Manager, Cyber Security (Threat Mgmt)

SMRT Trains Ltd was incorporated in 1987 and operates Singapore's first mass rapid transit system. Today, we manage and operate train services on the North-South Line, East-West Line, the Circle Line, the Thomson-East Coast Line, and the Bukit Panjang Light Rail Transit. With over 5,000 employees, more than 250 trains, and 141 km of rail tracks across 108 stations, we serve millions of commuters daily.

Security, privacy and operational resilience are critical issues facing all organizations today. We are currently looking for qualified and capable security minded individuals to be the driving force behind SMRT's cyber security measures with the goal of enabling ongoing, secure and reliable operations across the enterprise.

• Serving as a cybersecurity expert in helping project teams comply with enterprise and cybersecurity security policies, industry regulations, and best practices.
• Detection, triage, escalation and analysis of potential cybersecurity threats, events and incidents.
• Management and tracking of cybersecurity incidents from opening to closure and staffing of relevant updates to SMRT management.
• Leading cybersecurity incident after-action reviews.
• Developing cybersecurity incident handling practices, standards and guidelines, playbooks and solutions aligned with technical and industry best practices.
• Staying updated with the latest cybersecurity monitoring incident management tools and recommending solutions when required.
• Leading response to existing and emerging cybersecurity threats.
• Conducting host forensics, network forensics, and log analysis in support of incident response investigations.
• Using tools to continuously monitor organization's digital assets to identify and remediate potential points of attack.
• Managing and implementing cybersecurity projects assigned by GCISO.
• Staying informed about the latest cybersecurity threats and trends.

• Degree in Information Systems, Computer Science or equivalent.
• At least 6 years of experience in Cybersecurity with experience in cybersecurity SOC operations and/or threat hunting.
• Possess good understanding of OT fundamentals and OT cybersecurity practices, including but not limited to distributed control system (DCS) and supervisory control and data acquisition (SCADA) architecture, and the role of common system components.
• Cybersecurity credentials such as CISSP, CISM, GCIH and GCFE will be advantageous.

• Good understanding of managed security services, network security, monitoring and incident response.
• Good understanding of cybersecurity principles, governance and risk management.
• Good understanding, and ability to translate cybersecurity threats or risk to impacts on the ICT/OT environment and appropriate mitigation techniques will be advantageous.
• Good knowledge of cybersecurity operations, incident handling, forensic investigation.
• Ability to analyse and interpret data from various sources to identify potential cyber security threats.
• Strong understanding of MITRE ATT&CK and IEC/ICS MITRE frameworks.
• Familiarity with regulatory frameworks such as the Cybersecurity Code of Practice (CCoP).
• Experience with PLQ programming or SCADA implementation will be advantageous.
• Ability to demonstrate good understanding of IT/OT infrastructure and security controls.

• Excellent verbal and written communication skills.
• Strong leadership, communication, interpersonal, analytical and problem-solving skills.