VP, Senior Security Engineer, Group Information Security
VP, Senior Security Engineer, Group Information Security
Posting Date: 21-Nov-2021
Location: Alexandra, Singapore, SG
Company: United Overseas Bank Limited About UOB
United Overseas Bank Limited (UOB) is a leading bank in Asia with a global network of more than 500 branches and offices in 19 countries and territories in Asia Pacific, Europe and North America. In Asia, we operate through our head office in Singapore and banking subsidiaries in China, Indonesia, Malaysia and Thailand, as well as branches and offices.
Our history spans more than 80 years. Over this time, we have been guided by our values - Honorable, Enterprising, United and Committed. This means we always strive to do what is right, build for the future, work as one team and pursue long-term success. It is how we work, consistently, be it towards the company, our colleagues or our customers. About the Department
The Technology and Operations
function is comprised of five teams of specialists with distinct capabilities: business partnership, technology, operations, risk governance and planning support and services. We work closely together to harness the power of technology to support our physical and digital banking services and operations. This includes developing, centralising and standardising technology systems as well as banking operations in Singapore and overseas branches. Job Responsibilities
- Support the day to day operations and development of the bank security suite of products with key objective in designing, developing, deploying, maintaining and enhancing the detection, prevention, response and monitoring capabilities of the Group Security Operations Centre (GSOC)
- Support in developing and implementing advance new use cases and threat model as per the Cyber Security landscape by following industry leading Security framework and enhance the existing use cases and threat model detection capabilities to detect sophisticated cyber-attacks.
- Support a wide array of security solutions and infrastructure deployed within the bank.
- Propose, develop, test and manage application, system and infrastructure changes, upgrades, troubleshooting, patch and improvements.
- Drive upgrades and migration to ensure solutions and or related platform are maintained in tip-top working conditions with proper documentation and RCA.
- Onboarding new log sources, enabling new use cases, developing new threat models and supporting all existing use cases.
- Work with respective teams to obtain requirements of attributes related for each data feeds which are required for creating use cases and threat model
- Conduct regression testing on new rules and enhancements.
- Manage and coordinate change process engagement with regards to current security solutions.
- Drive upgrades and migration to ensure solutions and or related platform are maintained with proper documentation and RCA
- Automation development on existing processes and able to understand the complete Data Flow for all log sources and manage them as well. Automation development on existing data feeds and contextual data in order to centralize collection into a single platform
- Define new use cases and threat models and risk score threshold for use cases. Use case (life cycle) management (research, development & maintenance)
- Development, implementation and maintenance of use cases and also develop content around threat intel feeds
- Map all current and new use cases to MITRE ATT&CK framework and NIST methodology
- Develop detection strategies and security content for various threats
- Monitor and track threat feeds ingestion and best utilization of threat feeds
- Conduct detailed analytical queries and investigations, identify areas that require specific attention, identify indicators of compromise (IOC) or events of interest (EOI) that need further investigation and develop use cases and rules to be developed into the SIEM platform
- Product Research and define requirements for new projects, perform product evaluation and technical Proof of Concept.
- Provide support for all Audit and Regulatory requests.
- Develop and support case management workflow, reports and dashboards.
- Diploma/Degree in engineering/Computer Science / IT/Cyber Security from a recognized education institution
- Demonstrated content development experience on any analytical platform or solution.
- Professional security related qualification (e.g. SANS GCIA, GCIH etc.) will be favorable although not mandatory
- Knowledge of cyber kill chain/MITRE ATT&CK framework
- Certified SNYPR Content Developer (CSCD) would be an added advantage
- Overall experience 10 - 12 years of experience
- 5+ years of relevant experience in any SIEM technologies.
- Minimal 2 years of relevant working experience in a SOC environment and related processes would be an added advantage
- Hands-on knowledge for SIEM, Log Management Platforms and Threat Use Case Development Platforms
- Good working knowledge of network security (i.e. Firewalls, WAF, IDS, IPS, VPN, HIPS, ADS and TCP/IP protocols)
- Familiar with Big Data Analytics, EDR, SIEM and other cyber technologies
- Analytical problem solver and good at troubleshooting technical issues
- Good understanding of SQL/Database, SOAP-XML, Restful API
- Good understanding of Application Security monitoring techniques on a SIEM platform.
Be a part of UOB Family
- Good written and verbal communication skills
- Process aware mindset
- Strong analytical and problem solving skills
- Effective time management and organizational skills.
UOB is an equal opportunity employer. UOB does not discriminate on the basis of a candidate's age, race, gender, color, religion, sexual orientation, physical or mental disability, or other non-merit factors. All employment decisions at UOB are based on business needs, job requirements and qualifications. If you require any assistance or accommodations to be made for the recruitment process, please inform us when you submit your online application.
Apply now and make a difference.