Cyber Security Manager

Job Purpose

The Manager Cyber Security is responsible for leading the overall cybersecurity strategy, governance, and operations across the refinery and petrochemical plant. The role ensures the protection of IT systems, digital assets, and sensitive data from cyber threats. The position includes overseeing cyber defense operations, policy development, risk assessment, and security technology implementations tailored for industrial environments.

The role also to monitor the integration between IT and OT (Operational Technology)

Key Accountabilities

Strategic Leadership

Develop and execute a comprehensive cybersecurity strategy aligned with industry standards (e.g., NIST, ISA/IEC 62443) and the company's operational risk profile.

Provide strategic direction and leadership to the cybersecurity team, covering IT, OT, and industrial control systems (ICS).

Serve as the key advisor to executive leadership on cybersecurity risks and mitigation strategies.

Cyber Defense & Monitoring

Lead the Security Operations Center (SOC) to ensure 24/7 monitoring, threat detection, and response.

Implement intrusion detection/prevention systems (IDS/IPS), SIEM, and endpoint protection across IT and OT networks.

Oversee incident response and recovery plans, including tabletop exercises and forensic investigations.

Policy & Compliance

Develop and enforce security policies, procedures, and standards for the plant's digital environment.

Ensure compliance with internal governance and external regulatory requirements such as NIST, ISO 27001, PETRONAS TCS, or relevant local cybersecurity laws.

Coordinate audits, risk assessments, and penetration tests for continuous improvement.

OT Focus

Collaborate with OT to ensure cybersecurity controls in DCS, PLC, and other ICS environments.

Identify and support to secure legacy industrial systems with limited security capabilities that will integrate back to IT network

Cybersecurity Technology & Architecture

Evaluate, implement, and maintain security technologies, including firewalls, secure remote access, network segmentation, and identity management solutions.

Lead secure architecture reviews for new systems or technology deployments in the refinery and plant environment.

Stakeholder Engagement & Awareness

Lead cross-functional cybersecurity awareness programs and trainings.

Act as a liaison with external agencies, regulators, and industry peers on cyber intelligence sharing and coordination.

Qualification & Experience

Education:

Bachelor's degree in Computer Science, Information Security, Engineering, or related field.

Master's degree or MBA is an added advantage.

Certifications (Preferred):

CISSP, CISM, CISA, GICSP, or equivalent

ISA/IEC 62443, SABSA, TOGAF (if relevant)

Experience:

- Minimum 10 years of experience in cybersecurity with at least 5 years in a leadership role.

- Prior experience in oil & gas, refinery, petrochemical, or energy sectors is highly preferable and

an added advantage.

- Deep understanding of ICS/OT environments and cyber-physical system risks.

Why join us

• Competitive salary and benefit package
• JV of giants (PETRONAS and Saudi Aramco)
• Future leading world class integrated refinery and petrochemicals producer.