# IT Security Officer (Operational Technology) - A26207 > Activate Interactive Pte Ltd · Singapore, Singapore · Contract · Posted 2026-06-29 **Salary:** SGD 7,500–10,000 **Workplace:** on_site **Department:** Co-Development ## Description Activate Interactive Pte Ltd (“Activate”) is a leading technology consultancy headquartered in Singapore with a presence in Malaysia and Indonesia. Our clients are empowered with quality, cost-effective, and impactful end-to-end application development, like mobile and web applications, and cloud technology that remove technology roadblocks and increase their business efficiency. We believe in positively impacting the lives of people around us and the environment we live in through the use of technology. Hence, we are committed to providing a conducive environment for all employees to realize their full potential, who in turn have the opportunity to continuously drive innovation. We are searching for our next team members to join our growing team. If you love the idea of being part of a growing company with exciting prospects in mobile and web technologies that create positive impact on people’s lives, then we would love to hear from you. _**This is a 12 months fixed term contract role.**_ **What will you do?** The IT Security Officer is responsible for protecting the integrity, availability, and confidentiality of key operational technology infrastructure within the Meteorological Service Singapore. This role bridges cybersecurity expertise with an understanding of specialized environmental monitoring technologies, ensuring that weather observation, forecasting, and dissemination systems remain secure, resilient, and compliant with national standards. This project is with Meteorological Systems Department, Meteorological Service Singapore. **OT Asset Discovery & Architecture Mapping** - Use passive, non-disruptive monitoring tools to discover OT assets across meteorological networks without impacting live operations. - Maintain a comprehensive OT Asset Register covering all hardware, firmware, software, and network connectivity. Flag all shadow or unmanaged devices. - Review and document the IT/OT network architecture, producing topology diagrams that capture OT-to-IT connectivity, remote access paths, vendor interfaces, and boundary crossing points, each risk-rated. - Map operational data flows between OT and IT systems to identify lateral attack paths, including where meteorological process data crosses into less-secure corporate network segments. - Maintain the OT Asset Register and IT/OT Network Architecture Map as the foundational security baseline for all vulnerability assessments, risk management, and incident response activities **Security Operations & Monitoring** - Monitor and defend operational technology (OT) supporting meteorological systems, including weather radar networks (e.g., Doppler Weather Radar S/C Bands), satellite ground stations, upper-air sounding systems, and automated weather observation systems (AWOS). - Operate and maintain security information and event management (SIEM) tools to detect anomalies across hybrid IT/OT environments. - Work closely with the Agency’s CISO to manage and deploy critical patches and others security incidents. - Investigate and respond to security incidents, coordinating with national CERT teams and agency leadership as required. **Risk Management & Compliance** - Conduct regular risk assessments across meteorological data acquisition, processing, and dissemination pipelines. - Ensure compliance with relevant frameworks such as NIST SP 800-82r3, FISMA, ICS/SCADA security standards (IEC 62443), and agency-specific cybersecurity policies. - Maintain and test the division’s continuity of operations plans (COOP) and disaster recovery procedures to ensure minimal disruption to critical weather services. **Vulnerability Management** - Perform and coordinate regular vulnerability scans, penetration tests, and security audits of systems. - Manage patch cycles in close coordination with systems engineers, balancing security needs against the 24/7/365 operational uptime requirements of weather services. **Vendor & Supply Chain Security** - Evaluate third-party hardware and software used in meteorological systems (sensors, data feeds, vendor-supplied processing software) for supply chain risks. - Review and enforce security requirements in contracts with technology vendors and data partners **Training & Security Awareness** - Develop and deliver cybersecurity awareness training tailored to the division’s operational context, including threats specific to environmental monitoring infrastructure. - Serve as the primary OT security expert for the division. ## Requirements **Required Qualifications** - Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field. - Minimum 5 years of experience in IT/OT security roles, preferably within critical infrastructure, government, or scientific/technical environments. - Proficiency with SIEM platforms, intrusion detection/prevention systems (IDS/IPS), and endpoint detection tools. - Active or ability to obtain a government security clearance at the required level. **Preferred Qualifications** - Familiarity with meteorological systems, remote sensing technologies, or environmental monitoring infrastructure. - Demonstrated experience securing SCADA, ICS, or OT systems. - Strong working knowledge of NIST, FISMA, and IEC 62443 frameworks. - Experience working within a 24/7 mission-critical operational environment. - Knowledge of WMO (World Meteorological Organization) data standards and international weather data sharing protocols. - One or more active certifications: CISSP, CISM, CEH, GICSP, or equivalent. - Experience with cloud security in hybrid environments (AWS, Azure Government). - Note: 1. CISSP (Certified Information Systems Security Professional) 2. CISM (Certified Information Security Manager) 3. CEH (Certified Ethical Hacker) 4. GICSP (Global Industrial Cyber Security Professional) — highly valued for OT/radar network security. **Advantage Skill Sets** - Knowledge of raw meteorological data ingestion pipelines (e.g., BUFR, GRIB, NetCDF formats, IWXXM, GeoJSON). **Soft Skills & Attributes** - Calm Under Pressure: Ability to make critical security decisions rapidly during severe weather events when systems are under maximum operational stress. - Strong Communication: Ability to translate complex cyber threats into actionable advice for non-technical meteorological staff and agency executives. - Analytical Mindset: Exceptional problem-solving skills with a keen eye for detecting anomalies in massive data workflows. ## Benefits **What do we offer in return?** - Fun working environment - Employee Wellness Program - To work in Singapore Government Agencies projects - We provide structured development framework and growth opportunities. (We are a “SHRI 2025 Gold winner” in “Learning & Development; Coaching & Mentoring”) **Why you'll love working with us?** If you are looking for opportunities to collaborate with leading industry experts and be surrounded by highly motivated and talented peers, we welcome you to join us. We provide all employees with equal opportunities to grow and develop with us. We believe your success is our success. Does it sound like something you are interested in exploring further? Please be in touch with our team for an initial chat at careers@activate.sg Activate Interactive Singapore is an equal opportunity employer. Employment decisions will be based on merit, qualifications and abilities. Activate Interactive Pte Ltd does not discriminate in employment opportunities or practices on the basis of race, color, religion, gender, sexuality, national origin, age, disability, marital status or any other characteristics protected by law. Protecting your privacy and the security of your data are longstanding top priorities for Activate Interactive Pte Ltd. Your personal data will be processed for the purposes of managing Activate Interactive Pte Ltd’s recruitment related activities, which include setting up and conducting interviews and tests for applicants, evaluating and assessing the results, and as is otherwise needed in the recruitment and hiring processes. Please consult our Privacy Notice ([https://www.activate.sg/privacy-policy](https://www.activate.sg/privacy-policy)) to know more about how we collect, use, and transfer the personal data of our candidates. Here you can find how you can request for access, correction and/or withdrawal of your Personal Data. ## Apply [Apply at Activate Interactive Pte Ltd](https://apply.workable.com/activate-interactive-pte-ltd/j/FAE565C9AD/apply) --- Powered by [Workable](https://www.workable.com)