Assistant Lead Engineer - Incident Response (Detect & Respond)

Position Overview

This position is dedicated to addressing cybersecurity incidents to safeguard Singapore’s Public Health systems. It demands technical proficiency in incident response across various environments (Cloud, On-premises, Hybrid) to identify anomalies, ascertain root causes and mitigate breaches. A strong foundation in Cloud Security Technologies, Digital Forensics, and Incident Response is crucial. The role also necessitates strong analytical and communication skills, along with the capability to work autonomously and collaboratively within a team.

We are seeking an experienced Cybersecurity Analyst to join our Incident Response (IR) team. The ideal candidate should have proven expertise in managing and investigating cybersecurity incidents, including triage, analysis, scoping, containment, and forensics. Strong Incident Response experience in Cloud environment is highly desirable. This role is vital in protecting Singapore’s Public Health systems by proactively identifying, analysing, and addressing security threats.

Role & Responsibilities

• Investigate cyber incidents across Cloud, on-premises, and hybrid environments using Cloud-native and industry-standard forensic tools. 
• Analyse and correlate log data to detect anomalies, trace unauthorized activities, determine root causes, and mitigate breaches.
• Facilitate Incident Response calls and collaborate with internal and external stakeholders to ensure a coordinated approach.
• Generate investigation reports and clearly communicate findings through detailed documentation and presentations. 
• Assist in conducting post-incident reviews to extract lessons learned and enhance workflows and controls.
• Develop and maintain Incident Response plans and playbooks for various cybersecurity scenarios.
• Document best practices and compliance measures to ensure consistency and efficiency in response actions.
• Serve as rotational duty officer and support emergency responses, including being on standby outside regular working hours as needed.
   

Requirements

• Diploma or Degree in Computer Science, Cybersecurity, or a related field.
• Minimum 3 years of experience in Cloud Security Technologies (familiarity with AWS and Azure) and Digital Forensics & Incident Response (DFIR).
• Proficiency with EDR tools (e.g., CrowdStrike Falcon or equivalent) and SIEM platforms (e.g., Google Chronicle or equivalent).
• Experience in using Digital Forensic tools (e.g., Magnet AXIOM, EnCase) for evidence acquisition and analysis. 
• Strong knowledge of network protocols, infrastructure setup and device communication for incident response. 
• Self-motivated, with the ability to work independently and collaboratively.
• Strong problem-solving and organizational skills to manage multiple tasks efficiently.
• Excellent analytical, communication and interpersonal skills; a reliable team player.
• Preferred certifications: AWS Solutions Architect/Professional, AWS Certified Security, Azure Security Engineer, Azure Solutions Architect or Certified Cloud Security Professional (CCSP).
• Relevant certifications such as GCIH, GCFE, GCFA, GCFR, GEIR, MCFE, EnCE (preferred but not mandatory)
   

Apply Now

NOTE: It only takes a few minutes to apply for a meaningful career in HealthTech - GO FOR IT!!

#LI-SYNX13

#1525