Associate Cybersecurity Engineer

Vulnerability Assessment and Scanning: Conduct regular vulnerability scans using industry-standard tools to identify weaknesses in networks, applications, and systems. Analyze scan results, prioritize vulnerabilities based on risk levels, and recommend remediation strategies to minimize exposure.

Risk Mitigation and Remediation: Assess identified vulnerabilities for potential impact, develop and implement mitigation plans, and track remediation progress. Collaborate with IT and development teams to apply patches, updates, and configuration changes.

SOC Operations Support: Monitor security alerts and events within the SOC, contributing to real-time threat detection and response. Participate in incident triage, investigation, and resolution to ensure minimal downtime and data integrity.

Cybersecurity Configuration Management: Design, implement, and maintain secure configurations for hardware, software, and cloud environments. Ensure compliance with standards such as ISO 27001, NIST, or Singapore's Cybersecurity Act.

Troubleshooting and Problem Resolution: Diagnose and resolve complex security issues, including misconfigurations, unauthorized access attempts, and system anomalies. Use debugging tools and methodologies to root cause problems and prevent recurrence.

Threat Intelligence and Reporting: Stay updated on emerging cybersecurity threats, particularly those relevant to Singapore and the region (e.g., via PDPC guidelines or international feeds). Prepare detailed reports on vulnerability assessments, scan findings, and security metrics for stakeholders.

Team Collaboration and Training: Work closely with SOC analysts, engineers, and other departments to enhance overall security posture. Provide guidance and training to junior staff on vulnerability management and cybersecurity concepts.

Continuous Improvement: Evaluate and recommend new tools, processes, and technologies to improve vulnerability scanning efficiency and SOC effectiveness. Participate in tabletop exercises and simulations to refine response protocols.

Education: Polytechnic Diploma or a bachelor's degree in computer science, Information Technology, Cybersecurity, or a related field. Relevant certifications such as OSCP, GCIH or CEH are highly desirable.

Experience: At least 1-3 years in cybersecurity roles, with hands on experience in vulnerability management and SOC/ System Integration environments.

• Proficiency in vulnerability scanning tools and techniques.
• Experience with Microsoft Products and understand/adapt to troubleshooting methodologies.
• Intermediate understanding of automation in Python, Bash, or PowerShell.
• Basic understanding of Linux and/or Windows operating system administration, including the command line.
• Fundamental knowledge of networking concepts (e.g., TCP/IP, firewalls, routing).
• Understanding of security frameworks and standards (e.g., NIST CSF, CIS Controls, MITRE ATT&CK).
• Strong understanding of cybersecurity concepts, including threat modeling, encryption, access controls, and network security.

• Excellent analytical and problem solving abilities
• Strong communication skills for reporting and collaboration
• Ability to work under pressure during security incidents
• Ability to work effectively and participate in on call rotations as a part of a 24/7 Security Operations Centre as a team