About Sembcorp
Sembcorp is a leading energy and urban solutions provider headquartered in Singapore. Led by its purpose to drive energy transition, Sembcorp delivers sustainable energy solutions and urban developments by leveraging its sector expertise and global track record.
Key Roles and Responsibilities
- Conduct risk assessment on global digital projects, systems and third parties by identifying potential risks that are affecting the organization and recommend action plans to reduce the risks.
- Present the findings to the management in a way easy to understand and implement.
- Assist in developing policies, standards and guidelines to ensure safety of IT and OT assets in adherence to business needs, industrial best practices and regulatory requirements.
- Assist in developing policies, standards and guidelines for any new technology adopted to ensure safety of IT and OT assets in adherence to business needs, industrial best practices and regulatory requirements.
- Facilitate discussions with relevant teams to understand business needs, technical constraints, and control requirements. Present findings and recommendations clearly to drive informed decision-making and solution adoption.
- Collaborate with various teams to evaluate solution designs, ensuring they meet enterprise standards and control requirements. Provide guidance on necessary enhancements to strengthen system integrity and compliance.
- Partner with stakeholders across risk, compliance, and technology teams to define and implement appropriate controls tailored to the solution's context. Ensure controls are scalable, auditable, and aligned with regulatory expectations.
- Evaluate environment and solutions to identify gaps and implement relevant controls to resolve the gaps within the agreed timeline
- Assess proposed or existing technology solutions to determine their effectiveness in addressing architectural, process, and control gaps. Identify areas for improvement and recommend actionable fixes to enhance alignment with risk governance standards.
- Responsible for reviewing and assessing technology tools and solutions to determine their effectiveness in addressing existing operational or risk-related gaps. This includes conducting feasibility studies, analyzing alignment with business needs, and recommending adoption or alternatives based on findings.
- Must have firm understanding of Security By Design (SBD) concept and conduct perform SBD process for all digital projects
- Manage the timelines of all global SBDs to ensure they are closed off and addressed
- Plan and manage all red teaming/purple teaming/penetration testing projects and vendors
- Assist in designing and implementing overall risk management process for the organization.
- Provide advice and be a go to subject matter expert for all cybersecurity related matters
Qualifications, Skills & Experience
- Minimum 8 years experience
- Must have strong understanding of Risk concepts and Frameworks
- Must have strong understanding in terms of application, infrastructure, network and cloud controls to recommend appropriate security controls
- Knowledgeable in IT Security, Risk management, Cloud Security, SDLC, privacy laws and security standards such as NIST CSF, ISO 27001 Framework
- Knowledgeable in cloud environment
- Security related experience such as (but not limited to) hardening, control measures in Operation System like Windows, Unix, Linux environment.
- Vulnerability Assessment and Application Testing Tool such as Tenable
- Certifications such as CISA, CISM, CISSP, CCSK, CRISC will be an added advantage.
Preferred Skills & Characteristics
- Independent worker with initiatives, positive attitude and team player
- Good analytical skills and attention to details
- Critical thinking and ability to question
- Good verbal and written communication
- Planning and organizational skills
- Presentation skills
Our Culture at Sembcorp
At Sembcorp, our culture is shaped by a strong set of shared behaviours that guide the way we work and uphold our commitment to driving the energy transition.
We foster an institution-first mindset, where the success of Sembcorp takes precedence over individual interests. Collaboration is at the heart of what we do, as we work seamlessly across markets, businesses, and functions to achieve our goals together. Accountability is a core principle, ensuring that we take ownership of our commitments and deliver on them with integrity and excellence. These values define who we are and create a workplace where our people can thrive while making a meaningful impact on driving energy transition.
Join us in making a real impact!
