Lead / Principal Engineer, Cybersecurity - Singapore - LTA Land Transport Authority

LTA Land Transport Authority

Verified Company

Singapore

1 week ago

Posted by:

Wei Jie

beBee Recruiter

Description

[What the role is]

LEAD / PRINCIPAL ENGINEER, CYBERSECURITY OPERATIONS

[What you will be working on]

You will join the Cybersecurity Operations team to strengthen cybersecurity readiness, detection and incident management capabilities of Land Transport Critical Information Infrastructure (CIIs), digital/ enterprise IT systems against cyber threats and to ensure the continuity of the essential services.

The work focuses on developing programmes and working with CIIs and systems owners, which include:

Build and lead an effective and intelligence-driven 24x7 Cyber Security Operations function to perform security monitoring, incident response, data loss prevention, vulnerability management, threat intelligence and threat hunting. Mentor and train Cyber Security Operations/ Threat Intelligence team and new hires, manage staffing levels and performance, and create development plan to improve technical skillsets.
Create, manage, and develop roadmap and concept-of-operations (Conops) for Cyber Operations to drive continuous improvement in maturity and capability, as well as implementation of new technology enhancements that support the Cyber Operations and define operational and efficacy metrics by which performance/ success will be measured.
Providing leadership to LTA-CERT on cybersecurity incident management (including updates to senior management and crisis management team), security tools, SOAR playbook, Incident Response (IR) runbooks and security processes for daily cybersecurity operations.
Provide advisory and planning support to internal and external stakeholders on cyber exercise planning processes, exercise designing, scenarios developing, developing measures of effectiveness/performance (evaluation methodology), creating master scenario event list (MSEL), facilitating cyber exercises or workshops. This includes documenting after-action reports, findings and lessons learned that leads to iterative improvements in the development of operational artefacts; such as cyber incident plans, ops processes and documentations. Exercises include national, sectoral cyber exercises and other smaller-scale and table-top exercises to strengthen the cybersecurity readiness of stakeholders.
Engaging and collaboration with various stakeholders in information exchange/ cyber threat intelligence and enhance cybersecurity operation capabilities in land transport sector.

[What we are looking for]

Tertiary qualification in Computer Science, IT/Engineering or equivalent.
At least 6 years of Information Technology (IT)/Operational Technology (OT) related role in the area of cybersecurity operations, cybersecurity incident management and/or cyber threat intelligence lifecycle
Professional certifications such as CISM, CISSP, CISA, any SANS GIAC Security Certifications and strong knowledge of industry standards and best practices e.g. CSA Cybersecurity Code of Practice (CCoP), NIST Cybersecurity Framework, MITRE ATT&CK framework, ODNI Cyber Threat Intelligence Integration Centre's Cyber Threat Framework would be advantageous.
Good understanding, and ability to translate cybersecurity threats or risk to impacts on the ICT/OT environment and appropriate mitigation techniques will be advantageous
Strong technical skills/knowledge in one or more of the following areas: technical vulnerability assessment and penetration testing, data/ cybersecurity analytics, SIEMs, incident management, facilitating cybersecurity exercises, cyber range, digital forensics
Strong leadership, project management, analytical /problemsolving, excellent communication, written and interpersonal skills, and confident to engage senior management
Highly motivated with initiative & energy, and willing to keep abreast of new developments in cybersecurity threat landscape and researching on OSINT and related intelligence sources