Manager, OT Cybersecurity Projects

Job Purpose

In an increasingly complex digital and operational landscape, a robust cybersecurity architecture is essential to safeguarding SMRT’s systems, services, and critical infrastructure. The Manager, OT Cybersecurity Projects will support the implementation of SMRT’s cybersecurity architecture, ensuring that security controls are embedded into technology systems, operational processes, and transformation initiatives. This role is responsible for establishing the cybersecurity architecture strategy, driving architectural standardisation, ensuring secure by design principles, and enabling strong alignment between cyber requirements, business needs, and technology plans. You will play a key role in strengthening SMRT’s cybersecurity resilience through architecture oversight, security design governance, solution validation, and forward looking capability development.

Responsibilities

As Manager, OT Cybersecurity Projects, you will support the Head, Cybersecurity Architect Office in developing and implementing a robust cybersecurity architecture framework and strengthening organisational resilience. Your responsibilities include:

Security Design & Technical Advisory

• Lead the design and evaluation of security controls for new systems, platforms, operational technologies (OT), cloud solutions and major transformation programmes.
• Provide expert advisory to project teams, solution architects, and engineering teams on system hardening, network segmentation, identity security, cloud security and application security.
• Conduct architectural risk assessments and security design reviews, identifying design weaknesses and recommending effective mitigation measures.

Security Capability Development

• Identify emerging security capabilities required to support SMRT’s cyber roadmap (e.g., Zero Trust, identity centric security, cloud-native security, advanced monitoring).
• Evaluate new security technologies and conduct proof of concepts to validate feasibility, effectiveness and architectural fit.
• Drive the planning and implementation of strategic cybersecurity architecture initiatives.

Cybersecurity Architecture Assurance

• Support technical assurance activities to validate that implemented solutions meet approved security architecture requirements.
• Review system configurations, deployment architectures and integration designs to ensure adherence to approved security design patterns.
• Track and report on architecture compliance, deviations and remediation plans.

Stakeholder Engagement & Collaboration

• Partner closely with technology teams, engineering groups, business units and operations to ensure cybersecurity architecture is practical, adoptable and aligned with business needs.
• Engage senior management and provide clear architectural insights, risks and recommendations to support decision making.
• Work with external partners, vendors and regulators to align SMRT’s architecture direction with industry norms and regulatory frameworks.

Qualifications & Work Experience

•    A bachelor’s degree in Cybersecurity, Information Systems, Computer Science, or a related discipline.
•    5–10 years of relevant experience in cybersecurity architecture, security engineering, enterprise architecture, or security design for complex OT environments.
•    Strong experience implementing enterprise‑level security architectures, including secure‑by‑design frameworks, architecture blueprints, and technology standards.
•    Demonstrated expertise in designing and evaluating security controls across cloud, on‑premise and OT systems.
•    Hands‑on experience conducting architectural risk assessments, security design reviews, and solution validation.
•    In‑depth understanding of cybersecurity frameworks such as NIST CSF, ISO/IEC 27001, CIS Controls, and other architecture‑related standards.
•    Good knowledge of Singapore’s regulatory requirements including the Cybersecurity Code of Practice (CCoP), Personal Data Protection Act (PDPA), and sector‑specific cyber standards.
•    Experience leading multi‑disciplinary technical teams, advising senior stakeholders, and working with regulators, vendors, and industry partners.
•    Proven track record in evaluating emerging security technologies, conducting proof‑of‑concepts, and shaping long‑term cyber capability development.

Skills

Technical skills include:
•    Understanding of cybersecurity governance, risk and compliance principles, enabling effective alignment of architecture decisions with enterprise risk management frameworks.
•    Ability to assess the effectiveness of security controls and identify gaps in policy, standards, and security design implementation across IT and OT environments.
•    Strong proficiency in designing and evaluating enterprise security controls across cloud, on‑premise and OT systems, aligned with secure‑by‑design and architecture guardrail principles.
•    Deep knowledge of cybersecurity frameworks and architecture‑related standards such as NIST CSF, ISO/IEC 27001, CIS Controls, and relevant regulatory codes (e.g., CCoP, PDPA).
•    Experience conducting architectural risk assessments, solution validation, and technical assurance to ensure implementation fidelity with approved designs.
•    Familiarity with modern security architecture concepts such as Zero Trust, identity‑centric security, cloud‑native architectures, and advanced detection and monitoring capabilities.

Core Competencies include:
•    Excellent analytical and documentation skills, with strong attention to detail.
•    Effective communicator with the ability to engage stakeholders across technical and non-technical domains.
•    High integrity and discretion in handling sensitive information.
•    Proactive and collaborative mindset, with a commitment to continuous improvement.