About Sembcorp

Sembcorp is a leading energy and urban solutions provider headquartered in Singapore. Led by its purpose to drive energy transition, Sembcorp delivers sustainable energy solutions and urban developments by leveraging its sector expertise and global track record.

Key Roles and Responsibilities

• Monitor threat landscape and issue advisories that are applicable to the organisation on a continuous basis
• Respond to alerts generated from solutions, threat intel and user reporting ensuring incident investigation follows IR plan with severity classification. RCA is complete with lesson learnt conducted.
• Conduct threat simulation to identify early indicator of compromise and work with Solutions team to mitigate the gaps identified at the solutions.
• Conduct threat hunting when receiving indicators from threat intel ensuring our environment is secure and free from vulnerabilities.
• Manage vulnerabilities on a continuous basis and work with patch management team to ensure vulnerabilities are managed within acceptable threshold.
• Manage and work with Managed service providers (MSSP) to provide 24/7 monitoring and incident response ensuring incidents are closed on a timely manner.
• Review security architecture design and implement solutions to ensure systems are built to meet company’s cybersecurity framework and policies.
• Ensure appropriate security technologies are in place to manage threats.
• Perform administration of security solutions in the company.
• Establish and maintain SOPs of the supported solutions and architecture designs.
• Perform project management and vendor management

Qualifications, Skills & Experience

• Minimum 6 years of relevant experience in IT security
• Technical know-how and experience in solutions such as but not limited to:
• Network Security (F/W, IPS, VPN, NAC) - Checkpoint, Fortigate, Palo Alto
• Web Security (WAF, Web isolation) - Cloudflare, Zscaler, Menlo, Microsoft
• Endpoint Security (EDR, AV, DLP) - Crowdstrike, Symantec, Microsoft, Forcepoint
• Threat Monitoring - Qradar, Demisto, Resilient, Claroty, Google SecOps
• Vulnerability Management – Tenable, Qualys, Ivanti, Microsoft
• Cloud Security – Microsoft, Palo Alto
• Identity Management - Microsoft, CyberArk
• Threat Hunting and Simulation – Cymulate, Crowdstrike
• Knowledgeable in security standards or regulations such as NIST, ISO 27001, SOC2, CCOP (SG), PDPA (SG), GDPR(EU), Security by Design will be an added advantage
• Certifications such as CISSP, OSCP, CCSK will be an added advantage
• Strong interpersonal skills with the ability to communicate and explain technical concepts to non-technical users

Our Culture at Sembcorp

At Sembcorp, our culture is shaped by a strong set of shared behaviours that guide the way we work and uphold our commitment to driving the energy transition.

We foster an institution-first mindset, where the success of Sembcorp takes precedence over individual interests. Collaboration is at the heart of what we do, as we work seamlessly across markets, businesses, and functions to achieve our goals together. Accountability is a core principle, ensuring that we take ownership of our commitments and deliver on them with integrity and excellence. These values define who we are and create a workplace where our people can thrive while making a meaningful impact on driving energy transition.

Join us in making a real impact!