Our client is in the Energy industry and we are assisting to source for a Senior / Principal CyberSecurity Analyst, to drive and formulate the implementation of the controls required for the following new and added scopes under Cybersecurity Code of Practice (CCoP) 2.0 in ensuring the company’s continual compliance to the regulatory requirements.

The CyberSecurity Analyst will be the lead Analyst cum Project Manager for cybersecurity compliance projects in the company.

Job Scope:

• Perform vulnerability assessment and work collaboratively with service providers to perform penetration testing and purple teaming attack simulation.
• Lead and conduct threat hunting and cybersecurity exercises
• Review cyber risks and propose improvement on security control
• Work with Cybersecurity lead to review policies, standards and procedures

Job Responsibilities:

Lead Analyst Responsibilities

• Be familiarise with the CSA CCoP 2.0 control requirements
• Initiate the review process for company’s policies, standards, guidelines and procedures being impacted by the CCoP revision
• Manage the roll out of the revised policies, standards, guidelines and procedures with the affected stakeholder groups
• Facilitate requirement gathering and scope up the cybersecurity initiatives
• Research and reach out to prospective service providers to understand their service offering
• Develop projects plan and strategise the execution of the projects
• Follow through company’s procurement process for the award of the cybersecurity projects to the most suitable service providers
• Identify any new controls and any existing controls that need to be revised, with regards to the revised CCoP 2.0
• Propose the required controls (new or revised) and obtain buy in from the relevant stakeholder
• Design sustainable work processes and measures to ensure the required controls are implementable
• Initiate the review process for company’s Cybersecurity Incident Response Plan
• Work with the relevant stakeholders to develop any new or revise the necessary checklists, templates and / or procedures for the response plan
• Publish the revised response plan

Project Management Responsibilities

• Perform due diligence in assessing suitable vendors to deliver the planned cybersecurity projects
• Manage the expectation and performance of the awarded vendors delivering the projects till completion
• Develop vendor contacts and relationships for the next phase of the projects, if any
• Develop and maintain projects plan
• Maintain the projects schedule and give periodic report on the progress
• Manage any identified risks and issues
• Manage the required resources for successful projects delivery
• Ensure all identified project deliverables are delivered
• Review and draft any service contract, within the scope of the planned CCoP cybersecurity initiatives, in accordance to company’s procurement practices and cybersecurity guidelines, and Singapore laws and regulations
• Manage and track the contracts awarded
• Report any breach or vendor non-performance against the awarded contract terms

Job Requirements

• Degree in Computer Science, Information Systems or equivalent
• At least 5-7 years working experience in cybersecurity compliance capacity
• A MUST to be proficient with Cybersecurity Code of Practice (CCoP) 2.0
• Operational Technology (OT) cybersecurity experience will be advantageous
• Experience with Instrument & Control Systems is a plus
• CISSP or NIST-related certification is a plus
• Project management certification is a plus
• ITIL certification is a plus

Essential (Possess at least 2 of the following skills and competencies)

• Experience with Network Infrastructure management
• Experience with SIEM, IDS/IPS, EDR solutions and processes
• Experience in conducting IT vulnerability assessment and penetration testing exercise
• Experience in conducting cybersecurity awareness training
• Experience in facilitating workshops
• Experience in managing projects, vendors and contracts
• Experience in conducting audits or providing cybersecurity consultations

If you are keen in this role, you may also send us your updated CV in MS Words format to Christopher Wong (R1104673) at christopher.wong@gmprecruit.com for review and we will arrange for a convenient time to speak more.

We regret that only shortlisted candidates will be notified.

GMP Technologies (S) Pte Ltd | EA Licence: 11C3793 | EA Personnel: Christopher Wong | Registration No: R1104673