What the role is:GovTech is the lead agency driving Singapore's Smart Nation initiatives and public sector digital transformation. As the Centre of Excellence for Infocomm Technology and Smart Systems (ICT & SS), GovTech develops the Singapore Government's capabilities in Data Science & Artificial Intelligence, Application Development, Smart City Technology, Digital Infrastructure, and Cybersecurity.At GovTech, we offer you a purposeful career to make lives better where we empower our people to master their craft through robust learning and development opportunities all year round.Play a part in Singapore's vision to build a Smart Nation and embark on your meaningful journey to build tech for public good. Join us to advance our mission and shape your future with us today!Learn more about GovTech at tech.gov.sg.Join us and you will play a key role in the Cyber Defense Ops & Intelligence (CDOI) of Cyber Security Group (CSG) as Cybersecurity Operations Specialist (Incident Response) to manage and investigate cybersecurity incidents.The successful candidate will ensure the delivery of cybersecurity operations services across all stages of the incident response lifecycle. This encompasses triaging potential security events, conducting in-depth investigations and advising on containment, eradication and recovery strategies. Candidate must possess strong log analysis and digital forensics skills to drive effective responses to cybersecurity incidents that ensure secure delivery of applications and infrastructure services. Critical thinking and great communication skills are required to articulate technical concepts and guide decision makers towards optimal courses of action. This is a key position in the Cyber Incident Response Team (CIRT).What you will be working on:Lead incident response activities through all phases of an incident:Conduct triage and investigation of potential cybersecurity incidents to determine incident scope and severityDevelop and execute containment strategiesPerform investigations and root cause analysis to identify attack vectors, tactics, and impactConduct comprehensive security event log analysis to validate security detections, investigate alerts, and identify attacks across multiple data sources including:Endpoint system logs or Endpoint detection and response (EDR) telemetryNetwork traffic logsApplication logsCloud service logs and audit trailsConduct digital forensic acquisition and analysis of artifacts from various sources including:Endpoint systems and serversNetwork devices and logsCloud environmentsMobile devices and storage mediaMaintain clear stakeholder communication throughout incident lifecycle and prepare comprehensive post-incident reports with preventive recommendationsProvide expert input for automating Security Operations (E.g Implement SOAR playbooks)Develop and test incident response playbooks and processesMaintain situational awareness of cyber security landscape and emerging threat actor TTPsWhat we are looking for:Bachelor's Degree in Computer Science/Information Security or equivalentProfessional certifications, including GCFA, GREM, GNFA, GCTI, CISSP or other relevant certifications will be preferredPreferably 5 years or more of experience as a full-time incident responder/digital forensic/malware analysis or related disciplineUnderstanding of operating systems and platform (e.g. Windows, Linux) and knowledge of computer networking, LAN, and serverStrong ability with log analysis techniques, familiarity with platforms (e.g., Splunk, ELK Stack, Google SecOps) and analytical skills to correlate events across multiple log sources to identify attack patternsProficient in Forensic Tools such as AXIOM, FTK or AutopsyAbility to perform basic static and dynamic malware analysis and to analyse network and application logsGood working knowledge of Cloud and Container technologies are a plusFamiliarity with good security practicesGood communication and interpersonal skills, with the ability to multitask and priortiseMeticulous and demonstrate a high degree of integrity, initiative, energy and enduranceSingaporean onlyGovTech is an equal opportunity employer committed to fostering an inclusive workplace that values diverse voices and perspectives, as we believe it is key to innovation.Our employee benefits are based on a total rewards approach, offering a holistic and market-competitive suite of perks.We champion flexible work arrangements (subject to your job role) and trust you to manage your time to deliver your best.Learn more about life inside GovTech at go.gov.sg/GovTechCareersAbout Government Technology Agency:The Government Technology Agency (GovTech) is the lead agency driving Singapore's Smart Nation initiatives and public sector digital transformation. As the Centre of Excellence for Infocomm Technology and Smart Systems (ICT & SS), GovTech develops the Singapore Government's capabilities in Data Science & Artificial Intelligence, Application Development, Smart City Technology, Digital Infrastructure, and Cybersecurity. At GovTech, we offer you a purposeful career to make lives better. We empower our people to master their craft through continuous and robust learning and development opportunities all year round. Our GovTechies embody our Agile, Bold and Collaborative values to deliver impactful solutions. GovTech aims to transform the delivery of Government digital services by taking an "outside-in" view, putting citizens and businesses at the heart of everything we do. Play a part in Singapore's vision to build a Smart Nation and embark on your meaningful journey to build tech for public good. Join us to advance our mission and shape your future with us today! Learn more about GovTech at tech.gov.sg.
