System Administrator (ISO27001 Operations) (BDH)

The Biomedical Data Hub (BDH) curates and maintains strategic deidentified health data cohorts and supports researchers and innovators with expertise in bioinformatics and A.I. Its mission is to act as a trusted research node that unlocks the value of digital health data to support cutting edge science and digital health solutions that will benefit Singapore and Singaporeans. BDH is a national platform hosted by the Agency for Science Technology and Research (A*STAR) in partnership with Ministry of Health (MOH) Singapore and is funded by Singapore's National Research Foundation (NRF).

As the System Administrator – ISO27001/27017 Operations you will be responsible for the secure and compliant operation of IT systems supporting biomedical research and data analytics platforms. This role ensures alignment with ISO/IEC 27001, ISO/IEC 38505 and related standards, supporting infrastructure, user access, and audit readiness across the BDH stack.

In this role you'll work at the intersection of cybersecurity, research IT, and data governance, growing expertise in high-demand areas like ISO27001, secure cloud operations, and biomedical data protection. You’ll gain exposure to cutting edge use cases in data governance and analysis balancing the need to support impactful biomedical research with protecting data entrusted to us by patients and researchers.

• Implement and maintain ISO27001/17-compliant controls including access rights, cryptography, and policies.
• Support management review and audit schedules for ISO27001 and ISO38505 audits.
• Maintain ISMS documentation and contribute to internal and external audit processes.

• Administer server hardware, virtualisation platforms (e.g., OpenShift, ProxMox), and network infrastructure.
• Monitor system performance and ensure high availability and disaster recovery readiness.

• Manage onboarding, training, and exit procedures for system users in alignment with ISMS protocols.
• Maintain access control logs and respond to access-related incidents.

• Participate in IT risk assessments for internal systems and SaaS platforms.
• Support data governance by mapping system purposes to data classifications and validating controls for each tier.

• Work closely with HR, IT, and research teams to support joint appointments and secondments involving system access.
• Provide technical support and guidance to users and stakeholders.

• Bachelor's degree in Computer Science, Engineering, Information Security, or related field (or equivalent professional certifications + experience).
• Minimum 4 years of experience in system administration, preferably in regulated environments such as research, healthcare or ISO27001-certified organisations.
• Strong understanding of ISO27001 and related standards.
• Experience with Linux/Unix systems, virtualisation platforms, and network security.
• Excellent documentation and communication skills.