Assistant Lead Engineer - Enterprise Vulnerability Management (Cyber Security Office)

Apply now »

Date: 11 Nov 2025

Location: SG

Company: Synapxe

Position Overview

The Senior Engineer will be part of Central Security Implementation and Management Services (SIMS) team and involved in Security Operation. On standby with on-call availability including nights, weekends and holidays may be needed on ad-hoc basis.

Role & Responsibilities

  • Implement and maintain new Vulnerability Assessment (VA) scan infrastructure in Commercial Cloud
  • Perform security monitoring and security incident response related to VA scan infrastructure hosted in the Commercial Cloud with relevant Synapxe teams Security operations
  • Schedule Vulnerability Assessment scan (include OS & Applications) with enterprise tools on quarterly basis for all Public Healthcare systems, including VA rescan
  • Perform vulnerability scan for specific vulnerabilities (CVE) based on directive from MOH or CSA within an allowed scan window using agent or scan credential account
  • Perform compliance scan against prevailing hardening standards, and also develop/maintain hardening scan template
  • Perform network discovery scan to identify all devices on the corporate network
  • Perform half-year reconciliation of IT assets managed by Synapxe with IT assets on-boarded in VA infrastructure
  • Perform vulnerability scan from outside-in approach against Internet zone
  • Customisation of Dashboard/Spreadsheet to facilitate tracking of remediation for VA findings 
  • Troubleshooting of failed VA scan jobs, and provide guidance on fixing the vulnerability
  • Prepare periodic status reports for presentation to management
  • Perform monthly scan policy audits and reviews 
  • Prepare monthly capacity usage report and compliance governance based on policy
  • Document process and SOPs related to Vulnerability Scanning and operations Incident response
  • Work closely with incident response team for incident investigation and also provide status updates during the life cycle of an security incident
  • Review and improve the different incident response playbooks periodically

Requirements

  • At least 3-5 years' of experience in the Security Operation
  • Strong knowledge and experience in Vulnerability scanning tools, both on-Prem and in Cloud
  • Strong experience in supporting Windows, Linux, Switch, Router, Firewall, NAC, VPN, Endpoint Protection (Symantec, McAfee, TrendMicro)
  • Security certification (CISSP, CEH, ITIL Foundation certified (strong in Incident Management and Problem Management)
  • Strong Interpersonal and communication skills
  • Has knowledge and experience in scripting such as PowerShell, Python, Macro, etc.
  • Strong in troubleshooting and analytic skill

Apply Now

NOTE: It only takes a few minutes to apply for a meaningful career in HealthTech - GO FOR IT!!

#LI-SYNX31