Manager (IT & Technology)

Singapore Cruise Centre Pte Ltd – Bukit Merah

Projects (application and cloud hosting‑related) and other works to be assigned by IT HOD to support and help the other team members in Technology and IT Department, and other departments in SCCPL.

Supporting IT HOD on all cyber‑security‑related policies, procedures, standards, tracking / monitoring of potential and real threats, reporting, working closely with 3rd parties (like MPA CSOC, CSA, IMDA, SCCPL’s internal and external auditors, etc.), communications and awareness, training, table‑top exercises, tests, forensics, incident management, cyber security tools and solutions (like anti‑virus / end point protection, SIEM, SOAR, PAM, etc.) for Singapore Cruise Centre Pte Ltd (SCCPL).

Outsourced 3rd party CSOC (Cyber Security Ops Centre) and Cloud Hosting (Huawei, AWS, etc.).

Projects to enhance and strengthen the cyber security and infrastructure postures in SCCPL in alignment with latest threat trends and policies from regulators.

Job Description

Work on ad‑hoc admin works (including administrating public IP addresses, SSL certificates, and whitelist / blacklist IPs, etc.), and projects assigned by IT HOD. Such works and projects might not be cyber‑security related.

Stand by on duty (including weeknights, weekends and Public Holiday) to provide support to Ops and end users on a rotation basis with the rest of the IT team.

Responsibilities and activities related to cyber security protection and prevention : Identify, Protect, Detect, Respond and Recover

• Support IT HOD in maintaining all existing cyber security‑related policies, procedures, and standards to align with Industry Best Practices and Standards, including complying with MPA’s policies and standards and SCCPL’s compliance with the T&C of the Public License issued by MPA (for ferry and port safety) and STB (for cruise).
• Manage an outsourced 3rd party CSOC to monitor internet traffic, manage our external firewalls, prevent DDOS attacks, manage VPN Site‑to‑Site with our vendors, provide public IP addresses, etc.
• Identify and implement cyber security solutions and tools (working closely with CSOC, Cloud Service Provider, WAN / Wi Fi Providers, etc.).
• Contract and manage 3rd parties to conduct regular VAPT (Vulnerability Assessment and Penetration Testing) on our network and core systems (like CFOS, all web‑facing systems and interfaces), and follow up with the various parties to rectify issues / gaps identified during the VAPT.
• Develop and maintain existing e‑courseware on Cyber Security and Data Protection Awareness that all staff must go through on a yearly basis.
• Communicate latest cyber security threats and prevention / protection tips to staff, via email broadcast, brown bag sessions, townhall sessions, etc.
• Identify areas and implement projects / solutions to strengthen / enhance the cyber security posture and landscape in SCCPL.
• Track and monitor potential and real threats to SCCPL and communicate or initiate action to prevent / avoid any cyber‑attacks.
• Point man in SCCPL to interface, work closely and submit incident reports, when necessary, to MPA CISO, CSA, IDMA, auditors, Mapletree IT and CISO, etc., including attending with IT HOD in table‑top exercises organized by MPA and other authorities.
• Develop and maintain Cyber Security (covering both cyber security and data leakage events) Incident Management and Response / Resolution Plan, and ensure this plan is being rehearsed as part of the regular SCCPL’s Business Contingency Planning (BCP) and Crisis Management Planning (CMP) exercise.
• Support IT team in managing the landing zone, provisioning resources in our cloud, monitoring health and capacity of cloud resources, working with CSP on routing within the cloud, managing security access to various resources in the cloud, etc.

Additional Information

#J-18808-Ljbffr