Key Responsibilities

🔧 OT Security Design & Implementation

• Develop and implement cybersecurity measures across operational technology environments within power generation and water treatment facilities.

• Design and maintain OT network architecture, ensuring proper segmentation between IT and OT environments (including Purdue Model Levels 0–3.5).

• Harden ICS assets such as HMIs, PLCs, RTUs, DCS, SCADA systems, and engineering workstations.

• Ensure secure IT/OT integration and apply regular patching or compensating controls to OT assets.

📋 Risk Assessment & Compliance

• Conduct risk assessments and ensure compliance with NIST CSF, ISO 27001:2022, and Singapore's CII regulations (CCoP by CSA, WSCP by PUB).

• Support alignment with Company's Group Cybersecurity Framework (based on NIST CSF)

• Ensure compliance with IEC 62443 / ISA 99 standards for industrial automation and control system security. [

• Support audits and regulatory reviews (including CSA and PUB assessments) to maintain a robust cybersecurity posture across critical infrastructure.

🔍 Monitoring & Incident Response

• Monitor OT systems for anomalies using cybersecurity tools (e.g., SIEM, Claroty, Nozomi).

• Lead incident response efforts for OT cyber incidents, coordinating with O&M teams, IT/OT cybersecurity teams, and external incident response partners (e.g., Black Panda, EY).

• Ensure all alerts are managed in a standardised, well-defined, and efficient manner in alignment with Company’s policy.

• Execute first-responder actions and follow-up responses per Company's Cyber Security Incident Response Procedures for CII and non-CII OT sites.

📑 Documentation & Asset Management

• Maintain accurate documentation of network topologies, asset inventories, and OT security configurations.

• Ensure all ICS assets are properly catalogued, including SCADA, HMI, PLC, substations, inverters, RTUs, data loggers, firewalls, and anti-virus software across wind, solar, and power generation sites.

🏗️ Physical & Network Security

• Enforce physical security controls for ICS assets — locked racks, panels, rooms, secured cabling, and camera surveillance at perimeter access points.

• Implement and manage data diodes, firewalls, network segmentation, and access controls per Company’s OT security requirements.

🤝 Collaboration & Training

• Collaborate with internal teams (O&M, Maintenance IAC, Group Digital / Tech Risk Governance) and external vendors.

• Deliver cybersecurity awareness training to plant personnel, ensuring frequency of at least once per year with regular awareness messaging.

• Provide security advisory for new OT projects, including remote operations by third-party vendors.

Requirements

🎓 Education

• Bachelor's degree in Engineering, Cybersecurity, Control Systems, or a related field.

📅 Experience

• Minimum 3–5 years of experience in OT cybersecurity, preferably in the energy, utilities, or critical infrastructure sector.

• Well-experienced in at least one major industrial control system (e.g., Siemens PCS 7, ABB 800xA, Honeywell PKS, GE Mark VIe, etc.).

💻 Technical Skills

Area Requirements

Standards & Frameworks IEC 62443, NIST CSF, ISA/IEC standards, WSCP (PUB), CCoP (CSA), ISO 27001

Industrial Protocols Modbus, OPC DA/UA, IEC 61850, DNP3

OT Security Tools Claroty, Nozomi, Dragos, or equivalent ICS cybersecurity platforms

Network Security Firewalls, network segmentation, SIEM integration, data diodes

ICS/SCADA Systems DCS, SCADA, HMI, PLC, RTU hardening and configuration

Vulnerability Management Patch management, compensating controls, penetration testing coordination

📜 Certifications (Preferred)

• CCNA (Cisco Certified Network Associate)

• GICSP (Global Industrial Cyber Security Professional)

• CISSP (Certified Information Systems Security Professional)

• CISM (Certified Information Security Manager)

• SANS ICS/OT certifications (e.g., ICS515, ICS410)

• CCNP, PCNSE, NSE 1/2/3/4 are advantageous

🧠 Soft Skills

• Strong analytical and problem-solving abilities

• Excellent verbal and written communication skills

• Ability to work independently and as part of a small, agile OT cybersecurity team

• Proactive attitude with commitment to continuous learning in the evolving OT threat landscape