OT CyberSecurity Engineer

Cybersecurity Manager - Container Handling Equipment

Position Overview

The Cybersecurity Manager will be attached to the Group Engineering Department to support the Group Cyber Security Committee.

He will play a pivotal role in securing mission-critical infrastructure within Hutchison Ports focussing on cyber-resilience of container handling equipment and associated Operation Technology (OT) networks. This position requires deep technical expertise a pragmatic approach to risk management and a keen understanding of the unique challenges facing the container ports sector. You will design in conjunction with equipment OEMs and vendors implement and oversee advanced cybersecurity controls to protect operational technology systems against ever-evolving threats ensuring that Hutchison Ports assets remain efficient safe and compliant with industry standards.

Key Responsibilities

1. Ensure that equipment specifications incorporate clear and concise technical cybersecurity requirements aligning with Hutchison Ports policies and international standards.

2. Take a lead technical role implementing cybersecurity solutions for a variety of container handling equipment such as quayside cranes yard cranes and horizontal container handling equipment with an emphasis on automated container handling operations.

3. Implement and maintain security controls for industrial control systems (ICS) SCADA systems programmable logic controllers (PLCs) and real-time operating environments.

4. Conduct comprehensive OT risk assessments vulnerability analyses and threat modelling for automated container handling equipment.

5. Prioritize remediation of identified risks based on impact to operational continuity safety and data integrity.

6. Develop and maintain robust cybersecurity architectures tailored for the OT landscape of container ports. Design secure network segmentation access control mechanisms and monitoring solutions to isolate and protect critical systems.

7. Contribute to the design and maintenance of rigorous incident response playbooks specific to OT environments including container handling machinery. Lead investigations into security incidents coordinate with cross-functional teams and manage restoration activities to minimize operational downtime.

8. Ensure OT cybersecurity programs adhere to relevant Hutchison Ports standards and policies along with international standards and regulations such as IEC 62443 NIST CSF ISO/IEC 27001 and IMO guidelines. Prepare for and participate in audits contributing to documentation and evidence collection.

9. Responsible for deploying and operating real-time monitoring solutions including Security Information and Event Management (SIEM) systems and endpoint detection and response tools tailored for industrial assets.

10. Oversee the cybersecurity lifecycle for container handling equipment from initial procurement and commissioning through to end of life. Evaluate supplier security practices and review system updates for potential risks.

11. Collaborate with internal Hutchison Ports departments equipment manufacturers and regulatory authorities to align cybersecurity measures with business objectives and operational requirements.

12. Develop and deliver OT-specific cybersecurity training for technical staff operators and management. Foster a culture of security awareness throughout the Hutchison Ports network.

13. Stay abreast of emerging threats technologies and trends in OT cybersecurity particularly as they pertain to maritime logistics and automated container operations. Lead initiatives to continuously improve the security posture of the organization.

Required Qualifications

1. A minimum of a Bachelors degree in computer science Engineering Information Security or related field.

2. Minimum of 5 years of experience in cybersecurity engineering with at least 3 years focused on OT environments (industrial automation SCADA ICS or similar).

3. Experience securing container handling equipment or similar industrial machinery in a port logistics or maritime setting.

4. Comprehensive understanding of OT protocols (e.g. Modbus OPC PROFINET DNP3) industrial Ethernet and serial communications.

5. Proven track record with vulnerability management penetration testing and security assessments for operational technology assets.

6. Expertise in designing and managing segmented OT networks DMZs firewalls and secure remote access solutions for industrial systems.

7. Strong knowledge of security standards (IEC 62443 NIST SP 800-82 ISO/IEC 27001) and regulatory frameworks relevant to the maritime and logistics sector.

8. Demonstrated experience in incident response and root cause analysis of OT security breaches.

9. Excellent communication and stakeholder engagement skills; ability to translate complex technical concepts for non-technical audiences.

10. Strong analytical problem-solving and project management capabilities.

Cybersecurity Certification Requirements (Advantageous)

1. Industry-recognized certifications with a preference for OT-focused credentials such as: 2. GIAC Global Industrial Cyber Security Professional (GICSP) 3. ISA/IEC 62443 Cybersecurity Certificate 4. Certified Information Systems Security Professional (CISSP) 5. Certified SCADA Security Architect (CSSA) 6. Certified Information Security Manager (CISM)

7. Additional vendor-specific certifications (e.g. Siemens & ABB) relevant to container handling equipment would be highly desirable.

Desirable Skills & Experience

1. Hands-on experience with the configuration operation and cybersecurity of automated port equipment.

2. Exposure to emerging technologies such as IoT sensors autonomous vehicles and AI- enabled port automation.

3. Experience in crisis management business continuity planning and disaster recovery for operational environments.

4. Ability to work in a fast-paced mission-critical setting with a diverse and multidisciplinary team.

5. Multilingual communication abilities desirable including Chinese Cantonese Putonghua and English.

Personal Attributes

1. Proactive and resourceful with an unwavering commitment to operational safety and cyber- resilience.

2. Adaptable to new technologies and ever evolving cybersecurity landscapes. 3. Motivated by challenges and driven to deliver high-quality innovative solutions in complex

operational scenarios. 4. Strong ethical standards integrity and professional discretion. 5. Collaborative and supportive fostering teamwork across technical and non-technical

disciplines.

Less experienced candidates may be considered for Junior Cybersecurity Engineer.