Manager/Senior Manager (Cybersecurity Technology and Incident Response)

About our client

Our client is a leading port group and trusted partner to cargo stakeholders. Their global network encompasses 160 locations in 42 countries around the world. The Group’s portfolio comprises over 60 deep-sea, rail and inland terminals, as well as affiliated businesses in supply chain management, logistics, marine and digital services.

Job Overview

• Our client is looking for a strong team player/leader who is passionate about security with at least 10 years of experience in cyber security and around 5 to 7 years of the cyber security experience in technology management, incident response and forensics, to join their group cyber security team.
• You will gain a wealth of diverse experience and exposure especially with the planning/design of future port terminal developments as well as possible stints with their overseas port terminals such as in Europe and Asia.
• You will gain exposure in the realm of cutting-edge cyber-physical systems and experience supporting cyber ecosystem risk assessments and security improvements to enable both their future port development and cargo solutions orchestration.
• Experience working with cyber security and in a regulated environment will be an added advantage.
• This role reports to Head Group Cybersecurity.
• A very attractive remuneration package with generous fringe benefits await the right candidate.

Manager/Senior Manager (Cybersecurity Technology and Incident Response)

Key Job Scope

You will:

• Be responsible along with other team members, for cybersecurity technology management, cybersecurity engineering, cybersecurity advisories, vulnerability management, event management, incident management as part of overall Global SOC (“GSOC”) responsibilities across the digital assets of client business classes and units including IT, OT, IoT and IIoT.
• Contribute to the development of technological and incident management standards, procedures and guidelines in alignment with PSA goals and objectives across the digital assets.
• Perform threat intelligence monitoring and watch out for new tactics, techniques and procedures as well as indicators of exposure, attack and compromises in the cyber security space.
• Design and develop timely and actionable vulnerability and threat intelligence advisories to all business classes and units, provide vulnerability management and remediation oversight.
• Develop and improve incident response plans, coordinate, conduct or participate in incident drills, forensic exercises, table-top exercises and red/purple teaming exercises;
• Perform cybersecurity incident response as part of the larger team, able to provide Level 2 or 3 incident response support on a 24x7 on-call basis.
• Design or deploy technological solutions and architecture for IT, OT and IIoT, and establish demand aggregation and consumption across business classes and units;
• Perform cybersecurity threat modelling and risk assessments on various IT, OT and IIoT architectures, system and network designs and their components.

Job Requirements:

Job Experience and Competencies in one or more of the following:

• Good experience in incident response and forensics process.
• Good experience and knowledge in performing cybersecurity threat modelling and risk assessment.
• Designed IT and OT cybersecurity architectures in a maritime, transport or logistics industry.
• Conducted cybersecurity vulnerability and threat intelligence analysis, cybersecurity monitoring, cybersecurity event analysis and correlation, incident response and forensics investigation.
• Good project management skills, experience in project planning, management and implementation of cybersecurity frameworks (NIST, ISO);
• Prior maritime, logistics or transportation knowledge with international experience would be an advantage.

The successful candidate must have some of the following skills, personalities and certifications and skills:

• Must have at least a Degree in Computer Science or related discipline;
• Must have at least 10 years of cybersecurity experience;
• Must have good knowledge of incident management and forensics procedures (e.g., GCIH, GCIA, GCFA or GREM).
• Good knowledge of cybersecurity architectural practices such as TOGAF or SABSA.
• Good knowledge of cybersecurity control frameworks pertaining to cybersecurity (e.g., NIST CSF, ISO27001, etc.).
• Good knowledge of OT cybersecurity frameworks and guidelines such as NIST SP800-2 and ISO/IEC 62443.
• Good understanding of cybersecurity maturity models such as C2M2, CMMC or CMMI.
• Good understanding of threat modelling, MITRE ATT&CK and associated frameworks.
• Good understanding of risk governance (e.g., CRISC, COBIT).

Personalities:

• Strong communication, interpersonal analytical, and problem-solving skills;
• Able to work as a team as well as independently;
• Willingness to be hands-on to do groundwork and adopt a growth mindset;
• Ability to handle workload in peaks and troughs.
• Willingness to travel at short notice.
• Good project management skills.

Certifications:

• GCH, GCIA, GCFA, GREM, MITRE or equivalent (Essential).
• TOGAF, SABSA or equivalents;
• ISA/IEC 62443 or equivalent.
• CRISC, or equivalent.
• CISSP, CISM or equivalent.

Are you ready for a challenging and exciting endeavour that will require the investment of a lot of hard work, dedication and all your experience? Are you ready to bring your skills and competencies to support the establishment and enhancement of our client’s business? If yes, you might be exactly the new team member they are looking for!

Please submit your updated and comprehensive CV in MS WORD FORMAT ONLY (NOT PDF) with full career details, stating current or last drawn salary with full breakdown such as base, incentives, AWS, etc. and expected salary, contact details, educational qualifications, working experiences, reasons for leaving each past employment(s) and availability date to:

[email protected]

What our client offers

Develop Your Potential:

They emphasise and offer exciting rotations, learning and development opportunities, which will fuel your career aspirations and complement your business exposure across their global network.

Diverse, Equal Opportunity:

They build a sustainable work culture where their people feel welcome, valued, respected and able to express their ideas and beliefs freely. They believe that diversity of thought and approaches in their workplace makes them stronger as a team.

Competitive Compensation and Benefits:

They are committed to recognising and rewarding your contributions to the business. They benefits packages aim to improve your quality of life by providing support for medical, dental, recreation, among others.

Personal Data Protection Statement for Job Applicants

Please be informed that the personal data you provided by way of your job application to Benchmark will be collected, used and disclosed by or on behalf of Benchmark to determine or investigate your suitability, eligibility or qualifications for employment with Benchmark and/or its clients and manage your application for employment with Benchmark and/or its clients including identifying you as potential candidate for future suitable positions and/or notifying you of any such positions, either existing or in the future.

Thank You!

We thank all applicants for their interest in a career with our client. Due to the high volume of incoming applications, we will not be able to respond to all applicants. Therefore, only shortlisted applicants will be notified for interviews. All applications will be treated with the strictest confidence.

THOMAS CHAN | MOM CEI No: R1766693 | Benchmark Staffing Solutions | MOM EA License: 21C0679 | UEN: 53435609E