Operational Technology Cyber Lead

Key Responsibilities Strategic Leadership & Programme Direction • Define and direct OT cybersecurity initiatives that improve the security posture of company's global OT environments, aligned with the Group Cybersecurity Framework (based on NIST CSF). • Lead and manage a team of OT cybersecurity engineers and analysts, ensuring consistent and effective cyber programme implementation across all markets (Singapore, India, UK, China, Southeast Asia, Middle East). • Own the OT cybersecurity roadmap, including technology refresh, tool adoption, and capability uplift aligned with company's Cybersecurity Framework objectives. • Drive continuous improvement of end-to-end OT threat detection, incident response, and vulnerability management processes. • Report to senior leadership on OT cybersecurity risk posture, programme effectiveness, and key metrics via the Monthly Cybersecurity Committee and ExCom briefings. ️ OT Security Architecture & Engineering • Lead the design and implementation of secure OT network architectures across CII and non-CII sites, ensuring proper segmentation (Purdue Model Levels 0–3.5), data diodes, firewalls, and secure communication protocols. • Oversee hardening of ICS assets including DCS, SCADA, HMI, PLC, RTU, and engineering workstations across power generation, water treatment, wind, and solar sites. • Drive secure IT/OT integration initiatives, including edge-to-cloud OT architectures, ensuring audit-ready baselines and compliance with international OT security standards. • Provide Security by Design (SBD) advisory for all new OT projects, including vendor remote operations, ensuring security requirements are embedded from the tender stage through go-live. Risk Management & Regulatory Compliance • Lead risk assessments and Threat Risk Assessments (TRAs) across OT environments, ensuring compliance with NIST CSF, ISO 27001:2022, IEC 62443, and Singapore's CII regulations (CCoP by CSA, WSCP by PUB). • Ensure alignment with company's Operational Technology (OT) Security Policy, Group Cybersecurity Policy, and the Security Requirement – OT Centralised framework. • Ensure regulatory and compliance adherence across global frameworks (ISO 27001, NIST, CCoP, PDPA, GDPR) and local requirements. • Lead audit readiness — prepare for and represent OT cybersecurity during CSA, PUB, and internal assurance reviews. Security Operations & Incident Response • Oversee OT security monitoring operations, including SIEM integration (Google SecOps), OT-specific tools (Claroty, Nozomi), and endpoint protection across all sites. • Lead investigation and remediation of major OT cyber security incidents, coordinating with internal teams (O&M, Maintenance IAC, Group Digital) and external incident response partners. • Ensure all alerts are managed per company's Security Operations Standard and incident response procedures. • Monitor the threat landscape — track APT campaigns, regional threat intelligence, and adapt OT defences accordingly. Vendor & Third-Party Security Management • Enforce company's vendor security requirements, including NDA, GT&C, DPA, ISO 27001/SOC 2 compliance, and independent penetration testing for all OT-related vendors. • Oversee OT vendor cybersecurity assessments, including evaluating remote monitoring and control proposals. • Ensure maintenance contracts for key OT systems include patching, support, SLA, and IR reporting requirements. People Development & Collaboration • Build, mentor, and grow the OT cybersecurity team, promoting continuous improvement and professional development. • Collaborate with Cyber Tech Risk, Cyber Operations, Cyber Threat Defence, and Cyber Assurance teams. • Drive cybersecurity awareness training for plant personnel, ensuring frequency of at least once per year with regular awareness messaging. • Ensure the team stays updated with the latest advancements in OT cybersecurity technologies, global threat landscape, and regulatory developments. Requirements Education • Bachelor's degree in Computer Science, Engineering, Cybersecurity, Control Systems, or a related field. Experience • Minimum 8–12 years of experience in cybersecurity, with at least 5 years specialising in OT/ICS/SCADA environments, preferably in energy, utilities, or critical infrastructure. • At least 3 years in a leadership or management role, leading cybersecurity teams or programmes. • Well-experienced in at least one major industrial control system (e.g., Siemens PCS 7, ABB 800xA, Honeywell PKS, GE Mark VIe, Schneider Electric). • Hands-on experience in security operations, engineering, architecture, and GRC. Technical Skills Area Requirements Standards & Frameworks IEC 62443, NIST CSF, ISA/IEC standards, WSCP (PUB), CCoP (CSA), ISO 27001, PDPA, GDPR Industrial Protocols Modbus, OPC DA/UA, IEC 61850, DNP3 OT Security Tools Claroty, Nozomi, Dragos, or equivalent ICS cybersecurity platforms Security Operations SIEM (Google SecOps / Splunk), SOAR, EDR/XDR, vulnerability management (Tenable, SNYK) Network & Architecture Firewalls, data diodes, network segmentation (Purdue Model), secure remote access, IT/OT convergence ICS/SCADA Systems DCS, SCADA, HMI, PLC, RTU — hardening, configuration, and lifecycle management Cloud & Integration Azure cloud OT governance, edge-to-cloud OT architecture, SD-WAN, IPSEC tunnels Risk & Compliance Threat Risk Assessments, Business Impact Assessments, Security by Design, vendor security assessments Certifications (Preferred) • CISM (Certified Information Security Manager) • CRISC (Certified in Risk and Information Systems Control) • CISSP (Certified Information Systems Security Professional) • GICSP (Global Industrial Cyber Security Professional) • SANS ICS/OT certifications (e.g., ICS515, ICS410) • CCNP, PCNSE, NSE 4+ are advantageous Soft Skills • Strong communication and presentation skills — ability to convey complex OT security issues to technical and non-technical stakeholders, including ExCom and Board-level reporting. • Excellent problem-solving, analytical, and strategic thinking skills. • Proven track record in leading and managing diverse teams, promoting continuous improvement. • Ability to navigate multi-market, multi-cultural environments across company's global operations.