Manager, SMRT Rail Cybersecurity Centre (SRCC)

Job Purpose

In an increasingly complex cyber threat landscape, the Manager, SMRT Rail Cybersecurity Centre (SRCC) is responsible for establishing and leading SMRT’s Security Operations Centre (SOC) function. The role focuses on directing real-time security operations and leading incident response activities to strengthen the organisation’s cyber defence posture. This includes maintaining continuous detection capabilities, driving swift incident containment and remediation, and ensuring stakeholders are supported by robust operational playbooks and effective crisis management.

Responsibilities

As Manager, SMRT Rail Cybersecurity Centre (SRCC), you will lead the design, implementation and operationalisation of SMRT’s Security Operations Centre (SOC) function. Your responsibilities include:

•    Develop and lead SMRT’s SOC strategy, ensuring alignment with organisational security objectives.

•    Establish and maintain SOC capabilities across internal telemetry, external intelligence sources and industry-sharing platforms.

•    Ensure SOC processes, tools and platforms meet organisational needs and regulatory expectations.

•    Lead continuous maturity improvement of the SOC function through capability development, staff training and process optimisation.

•    Operationalise incident response by collaborating with threat intel, vulnerability management and other cybersecurity teams.

•    Drive the development of SOC playbooks, use-cases and incident escalation frameworks.

•    Oversee creation of SOC products, including alerts, advisories, briefings, dashboards and threat assessments.

•    Analyse threat actors, campaigns, tactics, techniques and procedures (TTPs), producing high-quality incident reports for operational, tactical and strategic use.

•    Provide actionable insights to guide cyber defence enhancements, incident response activities and executive risk discussions.

•    Monitor global cyber threat trends, emerging technologies and geopolitical developments with potential security implications.

Qualifications & Work Experience

•    A bachelor’s degree in Cybersecurity, Information Systems, Computer Science, or a related discipline.
•    5-10 years of relevant experience in SOC operations, or equivalent intelligence driven security roles.
•    Strong understanding of threat actor behaviours, tactics, techniques and procedures (TTPs), and threat modelling frameworks (e.g., MITRE ATT&CK, Diamond Model, Cyber Kill Chain).
•    Hands‑on experience working with SOC / SOAR platforms, threat feeds, OSINT tools, TIPs, malware analysis tools, and enrichment technologies will be advantageous.
•    Familiarity with security operations, incident response, and vulnerability management workflows, enabling effective intelligence operationalisation.
•    Knowledge of regulatory requirements including the Cybersecurity Code of Practice (CCoP), Personal Data Protection Act (PDPA), and sector-specific standards are advantageous.
•    Industry certifications are advantageous (e.g., GCTI, GREM, GCIA, CISSP, CISM, CEH, FOR508/Threat Hunting, SANS intelligence‑related certifications).

Skills

Technical Skills include:
•    Proficiency with SOC tools and platforms and automated analysis technologies.
•    Ability to interpret and correlate internal telemetry, logs, and security events to derive meaningful intelligence insights.
•    Deep knowledge of adversary tactics, techniques and procedures (TTPs), threat actor profiling, campaign analysis, and threat modelling frameworks (e.g., MITRE ATT&CK, Diamond Model, Cyber Kill Chain).
•    Understanding of cyber threat intelligence methodologies, including intelligence collection, analysis, production, and dissemination.

Core Competencies include:
•    Excellent analytical and documentation skills, with strong attention to detail.
•    Effective communicator with the ability to engage stakeholders across technical and non-technical domains.
•    High integrity and discretion in handling sensitive information.
•    Proactive and collaborative mindset, with a commitment to continuous improvement.