Cyber Security Specialist

Job Title Cyber Security Specialist APAC Job Description As a Cyber Security Specialist, you are responsible for designing, implementing, and managing security solutions to protect the material handling systems of our clients. This includes information systems, networks, and managing vulnerability management, cybersecurity exercises, and governance/risk/compliance (GRC). Your primary role is to provide expert guidance, support, and leadership in all matters related to information security. Interpreting customer requirements and regulations will require you to analyze tender documents and have meetings with clients and external stakeholders. You should be aware of the rules and regulations of the countries we do business in, such that you can proactively advise clients on practical solutions to ensure compliance. Your tasks and responsibilities Act as a qualified Subject Matter Expert (SME) for security technologies, supporting critical projects based on business needs. These unique projects often involve expedited deliverables and operational agility, requiring top-quality deliverables covering both consulting and operations functions. Communicate effectively with stakeholders, including IT teams, senior management, and regulatory bodies based on active security threats. Responsible for CCOP compliance audit (internal/external) reports, ensuring Vanderlande’s systems adhere to the requirements of CCOP v2 and align legal and regulatory requirements to enhance cybersecurity resilience. Collaborate with cross-functional teams to implement security measures and address security requirements. Handle internal escalations to project integration, product management, and engineering for feature requests. Identify opportunities to improve processes and/or tools to ensure the highest level of quality, including documentation, mentoring, and training sessions. Own the technical components of a customer integration project including but not limited to configuration, debugging, documentation, testing, and go-live support. Develop, implement, and enforce risk management policies, procedures, and controls to mitigate potential threats with the technological requirements imposed by Vanderlande’s technology standards and reference architecture. Identify and mitigate risks for deploying security technologies in production live systems, ensuring standards are adhered to and maintenance/repair supervision while working with vendor support teams on corrective activities for issues. Assist in any ad-hoc tasks when necessary. As a Cyber Security Specialist, you report to the Group Integration Manager APAC. Based on your field of interest, there is an opportunity to grow into a senior architect or manager role within the service or project execution department. Your department The APAC project integration department is part of the business unit Airport & Parcel Solutions within Vanderlande Industries. The department is responsible for system design, testing, and integration of complex Airport and Parcel systems for customers in the Asia Pacific region, including Changi, Hong Kong, and Sydney airports, as well as DHL, FedEx, and UPS international customers. The department works in an international team setting with people from different countries with diverse cultural backgrounds. Your Profile You are a natural leader in your profession, passionate about systems engineering, and capable of finding a practical balance between constant change for improvement and stability in project execution. You can quickly adapt domain knowledge and language, enabling you to connect easily with stakeholders on different levels. You have a talent for clarifying vision, concepts, and approaches, and you enjoy coaching colleagues on their professional knowledge and behavior. Bachelor's degree in Information Technology, Computer Science, or a related field. Over 5 years of experience in Information Technology risk management. Familiar with common web application vulnerabilities and possess the technical knowledge to address and mitigate them. Prior vulnerability management experience is preferred. Familiar with NGFW, IPS, App Control, SSL inspection, DNS and NFS, SMTP, TCP/IP. Knowledge of technologies such as Routing, Switching, VPN, LAN, WAN, Network Security, Intrusion Detection, Anti-Virus, Advanced Threat Prevention, Endpoint Protection, EDR, NDR, Sandboxing, and EASM/band Protection solutions is advantageous. Strong understanding of information security frameworks, risk assessment methodologies, and regulatory requirements is preferred. Familiar with related regulations such as Technology Risk Management Guidelines, CCoP2 Risk Management Practices, Guidelines on Business Continuity Management, Guidelines on Outsourcing, and other relevant notices and guidelines. Familiarity with industry frameworks and methodologies for technology risk management, such as NIST Cybersecurity Framework, ITIL, ISO 27001, and COBIT is preferred. Experience with OT security IEC 62443, NIS 2, Machine directive (EU 2023/1230), and Secure Network Architecture initiative (SNA) is preferred. Professional certifications such as CISA, CISM, or CRISC are advantageous. Experience with risk assessment tools and technologies is preferred. Excellent communication skills, both written and verbal. Proficiency in English and Mandarin is preferred. Basic experience in software development and industrial automation is preferred. Willingness to travel and enjoy customer contact (internal and external) in the context of concept and requirement specifications. #J-18808-Ljbffr