[What you will be working on]
The key duties and responsibilities are to:
Lead technical studies on the existing and future OT cybersecurity scope, to build and deepen understanding of the cybersecurity services and technologies.
Develop and lead the implementation of OT cybersecurity initiatives tailored for the Maritime sector.
Work closely with relevant divisions within MPA to develop OT cybersecurity guidelines/templates, security requirements, network reference architecture, and establish OT cyber security training and awareness program, etc.
Conduct cyber security architecture design review, cyber risk assessment, vulnerability assessment and penetration testing for OT systems, with focused emphasis on minimising disruption to critical information infrastructure and maintaining high operational availability.
Work closely with stakeholders on security monitoring of OT systems and maintain compliance with the relevant cybersecurity requirements, guidelines and good practices.
Lead and support project management efforts throughout the project life cycle, including, but not limited to, planning, execution, testing, validation and delivery to ensure timely and successful achievement of the desired OT cybersecurity outcomes.
Keep abreast of the latest industry cybersecurity practices and technologies as well as emerging threats and vulnerabilities and provide insights to CTO and CISO and recommend appropriate controls and solutions for implementation to enhance Maritime sector cybersecurity posture.
[What we are looking for]
At least 3 years of experience with OT security (such as OT Purdue model, OT network security, OT protection, OT Probes (e.g. Claroty, Nozomi)).
Experience deploying or supporting security practices and technologies such as risk or vulnerability assessments, antivirus software, firewalls, intrusion detection systems, centralised alert logging and monitoring in OT environment (preferably in Maritime sector).
Capable of leading projects involving multiple stakeholders.
Certifications related to product management, cybersecurity (e.g., CISSP).
Knowledge of regulatory requirements and security standards (e.g., NIST 800-82, ISO 27001, IEC 62443) relevant to IT and OT security.
Good verbal and written communication skills with stakeholders at all levels.
Strong analytical, interpersonal and communication skills.
Work effectively in teams.
Strong analytical, writing and communications skills.
A good command of English.