SP Group is a leading utilities group in the Asia Pacific, empowering the future of energy with low-carbon, smart energy solutions for its customers. It owns and operates electricity and gas transmission and distribution businesses in Singapore and Australia, and sustainable energy solutions in Singapore and China. We believe in investing in our people, to help them achieve their career aspirations. With a strong culture based on commitment, integrity, passion and teamwork, we provide a conducive environment for our people to succeed.
We are looking out for self-motivated, dynamic and talented individuals to join our growing team. If you are keen to uphold world-class grid reliability and drive a sustainable future for all, join us and make your mark in the energy industry today!
What You’ll Do:
- Provide consultative information security governance, supply chain risk, and compliance (GRC) advisory services for IT/OT systems and services, balancing cybersecurity requirements with business goals and enterprise priorities to deliver secure and practical outcomes.
- Ensure key security requirements are defined and incorporated into system designs, implemented in line with security-by-design principles, and compliant with prevailing SP Group policies and standards.
- Develop and review tender and project-specific security specifications, ensuring alignment with assessed risks, security requirements, and internal policies.
- Collaborate with IT/OT stakeholders, project teams, and outsourced vendors to ensure security objectives are met throughout the project lifecycle.
- Participate in the scoping of security tests, reviews, and audits, and assess their results to ensure appropriate security assurance is achieved.
- Conduct cybersecurity risk assessments for AI, IT/OT systems, and work with system owners to agree on remediation plans.
- Partner with IT/OT teams to co-design and implement security controls in accordance with the Security by Design framework.
- Stay current with emerging security technologies and trends, particularly in AI, cloud, and on-premises systems.
What You’ll Need:
- Degree in Computer or Technology related disciplines, Information Security Certification such as Certified Information Systems Security Professional (CISSP), CertifiedCloud Security Professional (CCSP), Certified Information Security Manager (CISM) Certified Risk and Information Systems Control (CRISC) would be an added advantage.
- At least 5 years of experience covering the following areas:
- Proven experience in IT/OT and AI risk assessment and/or security advisory, with a solid understanding of vulnerabilities, AI, and IT/OT security best practices, and the ability to apply them effectively.
- Minimum of 5 years of direct experience conducting risk assessments for cloud services and IT or OT systems.
- Hands-on experience applying governance frameworks, standards, and best practices such as ISO 27001/27002, PDPA, PCI-DSS, NIST, CSA-STAR, SOC 2, etc.
- Broad knowledge across various information security technologies in large enterprise environments, including but not limited to: firewalls, intrusion detection, encryption, Linux/Windows OS, databases, antivirus, patch management, vulnerability scanning, backup, logging and monitoring, remote access, application and network security, and change management.
- Proficient in recommending efficient IT/OT security controls throughout the SDLC, with added advantage for familiarity with Agile development frameworks.
- Proven record of balancing business need/benefit versus security risk.
- Direct experience owning a customer or business relationship on behalf of an organization a major plus.
#LI-DNI
Please click on the blue 'Apply' button at the top right hand side corner of this screen, if you are keen to apply for this job.
Thank you for your interest in SP Group. You will be contacted if you are shortlisted for an interview.