Operational Technology Cyber Lead

Responsibilities

• 🎯 Strategic Leadership & Programme Direction
• Define and direct OT cybersecurity initiatives that improve the security posture of company's global OT environments, aligned with the Group Cybersecurity Framework (based on NIST CSF).
• Lead and manage a team of OT cybersecurity engineers and analysts, ensuring consistent and effective cyber programme implementation across all markets (Singapore, India, UK, China, Southeast Asia, Middle East).
• Own the OT cybersecurity roadmap, including technology refresh, tool adoption, and capability uplift aligned with company's Cybersecurity Framework objectives.
• Drive continuous improvement of end-to-end OT threat detection, incident response, and vulnerability management processes.
• Report to senior leadership on OT cybersecurity risk posture, programme effectiveness, and key metrics via the Monthly Cybersecurity Committee and ExCom briefings.
• 🏗️ OT Security Architecture & Engineering
• Lead the design and implementation of secure OT network architectures across CII and non-CII sites, ensuring proper segmentation (Purdue Model Levels 0-3.5), data diodes, firewalls, and secure communication protocols.
• Oversee hardening of ICS assets including DCS, SCADA, HMI, PLC, RTU, and engineering workstations across power generation, water treatment, wind, and solar sites.
• Drive secure IT/OT integration initiatives, including edge-to-cloud OT architectures, ensuring audit-ready baselines and compliance with international OT security standards.
• Provide Security by Design (SBD) advisory for all new OT projects, including vendor remote operations, ensuring security requirements are embedded from the tender stage through go-live.
• 📋 Risk Management & Regulatory Compliance
• Lead risk assessments and Threat Risk Assessments (TRAs) across OT environments, ensuring compliance with NIST CSF, ISO 27001:2022, IEC 62443, and Singapore's CII regulations (CCoP by CSA, WSCP by PUB).
• Ensure alignment with company's Operational Technology (OT) Security Policy, Group Cybersecurity Policy, and the Security Requirement - OT Centralised framework.
• Ensure regulatory and compliance adherence across global frameworks (ISO 27001, NIST, CCoP, PDPA, GDPR) and local requirements.
• Lead audit readiness - prepare for and represent OT cybersecurity during CSA, PUB, and internal assurance reviews.
• 🔍 Security Operations & Incident Response
• Oversee OT security monitoring operations, including SIEM integration (Google SecOps), OT-specific tools (Claroty, Nozomi), and endpoint protection across all sites.
• Lead investigation and remediation of major OT cyber security incidents, coordinating with internal teams (O&M, Maintenance IAC, Group Digital) and external incident response partners.
• Ensure all alerts are managed per company's Security Operations Standard and incident response procedures.
• Monitor the threat landscape - track APT campaigns, regional threat intelligence, and adapt OT defences accordingly.
• 📑 Vendor & Third-Party Security Management
• Enforce company's vendor security requirements, including NDA, GT&C, DPA, ISO 27001/SOC 2 compliance, and independent penetration testing for all OT-related vendors.
• Oversee OT vendor cybersecurity assessments, including evaluating remote monitoring and control proposals.
• Ensure maintenance contracts for key OT systems include patching, support, SLA, and IR reporting requirements.
• 🤝 People Development & Collaboration
• Build, mentor, and grow the OT cybersecurity team, promoting continuous improvement and professional development.
• Collaborate with Cyber Tech Risk, Cyber Operations, Cyber Threat Defence, and Cyber Assurance teams.
• Drive cybersecurity awareness training for plant personnel, ensuring frequency of at least once per year with regular awareness messaging.
• Ensure the team stays updated with the latest advancements in OT cybersecurity technologies, global threat landscape, and regulatory developments.

Requirements

• 🎓 Education
• Bachelor's degree in Computer Science, Engineering, Cybersecurity, Control Systems, or a related field.
• 📅 Experience
• Minimum 8-12 years of experience in cybersecurity, with at least 5 years specialising in OT/ICS/SCADA environments, preferably in energy, utilities, or critical infrastructure.
• At least 3 years in a leadership or management role, leading cybersecurity teams or programmes.
• Well-experienced in at least one major industrial control system (e.g., Siemens PCS 7, ABB 800xA, Honeywell PKS, GE Mark VIe, Schneider Electric).
• Hands-on experience in security operations, engineering, architecture, and GRC.
• 💻 Technical Skills
• Area Requirements
• Standards & Frameworks IEC 62443, NIST CSF, ISA/IEC standards, WSCP (PUB), CCoP (CSA), ISO 27001, PDPA, GDPR
• Industrial Protocols Modbus, OPC DA/UA, IEC 61850, DNP3
• OT Security Tools Claroty, Nozomi, Dragos, or equivalent ICS cybersecurity platforms
• Security

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at FLINTEX CONSULTING PTE. LTD.? Share your experience