Job Description

Manager, Cyber Security (Respond & Recover)








Job Purpose



Security, privacy and operational resilience are critical issues facing all organizations today. We are currently looking for qualified and capable security minded individuals to be the driving force behind SMRT\xe2\x80\x99s cyber security measures with the goal of enabling ongoing, secure and reliable operations across the enterprise.




Responsibilities



As Manager, Cyber Security (Respond & Recover), you will work as part of the team to drive threat-management and oversee cyber incidents associated with cyber security in both ICT and Operational Technology systems to provide a secure environment. Specific responsibilities include, but are not limited to:

• Manage the organization\'s cybersecurity incident response and threat management
• Assess, triage and investigate, resolve incidents and threats recieved
• Track and manage all incidents from opening to closure and prepare relevant reports for the management
• Follow standard procedures and ensure compliance to regulatory frameworks such as the CSA Code of Practice (CCoP) and LTA Cyber Security Incident Management Framework
• Participate in incident after action review after major incidents
• Develop secure incident practices, standards and guidelines, playbooks and solutions towards adopting technical and best practices
• Stay updated on the latest incident management tools and recommend solutions whenever required
• Be the ambassador and promote security awareness among the organization

Qualifications & Work Experience

• You should possess a Degree in Information Systems, Computer Science or equivalent
• At least 6 years of experience in Cybersecurity with experience in cybersecurity SOC operations and/or threat hunting
• Cybersecurity credentials such as CISSP, OSCP, GCIH and/or GICSP will be advantageous
• Familiarity with regulatory frameworks such as the CSA Code of Practice (CCoP) and LTA Cyber Security Incident Management Framework

Skills



Technical Skills

• Good knowledge of security operations, incident handling, forensic investigation
• Foundational understanding of the Purdue model
• Experience with PLQ programming or SCADA implementation will be advantageous
• Strong understanding of MITRE ATT&CK and ICS MITRE frameworks
• Ability to translate cybersecurity threats or risk to impacts on the ICT/OT environment and communicate effectively to provide clear and effective mitigations or remediations
• Good understanding, and ability to translate cybersecurity threats or risk to impacts on the ICT/OT environment and appropriate mitigation techniques will be advantageous

Generic Skills

• Excellent verbal and written communication skills
• Strong leadership, communication, interpersonal, analytical and problem-solving skills

SMRT Trains Ltd was incorporated in 1987 and operates Singapore\xe2\x80\x99s first mass rapid transit system. Today, we manage and operate train services on the North-South Line, East-West Line, the Circle Line, the Thomson-East Coast Line, and the Bukit Panjang Light Rail Transit. With over 5,000 employees, more than 250 trains, and 141 km of rail tracks across 108 stations, we serve millions of commuters daily.