We are seeking two Cybersecurity Analyst to protect our healthcare AI systems and sensitive user data.

This role combines traditional security analysis with AI/ML-powered threat detection, security automation, and AI system security. You will secure infrastructure handling dementia patient data while leveraging AI tools to enhance detection, response, and compliance.

Remote or hybrid.

Entire organisation meets weekly on Tuesday 9pm-10pm Singapore which you must be able to attend.

For applicants seeking internship: 2 additional spots available - indicate clearly your areas of expertise and further development.

Key Responsibilities

• AI-powered threat detection & response
  • Deploy and tune AI/ML models for anomaly detection, intrusion detection, and behavioral analysis.
  • Implement automated threat hunting using LLM-assisted log analysis and pattern recognition.
  • Build security automation workflows that leverage AI for triage, investigation, and remediation.
  • Monitor and respond to security events across cloud infrastructure, APIs, and application layers.
• AI system security
  • Assess and mitigate risks specific to LLM-powered applications (prompt injection, data leakage, model poisoning, adversarial attacks).
  • Implement security controls for AI inference endpoints, model serving infrastructure, and data pipelines.
  • Review AI/ML architectures for vulnerabilities in RAG systems, agent workflows, and MCP implementations.
  • Establish guardrails for safe AI behavior in production healthcare contexts.
• Healthcare data protection & compliance
  • Ensure compliance with healthcare data regulations (PDPA, GDPR, HIPAA standards).
  • Implement encryption, access controls, and data minimization across systems handling PII and PHI.
  • Conduct privacy impact assessments for new AI features involving patient data.
  • Monitor data flows and enforce data residency requirements across multi-region deployments.
• Security operations & infrastructure hardening
  • Perform vulnerability assessments, penetration testing, and security audits.
  • Harden cloud infrastructure (GCP), containers, Kubernetes, and API gateways.
  • Establish security baselines, policies, and runbooks for incident response.
  • Implement and maintain SIEM, EDR, and security monitoring tools.
• Cross-functional collaboration
  • Work with engineering teams to embed security into CI/CD pipelines and development practices.
  • Provide security guidance during architecture reviews and feature development.
  • Conduct security awareness training and promote security-first culture.
  • Document security procedures, incident reports, and compliance evidence.

Must-Have Experience

• Security fundamentals
  • 3+ years in cybersecurity roles (SOC analyst, security engineer, or similar).
  • Strong understanding of network security, application security, and cloud security principles.
  • Hands-on experience with security tools (SIEM, IDS/IPS, vulnerability scanners, EDR).
  • Knowledge of common attack vectors, MITRE ATT&CK framework, and incident response procedures.
• AI & machine learning for security
  • Experience deploying AI/ML models for security use cases (anomaly detection, threat intelligence, automated analysis).
  • Proficiency with Python for security automation, data analysis, and integrating AI tools.
  • Familiarity with LLMs for security tasks (log analysis, threat hunting, policy generation).
  • Understanding of AI/ML security risks and mitigation strategies.
• Healthcare & regulated environments
  • Experience with healthcare data regulations (PDPA, GDPR, or HIPAA).
  • Understanding of data privacy requirements for sensitive personal information.
  • Knowledge of compliance frameworks (ISO 27001, SOC 2, or similar).
• Cloud & infrastructure security
  • Hands-on experience securing cloud environments (GCP preferred, AWS/Azure acceptable).
  • Knowledge of container security (Docker, Kubernetes).
  • Experience with infrastructure-as-code and security automation.

About You: