The job holder will oversee the daily operations in the Security Ops Centre – HTSC (SOC), conduct investigation of cybersecurity events, analyse cyber threat intelligence, perform incident response and after-action reviews of incidents.

He/She is responsible for the following: Managing SOC operations • Assist Head (Operations) in managing both Tiers 1 and 2 analysts in HTSC (SOC), in matters of manpower, training and operation issues. • Develop a threat management programme for HTSC (SOC), which may include trials with analytics tools, collaboration with other HTX teams on proof-of-concept projects, processing cyber-intel reports from OSINT and Government sources, etc. • Collaborate with GCSOC to ensure that HTSC (SOC)’s capabilities are closely mapped and quick sharing of information to prevent potential incidents • Review existing monitoring rules to respond to evolving cyber threats. • Review SOP documents to ensure the effective and efficient monitoring operations of the SOC. • Routine reporting of incident status and updates are given to Senior Management • Any other tasks assigned that are related to ensuring the smooth operations of the HTSC (SOC). Incident Response and Management • Take charge of incidents or suspected incidents reported by HTDs and work towards establishing the confidentiality, integrity and availability of information systems and data in MHA. • Coordinate with the HTDs’ Security Incident Response Officers (SIROs) • Perform incident triage, remediation and threat management activities • Collaborate with other government cyber incident response entities e.g., National Cyber Security Centre (NCSC), Government IT Security Incident Response (GITSIR) & Government Cyber Security Ops Centre (GCSOC) to ensure proper incident closure • Timely reporting of incidents and follow-up actions to both internal and external stakeholders. • Consolidate and review the Incident Reports, as well as After-Action Review (AARs) of the incidents. • Review and update the MHA Security Incident Response Plan (SIRP) and incident response framework, in consultation with various cybersecurity stakeholders across MHA Home Team Departments.

• Degree in Computer Science, Electronics Engineering or IT equivalent. • Certifications in CISSP, GCIH or GSEC are preferred. • Government Home Team Ops knowledge and good understanding of their systems & networks are preferred. • Experience with log analysis (i.e., hardware, application, OS) to identify cyber risk, cyberthreat hunting, and improve monitoring. • Strong effective communications skills. • Good time management and organizational skills. • Strong troubleshooting and problem-solving skills. • A team player with the ability to work autonomously. * All new hires are appointed on a two-year contract in the first instance and will be assessed and considered for permanent tenure over time, based on performance. As part of the shortlisting process for this role, you may be required to complete a medical declaration and/or undergo further assessment. All applicants will be updated on the status of their applications within 4 weeks upon closing of the advertisement. #LI-JO1

HTX is the world’s first Science and Technology agency that integrates a diverse range of scientific and engineering capabilities to innovate and deliver transformative and operationally-ready solutions for homeland security. As a statutory board of the Ministry of Home Affairs and integral to the Home Team, HTX works at the forefront of science and technology to empower Singapore’s frontline of security. Our shared mission is to amplify, augment and accelerate the Home Team’s advantage and secure Singapore as the safest place on planet earth.