Operational Technology Cyber Engineer

Key Responsibilities OT Security Design & Implementation • Develop and implement cybersecurity measures across operational technology environments within power generation and water treatment facilities. • Design and maintain OT network architecture, ensuring proper segmentation between IT and OT environments (including Purdue Model Levels 0–3.5). • Harden ICS assets such as HMIs, PLCs, RTUs, DCS, SCADA systems, and engineering workstations. • Ensure secure IT/OT integration and apply regular patching or compensating controls to OT assets. Risk Assessment & Compliance • Conduct risk assessments and ensure compliance with NIST CSF, ISO 27001:2022, and Singapore's CII regulations (CCoP by CSA, WSCP by PUB). • Support alignment with Company's Group Cybersecurity Framework (based on NIST CSF) • Ensure compliance with IEC 62443 / ISA 99 standards for industrial automation and control system security. [ • Support audits and regulatory reviews (including CSA and PUB assessments) to maintain a robust cybersecurity posture across critical infrastructure. Monitoring & Incident Response • Monitor OT systems for anomalies using cybersecurity tools (e.g., SIEM, Claroty, Nozomi). • Lead incident response efforts for OT cyber incidents, coordinating with O&M teams, IT/OT cybersecurity teams, and external incident response partners (e.g., Black Panda, EY). • Ensure all alerts are managed in a standardised, well-defined, and efficient manner in alignment with Company’s policy. • Execute first-responder actions and follow-up responses per Company's Cyber Security Incident Response Procedures for CII and non-CII OT sites. Documentation & Asset Management • Maintain accurate documentation of network topologies, asset inventories, and OT security configurations. • Ensure all ICS assets are properly catalogued, including SCADA, HMI, PLC, substations, inverters, RTUs, data loggers, firewalls, and anti-virus software across wind, solar, and power generation sites. ️ Physical & Network Security • Enforce physical security controls for ICS assets — locked racks, panels, rooms, secured cabling, and camera surveillance at perimeter access points. • Implement and manage data diodes, firewalls, network segmentation, and access controls per Company’s OT security requirements. Collaboration & Training • Collaborate with internal teams (O&M, Maintenance IAC, Group Digital / Tech Risk Governance) and external vendors. • Deliver cybersecurity awareness training to plant personnel, ensuring frequency of at least once per year with regular awareness messaging. • Provide security advisory for new OT projects, including remote operations by third-party vendors. Requirements Education • Bachelor's degree in Engineering, Cybersecurity, Control Systems, or a related field. Experience • Minimum 3–5 years of experience in OT cybersecurity, preferably in the energy, utilities, or critical infrastructure sector. • Well-experienced in at least one major industrial control system (e.g., Siemens PCS 7, ABB 800xA, Honeywell PKS, GE Mark VIe, etc.). Technical Skills Area Requirements Standards & Frameworks IEC 62443, NIST CSF, ISA/IEC standards, WSCP (PUB), CCoP (CSA), ISO 27001 Industrial Protocols Modbus, OPC DA/UA, IEC 61850, DNP3 OT Security Tools Claroty, Nozomi, Dragos, or equivalent ICS cybersecurity platforms Network Security Firewalls, network segmentation, SIEM integration, data diodes ICS/SCADA Systems DCS, SCADA, HMI, PLC, RTU hardening and configuration Vulnerability Management Patch management, compensating controls, penetration testing coordination Certifications (Preferred) • CCNA (Cisco Certified Network Associate) • GICSP (Global Industrial Cyber Security Professional) • CISSP (Certified Information Systems Security Professional) • CISM (Certified Information Security Manager) • SANS ICS/OT certifications (e.g., ICS515, ICS410) • CCNP, PCNSE, NSE 1/2/3/4 are advantageous Soft Skills • Strong analytical and problem-solving abilities • Excellent verbal and written communication skills • Ability to work independently and as part of a small, agile OT cybersecurity team • Proactive attitude with commitment to continuous learning in the evolving OT threat landscape