Cybersecurity Operations Specialist

**(What the role is)**GovTech is the lead agency driving Singapore’s Smart Nation initiatives and public sector digital transformation. As the Centre of Excellence for Infocomm Technology and Smart Systems (ICT & SS), GovTech develops the Singapore Government’s capabilities in Data Science & Artificial Intelligence, Application Development, Smart City Technology, Digital Infrastructure, and Cybersecurity.
At GovTech, we offer you a purposeful career to make lives better where we empower our people to master their craft through robust learning and development opportunities all year round.
Play a part in Singapore’s vision to build a Smart Nation and embark on your meaningful journey to build tech for public good. Join us to advance our mission and shape your future with us today
Learn more about GovTech at tech.gov.sg.
Join us and you will play a key role in the Cyber Defense Ops & Intelligence (CDOI) of Cyber Security Group (CSG) as Cybersecurity Operations Specialist (Incident Response) to manage and investigate cybersecurity incidents.
The successful candidate will ensure the delivery of cybersecurity operations services across all stages of the incident response lifecycle. This encompasses triaging potential security events, conducting in-depth investigations and advising on containment, eradication and recovery strategies. Candidate must possess strong log analysis and digital forensics skills to drive effective responses to cybersecurity incidents that ensure secure delivery of applications and infrastructure services. Critical thinking and great communication skills are required to articulate technical concepts and guide decision makers towards optimal courses of action. This is a key position in the Cyber Incident Response Team (CIRT).**(What you will be working on)*** Lead incident response activities through all phases of an incident:
+ Conduct triage and investigation of potential cybersecurity incidents to determine incident scope and severity
+ Develop and execute containment strategies
+ Perform investigations and root cause analysis to identify attack vectors, tactics, and impact* Conduct comprehensive security event log analysis to validate security detections, investigate alerts, and identify attacks across multiple data sources including:
+ Endpoint system logs or Endpoint detection and response (EDR) telemetry
+ Network traffic logs
+ Application logs
+ Cloud service logs and audit trails* Conduct digital forensic acquisition and analysis of artifacts from various sources including:
+ Endpoint systems and servers
+ Network devices and logs
+ Cloud environments
+ Mobile devices and storage media* Maintain clear stakeholder communication throughout incident lifecycle and prepare comprehensive post-incident reports with preventive recommendations* Provide expert input for automating Security Operations (E.g Implement SOAR playbooks)* Develop and test incident response playbooks and processes* Maintain situational awareness of cyber security landscape and emerging threat actor TTPs**(What we are looking for)*** Bachelor’s Degree in Computer Science/Information Security or equivalent* Professional certifications, including GCFA, GREM, GNFA, GCTI, CISSP or other relevant certifications will be preferred* Preferably 5 years or more of experience as a full-time incident responder/digital forensic/malware analysis or related discipline* Understanding of operating systems and platform (e.g. Windows, Linux) and knowledge of computer networking, LAN, and server* Strong ability with log analysis techniques, familiarity with platforms (e.g., Splunk, ELK Stack, Google SecOps) and analytical skills to correlate events across multiple log sources to identify attack patterns* Proficient in Forensic Tools such as AXIOM, FTK or Autopsy* Ability to perform basic static and dynamic malware analysis and to analyse network and application logs* Good working knowledge of Cloud and Container technologies are a plus* Familiarity with good security practices* Good communication and interpersonal skills, with the ability to multitask and priortise* Meticulous and demonstrate a high degree of integrity, initiative, energy and endurance* Singaporean onlyGovTech is an equal opportunity employer committed to fostering an inclusive workplace that values diverse voices and perspectives, as we believe it is key to innovation. Our employee benefits are based on a total rewards approach, offering a holistic and market-competitive suite of perks.
We champion flexible work arrangements (subject to your job role) and trust you to manage your time to deliver your best.Learn more about life inside GovTech at go.gov.sg/GovTechCareersThe Singapore Public Service plays a key role in the economic growth, progress and stability of Singapore by formulating and implementing government policies, as well as providing key public services. Whether you are a fresh graduate joining the workforce or an experienced professional, the Singapore Public Service offers a great variety of job opportunities for you. The work in the Public Service can be broadly categorised into the following sectors: Economic, Social, Security & External Relations, and Administration & Corporate Development.Be part of the team that shapes the future of Singapore. Log on and take your first step towards a career that matters
#J-18808-Ljbffr