Assistant Lead Engineer - Phishing Campaign (Cyber Security Office)

Company description:

Synapxe is the national HealthTech agency inspiring tomorrow's health. The nexus of HealthTech, we connect people and systems to power a healthier Singapore.

Together with partners, we create intelligent technological solutions to improve the health of millions of people every day, everywhere. Reimagine the future of health together with us at www.synapxe.sg

• Analyse phishing emails by investigating the email headers and body, including attachments and URLs.
• Analyse email gateway metadata at scale to identify possible phishing email campaigns, and assess the level of threat for each.
• Identify tactics, techniques, and procedures (TTPs) used in isolated incidents, targeted, as well as widespread phishing campaigns, and recommend short-term mitigations to neutralise phishing campaigns.
• Analyse how phishing emails slip past email security solutions, capabilities gaps, and explore longer-term enhancements of email security solutions.
• Maintain detection rules, improve filtering effectiveness, and contribute to automation of phishing response workflows.
• Coordinate with incident response and threat intelligence teams during phishing investigations to assess impact of phishing attacks, identify affected users, and trace attacker infrastructure.
• Analyze phishing trends, uncover attacker patterns, and link related phishing activity to broader threat campaigns.
• Develop new methods of identifying phishing/malicious content using existing tools, or by building new capabilities.
• Prepare clear and detailed phishing incident reports, threat advisories, and reports on trends observed from email phishing campaigns conducted against public healthcare.
• Stay current on phishing tactics targeting the healthcare sector and emerging threat actor behaviors.
• Support and enhance phishing simulations and user training efforts to reduce organizational risk.

• At least 4 years of hands-on involvement in incident investigations, phishing analysis, or threat intelligence operations.
• Demonstrated experience investigating phishing campaigns—including large-scale or organization-wide attacks.
• Familiarity with email security tools and email protocols, phishing indicators, and social engineering tactics.
• Proficiency in programming and scripting (using Python, Java, Ruby etc.) is required, automation experience is preferred.
• Proficiency in use of SIEM/SOAR security monitoring platforms.
• Strong critical thinking, pattern recognition, and analysis skills.
• Ability to communicate complex technical findings to both technical and non-technical audiences.

NOTE: It only takes a few minutes to apply for a meaningful career in HealthTech - GO FOR IT!!

#0558
#LI-SYNX13

The Phishing campaign analysis function will be responsible for identifying and neutralising email phishing campaigns against PH before they gain a foothold in PH network. Besides analysing phishing emails, he/she will analyse email gateway metadata at scale, and review gaps in existing controls/security solutions to identify improvements to strengthen PH defences against future phishing campaigns, and strengthen awareness programs across the organization.