The Maritime and Port Authority of Singapore (MPA) was established on 2 February 1996, with the mission to develop Singapore as a premier global hub port and international maritime centre (IMC), and to advance and safeguard Singapore’s strategic maritime interests.
MPA is the driving force behind Singapore’s port and maritime development, taking on the roles of Port Authority, Port Regulator, Port Planner, IMC Champion, and National Maritime Representative.
MPA partners the industry and other agencies to enhance safety, security and environmental protection in our port waters, facilitate port operations and growth, expand the cluster of maritime ancillary services, and promote maritime R&D and manpower development.
As the head leading MPA’s efforts in driving cyber and data security in the maritime industry, you will play a crucial role in formulating and implementing national cybersecurity initiatives and planning operational responses to cyber threats and incidents for the Maritime sector.
You will formulate policies pertaining to the protection of the Maritime Critical Information Infrastructure (CII) and other important Maritime systems. This includes developing, governing and enforcing CII cyber and data security policies, standards and guidelines, including rolling out training, education and outreach programmes for MPA and the industry. To do this, you are required to keep abreast of the latest Government and industry cyber and data security practices and technologies as well as emerging threats and vulnerabilities for ICT and Operations Technology (OT) systems.
You will also formulate internal policies and processes to implement Government’s requirements for cyber and data security requirements and put in place governance processes and controls for the IT and Port Systems clusters to ensure that MPA meets the compliance requirements. Periodic compliance audits are also required to be carried out in accordance to national policies. To achieve this, you are also expected to govern the cyber and data security‘s software testing for MPA systems and implement the security operations and requirements at the IT infrastructure layer.
To enhance early detection capability, you will lead the Information Exchange Framework developed for the Port Authorities CIO Cybersecurity Network (PACC-Net) and improvise the Maritime Cyber Security Network (MCSN) Portal to ensure effective and safe communication, as well as informtion sharing among the maritime stakeholders. You will also be required to manage the operation of 24×7 Maritime Cybersecurity Operation Centre, including conceptualising and deploying new concepts of operation leveraging on advanced technologies and trained analysts for early Threat Detection, Monitoring, Response, Intelligence, and Information Sharing and Analysis for the Maritime sector.
You will establish the cyber incident response framework to ensure readiness to respond to cyber-security incidents. You will manage and conduct investigations to ensure appropriate follow up actions are taken to address any security gaps. You will also plan, conduct and participate in exercises to ensure preparedness at national and agency level to deal with any cyber security incidents.
You are expected to profile MPA’s cybersecurity capabilities and initiatives to gain mindshare within the government and industry.
- Relevant experience in professional accreditations such as CISM, CISSP, CGEIT and CISA; and
- At least 8 years of experience in ICT /Operational Technology (OT) related role in the areas of cyber security governance, risk management, cyber security defence, cyber incident management and investigation in a complex IT/OT environment.
- Prior experience with ICT Governance and ICT infrastructure architecture concepts and technical background on network and firewall deployment, and security for cloud architecture, will be preferred.
- Source: careers