Cyber Security Specialist

Job Title

Job Description

Job Title

Cyber Security Specialist APAC

Job Description

As a Cyber Security Specialist, you are responsible for designing, implementing, and managing security solutions to protect the material handling systems of our clients. This includes information systems, networks, and manage vulnerability management, cybersecurity exercises, and governance/risk/compliance (GRC).

Your primary role is to provide expert guidance, support, and leadership in all matters related to information security, interpreting customer requirements/regulations will require you to analyze tender documents and have meetings with clients and external stakeholders. You are aware of the rules and regulations of countries we do business in, such that you can proactively advise clients on practical solutions to be compliant.

Your tasks and responsibilities

• As a qualified Subject Matter Expert (SME) for security technologies, supporting critical projects based on business needs. These unique projects often involve expedited deliverables, and operational agility, and require top-quality deliverables covering both the consulting and operations functions.
• Communicate effectively with stakeholders, including IT teams, senior management, and regulatory bodies based on active security threats.
• Responsible for CCOP compliance audit (internal/external) reports, ensuring Vanderlande’s system adheres to the requirements of CCOP v2 and aligns legal and regulatory requirements to enhance cybersecurity resilience.
• Collaborate with cross-functional teams to implement security measures and address security requirements. Handle internal escalations to project integration, product management, and engineering for feature requests.
• Identify opportunities to improve processes and/or tools to ensure the highest level of quality, including documentation, mentoring, and training sessions.
• Own the technical components of a customer integration project including but not limited to configuration, debugging, documentation, testing, and go-live support.
• Develop, implement, and enforce risk management policies, procedures, and controls to mitigate potential threats with the technological requirements imposed by Vanderlande’s technology standards and reference architecture.
• Risk identification and mitigation for deploying security technologies in production live systems, while ensuring standards are adhered to as well as maintenance/repair supervision working with vendor support teams on corrective activities for issues.
• Assist in any ad-hoc tasks when necessary.

As Cyber Security Specialist you report to the Group Integration Manager APAC. Based on your field of interest there is an opportunity to grow to a senior architect or manager role within the service or project execution department.

Your department

The APAC project integration department is part of the business unit Airport & Parcel Solutions within Vanderlande Industries. The department is responsible for system design, testing, and integration of complex Airport and Parcel systems for customers in the Asia Pacific region like Changi, Hong Kong, and Sydney airports and DHL, FedEx, and UPS international customers. The department works in an international team setting with people from different countries with different cultural backgrounds.

Your Profile

You are a natural leader in your profession. You are passionate about systems engineering and capable of finding a practical balance between constant change for improvement and stability in the execution of projects. You are able to quickly adapt domain knowledge and language, so you can easily connect to stakeholders on different levels. You have a talent for clarifying vision, concepts, and approaches. You like to coach colleagues on their professional knowledge and behavior.

• Bachelor's degree in Information Technology, Computer Science, or a related field.
• Over 5 years of experience in Information Technology risk management.
• Familiar with common web application vulnerabilities and technical knowledge to address and mitigate vulnerabilities. Any prior vulnerability management experience is preferred.
• Familiar of NGFW, IPS, App Control, SSL inspection, DNS and NFS, SMTP, HTTP, TCP/IP.
• Knowledge of the following technologies: Routing, Switching, VPN, LAN, WAN, Network Security, Intrusion Detection, Anti-Virus, Advance Threat Prevention, Endpoint Protection, EDR, NDR, Sandboxing and EASM/band Protection solution are advantageous.
• Strong understanding of information security frameworks, risk assessment methodologies, and regulatory requirements is preferred.
• Familiar with related regulations such as Technology Risk Management Guidelines, CCoP2 Risk Management Practices, Guidelines on Business Continuity Management, Guidelines on Outsourcing, and other relevant notices and guidelines
• Familiarity with industry frameworks and methodologies for technology risk management, such as NIST Cybersecurity Framework, ITIL, ISO 27001, and COBIT is preferred.
• Experience with OT security IEC 62443 (International series of standards addressing cyber security in industrial automation and control systems), NIS 2 (Future European Union cyber security legislation), Machine directive (EU 2023/1230), Secure Network Architecture initiative (SNA) is preferred.
• Professional certifications such as CISA (Certified Information Systems Auditor), CISM (Certified Information Security Manager), or CRISC (Certified in Risk and Information Systems Control) are advantageous.
• Experience with risk assessment tools and technologies is preferred.
• Excellent communication skills, both written and verbal. English and Mandarin speaker is preferred.
• Basic experience in the field of software development and industrial automation is preferred.
• Willingness to travel and enjoy customer contact (internal and external) in the context of concept and requirement specifications.