Lead / Manager, Cyber Security (Architecture)

Job Purpose

Security, privacy and operational resilience are critical issues facing all organizations today. We are currently looking for qualified and capable security minded individuals to be the driving force behind SMRT’s cyber security measures with the goal of enabling ongoing, secure and reliable operations across the enterprise.

Responsibilities

As Lead/Manager, Cyber Security (Architecture), you will work as part of the team to drive systems engineering, architecture review and security-by-design associated with cyber security in both ICT and Operational Technology systems. Specific responsibilities include, but are not limited to:
•    Be a Subject Matter Expert (SME) for cybersecurity systems engineering, architecture review and design in both the ICT and Operational Technology (OT) security environment
•    Work closely with technical teams (including architects and other security specialists) to ensure adequate security solutions/ policies are in place throughout all systems and platforms to meet business objectives and regulatory requirements.
•    Serve as a security expert in helping project teams comply with enterprise and cybersecurity security policies, industry regulations, and best practices 
•    Research, design and advocate new technologies, architectures, and security products that will support threat hunting requirements.
•    Evaluate and develop secure solutions based on approved security architectures, and analyze business impact and exposure based on emerging security threats, vulnerabilities and risks
•    Analyze and develop security requirements for emerging technologies and solutions for ICT/OT environments
 

Qualifications & Work Experience

•    You should possess a Degree in Information Systems, Computer Science or equivalent
•    At least 6 years of experience in Cybersecurity with experience in cybersecurity SOC operations and/or threat hunting
•    Possess good understanding of OT fundamentals and OT cybersecurity practices, including but not limited to distributed control system (DCS) and supervisory control and data acquisition (SCADA) architecture, and the role of common system components

Skills

Technical Skills
•    Familiarity with regulatory frameworks such as the Cybersecurity Code of Practice (CCoP)
•    Foundational understanding of the Purdue model
•    Experience with PLC programming or SCADA implementation will be advantageous
•    Able to demonstrate good understanding of IT/OT infrastructure and security controls
•    Possess good understanding of managed security services, network security, monitoring and incident response
•    Possess good understanding of cybersecurity principles, governance and risk management
•    Strong understanding of MITRE ATT&CK and ICS MITRE frameworks
•    Ability to translate cybersecurity threats or risk to impacts on the ICT/OT environment and communicate effectively to provide clear and effective mitigations or remediations
•    Good understanding, and ability to translate cybersecurity threats or risk to impacts on the ICT/OT environment and appropriate mitigation techniques will be advantageous

Generic Skills
•    Excellent verbal and written communication skills
•    Strong leadership, communication, interpersonal, analytical and problem-solving skills