Cyber Resilience Manager

COMPANY DESCRIPTION

About BW Group

BW Group is a leading global maritime company involved in shipping, floating infrastructure, deepwater oil & gas production, and new sustainable technologies. Founded in 1955 by Sir YK Pao, BW controls a fleet of over 450 vessels transporting oil, gas and dry commodities, with its 200 LNG and LPG ships constituting the largest gas fleet in the world. In the renewables space, the group has investments in solar, wind, batteries, and water treatment. BW is proud to be listed as one of Forbes World’s Best Employers 2023 and Financial Times Best Employers Asia-Pacific 2025.

Are you ready to make an impact?

What drives us is our mission to deliver energy for the world today, and to find solutions for tomorrow. If you want to make lives better around the world by providing access to energy, while working on sustainability and decarbonisation, we’d like to hear from you. Working at BW you will feel the pulse of the world each day. If something happens in the world, we feel it, and you can play your part by anticipating and responding to it. Our high-performing teams are drawn to BW by the global nature of our work and the satisfaction of working with collaborative people who inspire each other to deliver exceptional results.

RESPONSIBILITIES

Summary:

The Cyber Resilience Manager is responsible for developing, implementing, and maintaining strategies to enhance the cyber resilience of our organization. This role focuses on ensuring the continuity of critical business processes in the face of cyber threats, incidents, and disruptions. The ideal candidate will have a strong background in IT networks and infrastructure, along with expertise in disaster recovery, incident response, and business continuity planning.

Responsibilities:

1. Disaster Recovery Planning:

• Collaborate with cross-functional teams to create and maintain comprehensive disaster recovery plans.
• Identify critical systems, applications, and data, and define recovery time objectives (RTOs) and recovery point objectives (RPOs).
• Conduct regular tests and simulations to validate the effectiveness of disaster recovery procedures.
• Ensure alignment with industry standards and compliance requirements.

1. Incident Response Planning:

• Develop incident response plans that outline procedures for detecting, analyzing, and mitigating security incidents.
• Establish communication protocols to notify stakeholders during incidents.
• Coordinate incident response exercises and tabletop drills.
• Work closely with the security team to investigate and respond to incidents promptly.
• Drive continuous improvement in cybersecurity governance processes.

1. Business Continuity Planning:

• Create and maintain business continuity plans that address various scenarios (e.g., cyberattacks, cloud disruption, supply chain disruptions).
• Define roles and responsibilities for business continuity team members.
• Conduct impact assessments to prioritize critical business functions.
• Develop strategies for maintaining essential operations during disruptions.

1. Risk Assessment and Mitigation:

• Assess cyber risks related to IT networks, infrastructure, and applications.
• Implement risk mitigation measures to reduce vulnerabilities.
• Collaborate with stakeholders to prioritize risk remediation efforts.

1. Training and Awareness:

• Provide training sessions for employees on cyber resilience best practices.
• Foster a culture of security awareness and preparedness.
• Educate staff on their roles during incidents and business continuity events.

1. Collaboration and Communication:

• Work closely with IT teams, security teams, legal, compliance, business units and their executive leadership.
• Communicate cyber resilience strategies, progress, and challenges to relevant stakeholders.
• Participate in cross-functional committees related to risk management and business continuity.
• Engage with external auditors and regulatory bodies as needed.
• Foster strong relationships with key stakeholders.

QUALIFICATIONS

• Bachelor’s degree in computer science , Information Systems, or a related field.
• Certifications: Preferred certifications include Certified Information Systems Security Professional (CISSP), Certified Business Continuity Professional (CBCP), and Certified Information Systems Auditor (CISA).
• Experience:
  • Minimum of 5 years of experience in IT security, disaster recovery, or business continuity.
  • Strong knowledge of IT networks, infrastructure, and cloud environments.
  • Familiarity with relevant frameworks (e.g., NIST, ISO 22301).
  • Excellent problem-solving and communication skills.

• Strong understanding of GRC (Governance, Risk, and Compliance) principles.
• Familiarity with industry standards and frameworks (e.g., NIST, ISO, CIS).
• Excellent project management and leadership skills. Effective communication and collaboration abilities.
• This position may require occasional after-hours availability for incident response and testing.
• The Cyber Resilience Specialist will play a critical role in safeguarding our organization against cyber threats and ensuring uninterrupted business operations.