[sg] Incident Response Engineer

**About the Team**

The Security & IT Operations team plays a key role in ensuring that our products and services are developed and operated by fulfilling the highest security standards. Furthermore, the team is in charge of operating security tools that protect our internal and customer facing assets, managing incidents through to resolution, and maintaining the security posture of DA across regions where we operate.

**About the role**
- Effective use of security tooling - conducting analysis of findings and coordinating the remediation effort through to resolution.
- Help to maintain the DA Security Risk Register including regular review and reporting.
- Aid with prioritisation and mitigation of identified risk
- Identify gaps in visibility and detection of attacks and malicious events.
- Be part of the Security Incident Response Team activities, helping to detect, respond, contain, and recover from security incidents in a timely manner
- Setup and maintenance of security tooling.
- Regular review and maintenance of DA corporate security policies.
- Assess the adoption of new software from a security perspective.
- Help conduct risk assessments issued to 3rd parties and B2B partners.
- Monitor, analyse, and investigate security logs, events, and alerts from a variety of devices and platforms including but not limited to, SIEM, IDS/IPS, Container Security agents, WAF, OS logs and AWS platform logs.
- Develop security experiments and procedures, and document best practices.
- Respond to current or emerging threats and help mitigate damages in regard to product security.
- Keep up to date with the latest news and threats in the security industry.
- Help to promote security awareness within DA.
- Address issues raised via the DA Cybersecurity service desk.
- Identify areas of improvement through process improvement and / or automation.

**About you**
- Bachelor’s degree in related business or technical areas, or an equivalency of education and work experience
- 3+ years of previous experience working in security operations, threat detection, hunt teams, or incident response, triaging cyber security alerts, events, incidents
- Familiar with security products and network devices
- Knowledge and understanding of emerging risk areas, e.g. mobile, remote access, wireless technologies, DLP, cloud computing, endpoint security.
- Good understanding of MITRE ATT&CK matrices, kill chains and other attack models.
- Technical experience with Linux, Windows, Docker
- Knowledge of TCP / IP, DNS, web, wireless security architectures
- Knowledge of cloud based security controls in either AWS, Azure or GCP
- Good domain knowledge of information security governance and strong risk management background
- Strong interpersonal, oral and written communication skills
- Experience in risk assessment and prioritisation
- Good negotiation skills
- Experience working in a startup / scale-out organisation

**About Doctor Anywhere**

Doctor Anywhere (DA) is on a mission to be the largest tech-enabled, omnichannel healthcare provider in Southeast Asia. First launched in Singapore in 2017, DA aims to bridge gaps in the healthcare ecosystem through developing innovative solutions and technologies. In 2021, DA raised SGD$88 million in Series C fundraising (August 2021) and acquired Doctor Raksa, the biggest telemedicine platform in Thailand which further strengthened our foundation for telehealth and healthcare offerings. Today, DA is present in Malaysia, Thailand, Philippines, Vietnam, Indonesia and India, serving more than 2.5 million (and growing) users across the region.At DA, we believe in the value of innovation and collaboration. Grounded in our motto of “Keep Going, Keep Growing”, our team strives towards excellence every day, and values diversity in perspectives brought by every member. Together, we bring quality healthcare to your doorstep