Cyber Security Operation Specialist - CarIT & Operational …, Singapore

Job Scope The Cyber Security Specialist - CarIT & OT serves as a critical resource between Research and Development teams, CarIT & OT technology stakeholders, and the Cyber Intelligence Response Centre (CIRC). This role is responsible for both enhancing cybersecurity visibility and managing critical security incidents across our global CarIT and OT environments. A key focus is on planning and delivering network connectivity and cybersecurity visibility initiatives. This includes enabling the cybersecurity team to achieve end-to-end visibility in OT environments by onboarding logs, network telemetry, and identity-based access data (e.g., NAC/ISE) into centralized monitoring platforms (e.g., SIEM/SOC). The specialist ensures that OT assets, network activities, and access events are discoverable, monitored, and traceable while maintaining safe, non-disruptive operations in production environments. This involves driving delivery across requirements gathering, OT network design coordination, log onboarding pipelines, firewall and network enablement, and rollout governance, ensuring alignment with cybersecurity, operational, and audit compliance requirements. Concurrently, the role acts as a primary incident manager for security incidents affecting our global CarIT and OT assets or environment. This Incident Response mandate includes the identification of CarIT and OT threats and attack vectors at any stage and initiating necessary countermeasures. Responsibilities extend to developing detection strategies, enhancing monitoring capabilities, establishing robust processes, and operating at scale within a global team. The specialist will establish and further optimize our CarIT and OT security posture by working closely with offensive security services, such as vulnerability management and supporting targeted red teaming activities to validate OT security controls, detection capabilities, and incident response readiness against realistic attack scenarios. Key Responsibilities . Lead initiatives to onboard logs and telemetry from OT and network environments into centralized monitoring platforms (e.g., SIEM, SOC tools). . Identify, prioritize and support onboarding of: o Industrial firewalls, switches, and routers. o NAC platforms (e.g., Cisco Identity Services Engine (ISE)). . Ensure logs are normalized, enriched, and mapped to cybersecurity detection use cases. . Drive requirements collection across OT, cybersecurity, and network teams, translating them into network flows (ports, protocols, zones) and firewall rules and segmentation requirements . Drive onboarding and integration of NAC/ISE telemetry into cybersecurity monitoring platforms. . Maintain high-quality documentation and provide clear status reporting, risk tracking, and executive updates. . Monitor, investigate, and respond to cybersecurity incidents affecting global CarIT and OT environments, ensuring timely containment, eradication, and recovery actions. . Perform incident triage, threat analysis, and root cause investigations across OT networks, industrial systems, endpoints, and connected vehicle ecosystems. . Coordinate incident response activities with security operation, engineering, plant operations, infrastructure, and external stakeholders to minimize operational disruption. . Develop and maintain OT-specific incident response playbooks, escalation procedures, and forensic investigation processes. . Identify malicious activities, attack vectors, and anomalous behaviors within CarIT and OT environments using SIEM, EDR, network telemetry, and threat intelligence platforms. . Lead or support incident management activities during high-severity incidents, including communication, reporting, and executive updates. Stakeholder Management & Communication . Act as the primary interface between Cybersecurity (Security Operation, detection engineering) and network teams (IT and OT), as well as OT/plant engineering teams. . Run regular working sessions and status reviews ensure clear decisions, ownership, and follow-ups. . Provide clear, audience-appropriate communication for technical and non-technical stakeholders, including executive-ready status summaries. . Coordinate with external vendors/partners (where applicable) to activate features, align deliverables, timelines, and access requirements. Required Experience & Qualifications . 5+ years of experience in IT infrastructure or network security project management (network setup/expansion, firewall changes, connectivity enablement). . Experience and familiar with end to end Incident management for CarIT & OT environments. . Proven track record in offensive security activities, including participation in bug bounty programs, penetration testing, or adversary emulation exercises. . Experience delivering log onboarding and SIEM integration initiatives. . Proven track record managing cross-functional delivery with Network/Firewall/Security teams and application owners. . Hands-on experience coordinating firewall rule lifecycle activities (requirements validation, approvals, implementation scheduling, verification, and documentation). . ITIL certification (Foundation or higher) and demonstrated experience working within formal change management and ticketing processes (ServiceNow preferred). . Preferred certifications: CCNA CCNP is a strong advantage. . Ability to manage multiple parallel workstreams, dependencies, and change windows in global/regional environments. . Primary delivery focus is based on APAC timezone however, the scope includes coordination with and enablement for other regions as required. . Nice to have: exposure to automotive/connected car environments (CarIT), OT/IT interfaces, or high-availability service operations. Technical Skills . Firewall technologies and processes (e.g., Palo Alto, Check Point, Fortinet, Cisco/ASA) and rulebase concepts (zoning, objects, policies, logging) . Understanding of OT/ICS protocols such as Modbus, OPC, Profinet, Ethernet/IP, and BACnet. . Network security principles: segmentation, least privilege, secure administration, and auditability. . Ability to interpret connectivity requirements and validate them via evidence (packet flow validation, connectivity testing, troubleshooting with logs and traces as available). . Solid documentation skills: traffic flow matrices, diagrams, implementation runbooks, and as-built records. . Project delivery tooling: MS Project (or equivalent), Jira/ServiceNow (or equivalent), and MS Office for reporting. . Strong understanding of cybersecurity principles, IT security risks, threat vectors, and preventive security measures. . Familiarity with Threat Intelligence integration and utilization for incident detection and response activities. . Understanding of cybersecurity frameworks, security standards, and industry best practices. . Good working knowledge of Windows, Linux, and other operating systems in enterprise environments. . Understanding of the Cyber Kill Chain, attack methodologies, and analytical investigation techniques. . Experience supporting cybersecurity operations within enterprise or corporate environments, including stakeholder engagement and incident coordination. . Knowledge of automotive and connected car technologies, including ECU, HMU, AUTOSAR, and backend vehicle services. . Experience in project coordination, reporting, and cross-functional cybersecurity initiatives. Soft Skills . Excellent stakeholder management with the ability to drive alignment across multiple teams with competing priorities. . Strong written and verbal communication skills able to translate technical constraints into clear delivery decisions. . Structured problem solving, persistence in follow-ups, and confident escalation when needed. . Ability to work independently and deliver in a fast-paced environment with minimal supervision. Location : Central Kindly indicate your current/last salary details and your notice period If the above speaks to you, we d love to hear from you. Please send in your updated CV to
(HIDDEN TEXT)
(Chen Yingjun, Reg No: R1216690) if you feel there is a fit with your experience and interest. You may forward this great opportunity to someone who would be a great fit for this role. All information will be kept strictly confidential. We regret to inform that only successful applicants will be contacted. PeopleSearch Pte Ltd EA License No: 16S8057