Manager / Senior Manager (Cybersecurity Technology And Incident Response)

As a member of #TeamPSA, you will be part of a diverse and global team at the forefront of creating cargo solutions to enable more agile, resilient and sustainable supply chains. Experience first-hand and drive supply chain transformation from Singapore and through PSA's global network of ports, logistics and supply chain solutions. Alongside, we can move the world!

• Develop Your Potential:
  We emphasise and offer exciting rotations, learning and development opportunities, which will fuel your career aspirations and complement your business exposure across our global network.
• Diverse, Equal Opportunity:
  We build a sustainable work culture where all our people feel welcome, valued, respected and able to express their ideas and beliefs freely. We believe that diversity of thought and approaches in our workplace makes us stronger as a team.
• Competitive Compensation &
  Benefits:
  We are committed to recognising and rewarding your contributions to the business. Our benefits packages aim to improve your quality of life by providing support for medical, dental, recreation, among others.

PSA Group is looking for a strong team player/leader who is passionate about security with at least 10 years of experience in cyber security and around 5-7 years of the cyber security experience in technology management, incident response and forensics, to join their growing group cyber security team.
Beyond an attractive remuneration, you will gain a wealth of diverse experience and exposure especially with the planning/design of future port terminal developments as well as possible stints with our overseas port terminals such as in Europe and Asia.
You will gain exposure in the realm of cutting-edge cyber-physical systems and experience supporting cyber ecosystem risk assessments and security improvements to enable both our future port development and cargo solutions orchestration.
Experience working with cyber security and in a regulated environment will be an added advantage.
This role reports to Head Group Cybersecurity at PSA International Pte Ltd.
Key Job Scope
You will:

• Be responsible, along with other team members, for cybersecurity technology management, cybersecurity engineering, cybersecurity advisories, vulnerability management, event management, incident management as part of overall Global SOC ("
  GSOC"
  ) responsibilities across the digital assets of PSA business classes and units including IT, OT, IoT and IIoT.
• Contribute to the development of technological and incident management standards, procedures and guidelines in alignment with PSA goals and objectives across our digital assets.
• Perform threat intelligence monitoring and watch out for new tactics, techniques and procedures as well as indicators of exposure, attack and compromises in the cyber security space.
• Design and develop timely and actionable vulnerability and threat intelligence advisories to all our business classes and units, provide vulnerability management and remediation oversight.
• Develop and improve incident response plans, coordinate, conduct or participate in incident drills, forensic exercises, table-top exercises and red/purple teaming exercises.
• Perform cybersecurity incident response as part of the larger team, able to provide Level 2 or 3 incident response support on a 24×7 on-call basis.
• Design or deploy technological solutions and architecture for IT, OT and IIoT, and establish demand aggregation and consumption across business classes and units.
• Perform cybersecurity threat modelling and risk assessments on various IT, OT and IIoT architectures, system and network designs and their components.

Job Experience and Competencies in one or more of the following:

• Good experience in incident response and forensics process
• Good experience and knowledge in performing cybersecurity threat modelling and risk assessment
• Designed IT and OT cybersecurity architecture in a maritime, transport or logistics industry
• Conducted cybersecurity vulnerability and threat intelligence analysis, cybersecurity monitoring, cybersecurity event analysis and correlation, incident response and forensics investigation
• Good project management skills, experience in project planning, management and implementation of cybersecurity frameworks (NIST, ISO)
• Prior maritime, logistics or transportation knowledge with international experience would be an advantage

The successful candidate must have some of the following skills, personalities and certifications -
Skills:

• Must have at least a Degree in Computer Science or related discipline
• Must have at least 10 years of cybersecurity experience
• Must have good knowledge of incident management and forensics procedures (e.G., GCIH, GCIA, GCFA or GREM)
• Good knowledge of cybersecurity architectural practices such as TOGAF or SABSA
• Good knowledge of cybersecurity control frameworks pertaining to cybersecurity (e.G., NIST CSF, ISO27001, etc.)
• Good knowledge of OT cybersecurity frameworks and guidelines such as NIST SP800-82 and ISO/IEC 62443
• Good understanding of cybersecurity maturity models such as C2M2, CMMC or CMMI
• Good understanding of threat modelling, MITRE ATT&
  CK and associated frameworks
• Good understanding of risk governance (e.G. CRISC, COBIT)

Personalities:

• Strong communication, interpersonal, analytical, and problem-solving skills
• Able to work as a team as well as independently
• Willingness to be hands-on to do groundwork and adopt a growth mindset
• Ability to handle workload in peaks and troughs
• Willingness to travel at short notice
• Good project management skills

Certifications:

• GCIH, GCIA, GCFA, GREM, MITRE or equivalent (Essential)
• TOGAF, SABSA or equivalents
• ISA/IEC 62443 or equivalent
• CRISC, or equivalent
• CISSP, CISM or equivalent