Key Responsibilities
?
OT Security Design & Implementation
• Develop and implement cybersecurity measures across operational technology environments within power generation and water treatment facilities.
• Design and maintain OT network architecture, ensuring proper segmentation between IT and OT environments (including Purdue Model Levels 0–3.5).
• Harden ICS assets such as HMIs, PLCs, RTUs, DCS, SCADA systems, and engineering workstations.
• Ensure secure IT/OT integration and apply regular patching or compensating controls to OT assets.
?
Risk Assessment & Compliance
• Conduct risk assessments and ensure compliance with NIST CSF, ISO 27001:2022, and Singapore's CII regulations (CCoP by CSA, WSCP by PUB).
• Support alignment with Company's Group Cybersecurity Framework (based on NIST CSF)
• Ensure compliance with IEC 62443 / ISA 99 standards for industrial automation and control system security. [
• Support audits and regulatory reviews (including CSA and PUB assessments) to maintain a robust cybersecurity posture across critical infrastructure.
?
Monitoring & Incident Response
• Monitor OT systems for anomalies using cybersecurity tools (e.g., SIEM, Claroty, Nozomi).
• Lead incident response efforts for OT cyber incidents, coordinating with O&M teams, IT/OT cybersecurity teams, and external incident response partners (e.g., Black Panda, EY).
• Ensure all alerts are managed in a standardised, well-defined, and efficient manner in alignment with Company’s policy.
• Execute first-responder actions and follow-up responses per Company's Cyber Security Incident Response Procedures for CII and non-CII OT sites.
?
Documentation & Asset Management
• Maintain accurate documentation of network topologies, asset inventories, and OT security configurations.
• Ensure all ICS assets are properly catalogued, including SCADA, HMI, PLC, substations, inverters, RTUs, data loggers, firewalls, and anti-virus software across wind, solar, and power generation sites.
?ï¸
Physical & Network Security
• Enforce physical security controls for ICS assets — locked racks, panels, rooms, secured cabling, and camera surveillance at perimeter access points.
• Implement and manage data diodes, firewalls, network segmentation, and access controls per Company’s OT security requirements.
?
Collaboration & Training
• Collaborate with internal teams (O&M, Maintenance IAC, Group Digital / Tech Risk Governance) and external vendors.
• Deliver cybersecurity awareness training to plant personnel, ensuring frequency of at least once per year with regular awareness messaging.
• Provide security advisory for new OT projects, including remote operations by third-party vendors.
Requirements
?
Education
• Bachelor's degree in Engineering, Cybersecurity, Control Systems, or a related field.
?
Experience
• Minimum 3–5 years of experience in OT cybersecurity, preferably in the energy, utilities, or critical infrastructure sector.
• Well-experienced in at least one major industrial control system (e.g., Siemens PCS 7, ABB 800xA, Honeywell PKS, GE Mark VIe, etc.).
?
Technical Skills
Area Requirements
Standards & Frameworks IEC 62443, NIST CSF, ISA/IEC standards, WSCP (PUB), CCoP (CSA), ISO 27001
Industrial Protocols Modbus, OPC DA/UA, IEC 61850, DNP3
OT Security Tools Claroty, Nozomi, Dragos, or equivalent ICS cybersecurity platforms
Network Security Firewalls, network segmentation, SIEM integration, data diodes
ICS/SCADA Systems DCS, SCADA, HMI, PLC, RTU hardening and configuration
Vulnerability Management Patch management, compensating controls, penetration testing coordination
?
Certifications (Preferred)
• CCNA (Cisco Certified Network Associate)
• GICSP (Global Industrial Cyber Security Professional)
• CISSP (Certified Information Systems Security Professional)
• CISM (Certified Information Security Manager)
• SANS ICS/OT certifications (e.g., ICS515, ICS410)
• CCNP, PCNSE, NSE 1/2/3/4 are advantageous
?
Soft Skills
• Strong analytical and problem-solving abilities
• Excellent verbal and written communication skills
• Ability to work independently and as part of a small, agile OT cybersecurity team
• Proactive attitude with commitment to continuous learning in the evolving OT threat landscape
