Senior / Specialist (Cyber Analysis & Operations)

[What the role is]
Be accountable for the cybersecurity operations of MPA by managing the Maritime Security Operations Centres and applying adversarial tactics to identify security weaknesses and build defence capabilities against them.

[What you will be working on]

The key duties and responsibilities are to:

• Perform red teaming assessments using tools to identify vulnerability of developed systems in MPA and critical information infrastructure (CII) owners, and be involved in the planning, design, simulation and execution of attacks on targeted MPA and CII owners’ network environment. Leverage existing and emerging methods to identify vulnerabilities in people, process and technologies, that could result in business impact to MPA and CII owners. 

• Keep abreast of the latest industry ICT security practices and technologies as well as emerging threats and vulnerabilities. Develop, research and maintain proficiency in tools, techniques and vulnerabilities trends for red teaming.

• Enhance early detection capability by establishing and maintaining the Information Exchange Framework and improvise the Maritime Cyber Security Network (MCSN) Portal to ensure effective and safe communication, as well as information sharing among the maritime stakeholders.

• Supervise and manage the 24x7 Maritime Cyber Security Operations Centre (SOC) to provide early warning of impending cyber-threats, and be part of the team to upgrade and design the current and new SOC.

• Work with the CII’s enterprise/solution architecture, application development, Operational Technology teams to ensure that there is a convergence of business, technical and cybersecurity requirements; liaise with ICT management to align existing technical installed base and skills with future architectural requirements.

• Establish and maintain the cyber incident response framework to ensure readiness to respond to cyber-security incidents. Manage and conduct investigations to ensure appropriate follow up actions are taken to address any security gaps.

• Plan, conduct and participate in exercises to ensure preparedness at national and agency level to deal with any cyber security incidents.

[What we are looking for]

• Accreditations such as CISSP, CISM, GIAC certifications or relevant accredited certifications in cybersecurity.
• 3-5 years of experience in IT/ OT related role in the areas of security operations related works is preferred. Candidates with relevant certifications but no prior experience are welcomed to apply.
• Prior experience with conducting red teaming, security assurance testing, SOC will be preferred.
• Good verbal and written communication skills with stakeholders at all levels.
• Understanding of international security standards such as NIST Cybersecurity Framework, OWASP and GovTech and CSA incident reporting frameworks will have an advantage.
• Strong analytical, interpersonal and communication skills
• Work effectively in teams
• Strong analytical, writing and communications skills
• A good command of English.
• Candidates with additional years of relevant experience may be considered for more senior position (e.g. Senior Specialist / Assistant Director).
• Successful candidates will be offered a 2-year contract in the first instance and may be considered for an extension or placement on a permanent appointment
• Willing and comfortable with shift schedule