About The Company
At Foundation Healthcare, we believe that all stakeholders in the healthcare ecosystem must work closely together to deliver better value for the patients we care for. We believe healthcare should be: accessible, affordable and accountable. Currently one of the largest multi-specialty private specialist groups in Singapore, we are supported by our proprietary technology platform and strategic partnerships. Work with us to reimagine and build out the foundation for modern healthcare.
Our Culture
We dream big. We push boundaries. All while remembering the importance of laying the right foundations to build a sustainable organization.
We are a team of passionate and dynamic individuals pursuing our best daily. We respect everyone's ideas and talents, and we embrace diversity.
About the Role:
The Senior IT & Cybersecurity Engineer is a hands-on technical role responsible for strengthening Foundation Healthcare's cybersecurity posture while supporting the secure and reliable operation of core IT services across HQ and clinic sites. This role is suited for someone with a stronger security mindset who can drive cyber hygiene, implement security controls, support investigations and remediation, and maintain technical readiness for audit and compliance requirements.
The role works closely with the Head of Cybersecurity & IT Operations to improve endpoint, identity, and infrastructure security, support incident response activities, and ensure operational environments remain secure, well governed, and fit for purpose.
Key Responsibilities & Skills:
- Support the secure day-to-day operation of IT infrastructure across HQ and clinic sites, with emphasis on cyber hygiene, resilience, and control effectiveness.
- Administer endpoints across Windows and macOS environments, including deployment, patching, encryption, device compliance, monitoring, troubleshooting, and retirement/disposal.
- Support identity and access management processes, including joiner/mover/leaver activities, account provisioning and deprovisioning, MFA, privileged access controls, and periodic user access reviews.
- Implement and maintain cybersecurity controls across endpoints, Microsoft 365, identity, and core infrastructure, including endpoint protection, EDR/XDR, hardening baselines, and patch compliance.
- Support vulnerability management by reviewing findings, coordinating remediation, validating closure, and tracking overdue actions.
- Monitor and support investigation of security alerts, suspicious activity, and operational incidents, assisting with containment, evidence gathering, escalation, and follow-up actions.
- Support backup, restore, and recovery activities for critical systems and business data to strengthen resilience and recovery readiness.
- Assist in managing clinic connectivity and local infrastructure, including LAN/Wi-Fi, firewall coordination, VPN access, routing issues, and vendor escalation support.
- Maintain accurate technical and security documentation, including SOPs, runbooks, access records, patch reports, incident logs, and audit artefacts.
- Support compliance and audit readiness by preparing technical evidence and demonstrating implemented controls aligned to internal and external requirements.
Who Are We Looking For:
- Diploma or Degree in Information Technology, Cybersecurity, Computer Science, or a related discipline.
- Minimum 5 years of hands-on experience in IT infrastructure, systems administration, or IT/security operations.
- Strong experience with Microsoft 365, endpoint administration, and identity and access management.
- Practical knowledge of Windows and macOS environments, networking fundamentals, and core infrastructure support.
- Hands-on experience with cybersecurity operations, including patching, endpoint protection, EDR/XDR, MFA, vulnerability remediation, hardening, and incident support.
- Comfortable working across both IT operations and cybersecurity responsibilities in a lean, fast-moving environment.
- Strong troubleshooting, documentation, communication, and stakeholder coordination skills.
- Healthcare industry experience and exposure to compliance or audit environments such as ISO 27001, Cyber Trust Mark, or healthcare security/privacy requirements will be an advantage.
