Job Description

The Government Technology Agency (GovTech) aims to transform the delivery of Government digital services by taking an "outside-in" view, putting citizens and businesses at the heart of everything we do. We also develop the Smart Nation infrastructure and applications, and facilitate collaboration with citizens and businesses to co-develop technologies.

Join us as we support Singapore\xe2\x80\x99s vision of building a Smart Nation - a nation of possibilities empowered through info-communications technology and related engineering.

You will play a key role in the Government Cyber Defence (GCD) of Cyber Security Group (CSG) as Digital Forensic and Incident Response (DFIR) Analyst to manage and investigate cybersecurity incidents.

Successful candidate who is proficient in either network/host-based intrusion analysis, digital forensics or cyber threat intelligence, and develop custom analytics to proactively defend against cyber-attacks. As a Cyber Threat Hunter, you are responsible for the technical success at our deployments at government agencies and work directly with users in the deployed agencies to detect and eradicate against advanced threats.

What you will be working on:

• Provide proactive hunting and analysis at deployed locations against the dataset (e.g. Netflow, DNS and Firewall logs etc)
• Leverage internal and external resources to research threats, vulnerabilities and intelligence on various attackers and attack infrastructure
• Use Big Data Analytics platform to identify threats in various dataset
• Perform advanced threat research to proactively identify potential threat vectors and work with central team to improve prevention and detection methods
• Identify gaps in logging capabilities and propose enhancement strategies with users and engineers

What we are looking for:

• Bachelor\xe2\x80\x99s Degree in Computer Science/Information Security or equivalent
• Professional certifications, including EnCE, GCFA, GREM, GNFA, GCTI, CISSP or other relevant certifications
• Preferably 3 years or more of experience as a full-time incident responder/digital forensic/malware analysis or related discipline
• Experience with digital forensics, focusing on Windows and Linux systems from a malware perspective, and Operating System (OS) exploitation methodologies
• Experience in log analysis using Splunk, ELK, or similar tools, and malware triage
• Strong understanding of cyber threat analysis models such as kill chain, diamond model, and MITRE
• Strong knowledge of malware families and network attack vectors
• Knowledge of creating YARA or Snort signatures is a plus
• Experience with a common scripting or programming language, including Perl, Python, Bash or Powershell
• Knowledge of web applications and APIs

Other Requirements:

• Demonstrate a high degree of integrity, initiative, energy and endurance
• Highly developed research and analytical skills
• Critical thinking and contextual analysis abilities
• Knowledge in one or more scripting languages (e.g. Python, Perl) an advantage
• Possess good communication and interpersonal skills
• Fresh Graduates can also be considered
• Singapore Citizen only

We are an equal opportunity employer and value diversity at our company as we believe that diversity is meaningful to innovation. Our employee benefits are based on a total rewards approach, offering a holistic and market-competitive suite of perks. This includes generous leave benefits to meet your work-life needs. We trust that you will get the job done wherever you are, and whatever works best for you \xe2\x80\x93 so work from home or take a break to exercise if you need to*. We also believe it\xe2\x80\x99s important for you to keep honing your craft in the constantly-evolving tech landscape, so we provide and support a plethora of in-house and external learning and development opportunities all year round.

*Subject to the nature of your job role that might require you to be onsite during fixed hours

Government Technology Agency