logo
Maritime and Port Authority of Singapore

Senior / Consultant (Data & Cyber Governance) (2y contract)

Maritime and Port Authority of Singapore

Fixed Terms

What the role is

Be accountable for cybersecurity oversight of the maritime sector, and develop regulatory initiatives to ensure compliance with sector-wide and enterprise-wide cybersecurity policies, standards and procedures.

What you will be working on

  • Implement maritime cybersecurity policies, code of practice and regulations to ensure effective cybersecurity oversight of Critical Information Infrastructure (CII) owners and other regulated entities.

  • Implement sector-wide cybersecurity oversight programmes to ensure compliance with cybersecurity policies. Monitor and ensure compliance of CIIOs and regulated entities with national policies and regulations.

  • Engage stakeholders to update Maritime sector cybersecurity strategies as part of the Maritime Cyber Defence Plan.

  • Work closely with internal and external stakeholders to upkeep cybersecurity incident response plans and playbooks to achieve better cybersecurity readiness.

  • Work with third party consultants, together with relevant MPA departments in conducting periodic compliance audits and risk assessments.

  • Work with Internal Audit team to monitor and identify systems due for audit in accordance to IM(ICT&SS) and CCOP requirements.

  • Work with critical information infrastructure (CII) owners, to safeguard and strengthen cyber resilience of maritime sector’s CIIs in Singapore.  Process application for waiver of CCOP and SOP, issuance of Written Notice to request for information on CIIs and Direction for non-compliances in Maritime sector.

  • Support specific programmes for CIIP protection based on good ground assessment of the maritime sectors and emerging cyber threats.

  • Support the review of risk assessment and audit reports submitted by CII owners as required by Cybersecurity Code of Practice and review classification of Maritime sector’s CII and CII boundary

What we are looking for

  • Accreditations such as CISSP, CISM, GIAC certifications or relevant accredited certifications in cybersecurity is preferred.

  • 1-3-years of experience in IT/ OT related role in the areas of governance, audit and compliance work is preferred. Candidates with relevant certification but no prior experience is welcomed to apply.

  • Prior experience with conducting risk assessment and audit for IM8 and CCOP is preferred.

  • Understanding of international security standards such as ISO27001/27002, NIST Cybersecurity Framework, OWASP and GovTech IM8 and CSA CCOP will have an advantage.

  • Candidates with no prior experience are welcome to apply.

  • Strong analytical and interpersonal skills

  • Strong writing and verbal communications skills with stakeholders at all levels

  • Work effectively in teams

  • A good command of English

  • Candidates with additional years of relevant experience may be considered for more senior position (e.g. Senior Specialist /  Assistant Director).

  • Successful candidates will be offered a 2-year contract in the first instance and may be considered for an extension or placement on a permanent appointment.

About Maritime and Port Authority of Singapore

"The Maritime and Port Authority of Singapore (MPA) was established on 2 February 1996, with the mission to develop Singapore as a premier global hub port and international maritime centre (IMC), and to advance and safeguard Singapore's strategic maritime interests. MPA is the driving force behind Singapore's port and maritime development, taking on the roles of Port Authority, Port Regulator, Port Planner, IMC Champion, and National Maritime Representative. MPA partners the industry and other agencies to enhance safety, security and environmental protection in our port waters, facilitate port operations and growth, expand the cluster of maritime ancillary services, and promote maritime R&D and manpower development."