Job Description

What the role is
The Government Technology Agency (GovTech) aims to transform the delivery of Government digital services by taking an "outside-in" view, putting citizens and businesses at the heart of everything we do. We also develop the Smart Nation infrastructure and applications, and facilitate collaboration with citizens and businesses to co-develop technologies. Join us as we support Singapore’s vision of building a Smart Nation - a nation of possibilities empowered through info-communications technology and related engineering. The Government Cybersecurity Consulting team in Cyber Security Group (CSG) in GovTech provides in depth technical Point-of-View of advanced security technologies and emerging technologies to support better use of technologies in Government and the Smart Nation initiatives.
What you will be working on
Security Monitoring • Work with the vendor to implement and maintain the in-house security systems to monitor the network infrastructure and systems for security threats. • Perform threat hunting, monitor the security system for security alerts, validate and analyse the alerts. • Escalate security alerts to respective IT team for further investigation and assist in providing recommendations to contain the security incident, and remediate the vulnerabilities and/or threats uncovered. • Maintain an overview of all IT security alerts to ensure that actions are taken to investigate and resolved them in a timely manner. • Prepare reports to update management on the status of the security alerts on a regular basis. • Track the development of the threat landscape and techniques used by hackers, assess the effectiveness of the current controls to prevent and detect the new threats and techniques, and recommend appropriate measures to mitigate them.
Security Consultancy • Provide security consultancy for key ICT development projects to ensure that key security requirements are defined and designed into the system, implemented in accordance to the security design, and in compliance with prevailing ICT security policies and standards.

What we are looking for
• Relevant working experience in implementing and operating an in-house ICT security threat monitoring systems • Knowledge of security technologies and products (such as SIEM, Log Management and Analysis Tools, firewall, cryptography, vulnerability scanning tools, endpoint security), MITRE ATT&CK framework, network security, cloud security and application security. • Knowledge of network security architecture concepts including topology, protocols, components and principles (e.g., application of Defence in-Depth). • Understands the attacker’s perspective which includes the attack methodologies on operating systems and applications and attack phases • Knowledge and experience in ICT security risk assessment and management • Knowledge and experience in the provision of ICT security consultancy services. • Team player with good interpersonal skills • Possess good written, verbal and presentation skills • Security certification such as CISSP, GSEC, Cloud Security or related certification would be an advantage • Singapore Citizen only