottom-line oriented; steadfastly pushes self and others for results. Interpersonal Savvy: Relates well to all kinds of people, up, down, and sideways, inside and outside the organization; builds appropriate rapport; builds constructive and effective relationships; uses diplomacy and tact; can diffuse even high-tension situations comfortably. Learning on the Fly: Learns quickly when facing new problems; a relentless and versatile learner; open to change; analyzes both successes and failures for clues to improvement; experiments and will try anything to find solutions; enjoys the challenge of unfamiliar tasks; quickly grasps the essence and the underlying structure of anything.

Our Competencies for All People Managers Strategic Agility: Sees ahead clearly; can anticipate future consequences and trends accurately; has broad knowledge and perspective; is future oriented; can articulately paint credible pictures and visions of possibilities and likelihoods; can create competitive and breakthrough strategies and plans. Developing Direct Reports and Others: Provides challenging and stretching tasks and assignments; holds frequent development discussions; is aware of each person's career goals; constructs compelling development plans and executes them; pushes people to accept developmental moves; will take on those who need help and further development; cooperates with the developmental system in the organization; is a people builder. Building Effective Teams: Blends people into teams when needed; creates strong morale and spirit in their team; shares wins and successes; fosters open dialogue; lets people finish and be responsible for their work; defines success in terms of the whole team; creates a feeling of belonging in the team.

Tapestry is an equal opportunity and affirmative action employer and we pride ourselves on hiring and developing the best people. All employment decisions (including recruitment, hiring, promotion, compensation, transfer, training, discipline and termination) are based on the applicant's or employee's qualifications as they relate to the requirements of the position under the consideration. These decisions are made without regard to age, sex, sexual orientation, gender identity, genetic characteristics, race, color, creed, religion, ethnicity, national origin, alienage, citizenship, disability, marital status, military status, pregnancy, or any other legally-recognized protected basis prohibited by applicable law.

Visit Tapestry, Inc.