Lead, Cyber Threat Hunting

The Government Technology Agency (GovTech) is the lead agency driving Singapore’s Smart Nation initiatives and public sector digital transformation. As the Centre of Excellence for Infocomm Technology and Smart Systems (ICT & SS), GovTech develops the Singapore Government’s capabilities in Data Science & Artificial Intelligence, Application Development, Smart City Technology, Digital Infrastructure, and Cybersecurity. 
 
At GovTech, we offer you a purposeful career to make lives better. We empower our people to master their craft through continuous and robust learning and development opportunities all year round. Our GovTechies embody our Agile, Bold and Collaborative values to deliver impactful solutions.
 
GovTech aims to transform the delivery of Government digital services by taking an "outside-in" view, putting citizens and businesses at the heart of everything we do.
 
Play a part in Singapore’s vision to build a Smart Nation and embark on your meaningful journey to build tech for public good. Join us to advance our mission and shape your future with us today! 
 
Learn more about GovTech at tech.gov.sg.

You will play a key role in the Cyber Defence Operations & Intelligence Cluster (CDOI) of Cyber Security Group (CSG) as a Lead, Cyber Threat Hunter (CTH) to proactively and iteratively detect threats that evade security solutions, to reduce the dwell time of detection of cyber threats.

Successful candidate who is able to lead a team and is proficient in either network/host-based intrusion analysis, digital forensics or cyber threat intelligence, and develop custom analytics to proactively defend against cyber attacks.

What you will be working on:

• Manage and ensure timely delivery of threat hunting missions

• Provide proactive hunting and analysis against the dataset (e.g. Netflow, DNS and Firewall logs etc)

• Leverage internal and external resources to research threats, vulnerabilities and intelligence on various attackers and attack infrastructure

• Use Big Data Analytics platform to identify threats in various dataset

• Able to provide strong technical guidance to the team in advanced threat research to proactively identify potential threat vectors and work with multi-disciplines to improve prevention and detection methods

• Identify gaps in logging capabilities and propose enhancement strategies

• Assist the team in tasks priorisation

What we are looking for:

• Bachelor’s Degree in Computer Science/Information Security or equivalent

• Professional certifications, including EnCE, GCFA, GREM, GNFA, GCTI, CISSP or other relevant certifications

• Preferably 4 years or more of experience as a full time threat hunting

• Experience managing a team

Technical Expertise:

• Experience with digital forensics, focusing on Windows and Linux systems from a malware perspective, and Operating System (OS) exploitation methodologies

• Experience in log analysis using Splunk, ELK, or similar tools, and malware triage

• Strong understanding of cyber threat analysis models such as kill chain, diamond model, and MITRE

• Strong knowledge of malware families and network attack vectors

• Knowledge of creating YARA or Snort signatures is a plus

• Experience with a common scripting or programming language, including Perl, Python, Bash or Powershell

• Knowledge of web applications and APIs

Other Requirements:

• Demonstrate a high degree of integrity, initiative, energy and endurance

• Highly developed research and analytical skills

• Critical thinking and contextual analysis abilities

• Knowledge in one or more scripting languages (e.g. Python, Perl) an advantage

• Possess good communication and interpersonal skills

• Singapore Citizen only

GovTech is an equal opportunity employer committed to fostering an inclusive workplace that values diverse voices and perspectives, as we believe that diversity is the foundation to innovation. 

 

Our employee benefits are based on a total rewards approach, offering a holistic and market-competitive suite of perks. These include leave benefits to meet your work-life needs and employee wellness programmes. 

  

We champion flexible work arrangements (subject to your job role) and trust that you will manage your own time to deliver your best, wherever you are, and whatever works best for you. 

 

Learn more about life inside GovTech at go.gov.sg/GovTechCareers.

 

Stay connected with us on social media at go.gov.sg/ConnectWithGovTech.