This role will be the site Single Point of Contact to the network and will therefore play a significant part in influencing the development/defining/sustainment of the cyber risk management strategy & security requirements for the Singapore Technical Operations, as well as, ensuring that all existing and subsequent projects/initiatives meet these requirements.
Through the implementation and sustainment efforts the site talent will gain in depth understanding of the Global Cyber Security requirements, design philosophy & guiding principles and further advance them to combat the on-going threats. Specifically, this role is responsible to ensure all Manufacturing systems comply to the Global Cyber Security Requirements.
Process Controls Systems (PCS), Information Management System (IMS), Building Automation Systems (BAS), System used by Quality Control (QC) group for testing purposes as part of Manufacturing Batch release requirement and any other critical systems that are used direct/indirect support to the Manufacturing operation. Excellent communication skills and the ability to perform well in a team-setting, are critical to success in this role.
The individual is expected to work closely with Automation Engineers, IT, Global IT functions as well as other site functions owning those systems that support Manufacturing operation. Given that this role is vital to business continuity and the evolving technology, a successful candidate is also expected to maintain a deep & current understanding of global developments & trends in cyber security.
As the Subject Matter Expert (SME), the candidate is expected to stimulate thinking and problem solving of site, across functional and global teams, and instrumental in enhancing the learning and understanding of cyber security threats of colleagues.
- Some key responsibilities include serving as the lead and the single point of contact for all cybersecurity topics. Build a secure IT/OT solution that will ensure the network and maintain business continuity while under continuous threat. Required to provide on call cybersecurity support and remediation.
- Utilize industry standards, monitoring and analysis to support a secure environment for all manufacturing.
- Authors and/or owns standards and procedures as necessary for all and for reference by others across the network. Also leverages Global Cybersecurity project standards for planning and execution of the site activities to maintain alignment.
- Adept at establishing teams and making rapid, independent decisions to enable project execution and maintain momentum.
- Lead a site team composed of Manufacturing, Automation/Information Technology, Quality, Facilities, and Technology departments to implement projects. This includes establishing the team, proactively monitoring progress/threats, timely escalation, routine communications, etc.
- Serves as the site representative on the Global Cyber Security Team and other applicable network teams. Actively contributes to both technical and business discussions to ensure site and network security and alignment. Communicates regularly to impacted stakeholders.
- Responsible for the local activity planning in partnership with the Global Cyber Security team, not limiting to computer patch management, network design review, implementation of monitoring tools to enhance security, site awareness of Cyber Security knowledge/training, etc.
- Champion the change management process to ensure program realization.
- Recruit and manage local contractor/global resources to be in accordance with deliverables and Service Level Agreements, as applicable.
- Proactively maintain working relationships with Business Process leadership to ensure integration of the System activities (regionally and globally).
- Lead incident management and engage respective Site Leadership, Cross functional or Global teams to handle the incident accordingly.
- Provide strategic inputs to the development of tailored security architecture/measures, firewalls, intrusion detection systems, anti-virus software, authentication systems, log management, content filtering, etc., for the protection of computer systems, networks & information.
- Actively lead/perform vulnerability assessments/firewall assessment/penetration testing to maintain business continuity.
- Accountable for performing routine review and audit of infrastructure security systems to identify opportunity for continuous improvement (e.g. gaps in system architectures). This is inclusive of the OT based infrastructure.
- Proactively partners with Global/Local Qualification team to define validation testing strategy for Cyber security activities in term of patch management, network implementation, etc.
- Actively partners with MSAT Automation and other site stakeholders in developing and managing Automation IT upgrade roadmap and activities. This includes assuming responsibility for overflow of automation team activities, as necessary, and providing support for evaluation of new security technologies and controls for OT environment.
- As applicable, lead and manage technology projects to ensure design comply with Cybersecurity requirements.
- Adopt good engineering practice documents when performing the work function.
- Adhere to the requirements specified in the quality policies/quality standards or related SOP.
- Comply with all 's Safety, Health & Environmental (SHE) requirements, never put oneself and others at safety & health risks, and report any workplace accidents, near misses and hazards as soon as practicable.
- Network with peers in the industry, across the network and within the firm, to keep abreast of developments in the cyber security and related domains.
- Fosters awareness and understanding of a cybersecurity culture.
- Provide clear written and verbal communication of project goals and accomplishments across stakeholder groups, at various levels of management.
- Bachelor, Master, or Doctorate degree is required. A degree in Engineering (ex. Chemical, Electrical, Mechanical, Computer) or equivalent training/experience in automation or IT system is preferred with at least 12 years of related industrial and/or academic experience after receiving bachelor's degree.
- Demonstrated work experience specific to automation design, implementation and/ or support of automated control systems.
- Thorough understanding of Good Automated Manufacturing Practice (GAMP) as it applies to automation design, implementation, and testing.
- Relevant Knowledge for System / Network Professional Certification - MCSE / CCNA / SQL / VMware / Splunk etc.
- Security Professional Certification - CompTIA Security+ / CCNA Security / GIAC Security Essentials, etc. are an advantage.
- Demonstrated experience in leading project teams and partnering with employees, experience leading remote/cross-site teams is a plus. Able to work well with others as a contributing team member.
- Self-driven, systematic and capable in developing schedule/plan in tracking various Automation/IT cyber security activities.
- Experience in leading and managing resources in Automation IT activities.
- Working knowledge of databases, data structures, data access and data transfer packages that are commercially available (e.g., Oracle, MS-SQL, PI, ODBC, JDBC, ESB).
- Experienced with computer systems used to monitor routine, large-scale pharmaceutical manufacture (e.g., Process Control Systems, Manufacturing Execution Systems, Enterprise Resource Planning Systems, Laboratory Information Management Systems).
- Strong written and oral communication skills; comfortable presenting to a Senior Management/Executive Level stakeholder.
- Some international travel will be required.
Please send your resume in WORD format by clicking the apply button below or contact Sathish Murugayah on +65 6701 1507 for a confidential discussion. Please note that only short-listed candidates will be contacted. CEI Reg. Number R1983762 (Sathish Murugayah).