Cybersecurity Engineer – Security Operations

What the role is The Government Technology Agency (GovTech) is the lead agency driving Singapore’s Smart Nation initiatives and public sector digital transformation. As the Centre of Excellence for Infocomm Technology and Smart Systems (ICT & SS), GovTech develops the Singapore Government’s capabilities in Data Science & Artificial Intelligence, Application Development, Smart City Technology, Digital Infrastructure, and Cybersecurity. At GovTech, we offer you a purposeful career to make lives better. We empower our people to master their craft through continuous and robust learning and development opportunities all year round. Our GovTechies embody our Agile, Bold and Collaborative values to deliver impactful solutions. GovTech aims to transform the delivery of Government digital services by taking an "outside-in" view, putting citizens and businesses at the heart of everything we do. Play a part in Singapore’s vision to build a Smart Nation and embark on your meaningful journey to build tech for public good. Join us to advance our mission and shape your future with us today Learn more about GovTech at tech.gov.sg. What you will be working on Do you want to play a critical role in securing our smart nation initiatives by uncovering weaknesses in various domains of cybersecurity programs even before the real threat actors come to play? And are you up to race against the real threat actors before organisations are compromised? GovTech is hiring a cybersecurity engineer to be deployed to supported Ministry/agency. This individual must be familiar with security operations including threat intelligence, incident response, forensic knowledge and tooling such as ASM, SIEM, SecOps, Nessus etc. Lead and coordinate incident response activities, including detection, analysis, containment, eradication, and recovery from security and data incidents. Develop and maintain incident response plans, playbooks, and procedures to ensure effective and efficient response to security incidents. Conduct post-incident analysis and provide recommendations for improving security posture and resilience. Support threat intelligence and vulnerability notification activities to ensure relevant information is disseminate to the relevant stakeholders. Monitor and analyse security events and alerts from cloud and on-premises environments and take appropriate actions to mitigate security risks. Collaborate with Govtech Operation and Incident Response teams for alerts and incident activities. Stay up-to-date with the latest security threats, vulnerabilities, and best practices in incident response, DevSecOps, and cloud security. Support security tools such as CSPM, VMS, ASM etc and follow up as part of remediation. Perform or support threat hunting and forensic activities where applicable. Partner with Chief Information Security Officers, stakeholders, project teams, and outsourced vendors to ensure security objectives are achieved. Manage stakeholder relationships to ensure that cybersecurity services delivered meet their expectations. What we are looking for Possess degree in Computer Science, Computer or Electronics Engineering or Information Technology or related disciplines. Possess minimum 5 years of IT security experience in areas such as IT security operation, threat intelligence and malware analysis. Able to articulate cybersecurity risks, mitigation measures and residual risks orally and in writing to stakeholders, in an easily understood and actionable manner. Familiar with scripting language, for example, YARA, Perl, Python, Javascript or Powershell Possess knowledge of security technologies such as ASM, SIEM, SecOps, CSPM etc. Preferably with Google SecOps/Chronicles knowledge, frameworks (such as MITRE ATT&CK framework), and security domains (such as network security, cloud security and application security). Possess knowledge of system security architecture concepts including network topology, protocols, components and principles (e.g. application of Defence in Depth), and able to specify where and how security controls should be applied to or engineered into the security design. Being a team player with good interpersonal skills. Possess good written, verbal and presentation skills. Possess GCIH and GCFA equivalent certification. Having AWS Security, or related certifications would be of added advantage. Able to work and communicate with all levels from senior management level to working level. Our employee benefits are based on a total rewards approach, offering a holistic and market-competitive suite of perks. These include leave benefits to meet your work-life needs and employee wellness programmes. We champion flexible work arrangements (subject to your job role) and trust that you will manage your own time to deliver your best, wherever you are, and whatever works best for you. Learn more about life inside GovTech at go.gov.sg/GovTechCareers. Stay connected with us on social media at go.gov.sg/ConnectWithGovTech #J-18808-Ljbffr