VP, Senior Security Engineer - Infrastructure Security Engineering
Posting Date: 31-May-2023
Location: Singapore, Singapore
Company: 3677
About UOB
United Overseas Bank Limited (UOB) is a leading bank in Asia with a global network of more than 500 branches and offices in 19 countries and territories in Asia Pacific, Europe and North America. In Asia, we operate through our head office in Singapore and banking subsidiaries in China, Indonesia, Malaysia and Thailand, as well as branches and offices. Our history spans more than 80 years. Over this time, we have been guided by our values — Honorable, Enterprising, United and Committed. This means we always strive to do what is right, build for the future, work as one team and pursue long-term success. It is how we work, consistently, be it towards the company, our colleagues or our customers.
About the Department
Group Technology and Operations (GTO) provides software and system development, information technology support services and banking operations. We have centralized and standardized the technology components into Singapore, creating a global footprint which can be utilized for supporting our regional subsidiaries and the branches around the world. We operate and support 19 countries with this architecture to provide a secure and flexible banking infrastructure. Our Operations divisions provide transactional customer services for our businesses while also focusing on cost efficiency through process improvements, automation and straight through processing.
Job Responsibilities
- The Senior Security engineer will support the day-to-day Security application administration, operations and development activities of the bank’s Cyber security suite of products with key objective to maintain, develop and enhance the detection, prevention, response and monitoring capabilities of GSOC. This role provides high level support for the GSOC team with administration duties for a large number of the organization's information security environment. Provide support, development and service improvements to network security area.
- Support in developing and implementing advance new use cases and threat model as per the Cyber Security landscape by following industry leading Security framework and enhance the existing use cases and threat model detection capabilities to detect sophisticated cyber-attacks.
Key Responsibilities:
- Performing analysis of network security needs and contributes to design, integration, and installation of hardware and software.
- Gather, analyses and translate the business requirements into business solutions.
- Strong knowledge of Network Security Principles and experience applying the security policy into solution design.
- Designing, architecting and implementing various suite of Network security tools like NDR, IDS/IPS, CAS etc.
- Working with vendors on explaining the requirements, challenging their technical acumen, and performing due diligence on their offerings to ensure that it meets banks needs.
- Preparation of design documentation for project presentation.
- Maintaining and administering perimeter security systems such as NDR and intrusion detection systems.
- Develop and maintain network security policies and procedures, this includes defining security standards and guidelines in compliance with industry regulations.
- Drive upgrades and migration to ensure solutions and or related platform are maintained in tip-top working conditions with proper documentation and RCA.
- Test and manage application functionalities, system and infrastructure changes, upgrades, enhancements, patches, and troubleshooting.
- Managing the end-to-end lifecycle of Security products.
- Work within established practices and handling guidelines to triage device outages.
- Available to respond to any requests and assist with troubleshooting activities along with proper documentation.
- Resolve standard/routine issues with no guidance and complex/unusual issues with minimal guidance.
- Capable of juggling variety of priorities and deliverables in an operational, interrupt driven environment with minimal guidance or supervision.
- Automation of manual tasks on various security technologies.
- Provide support for all Audit requests.
- Manage and coordinate change, Incident and problem process engagement with regards to current security solutions.
- Communicate effectively with a variety of internal and external contacts including technical and business.
Job Requirements
Education
- ITC/Diploma/Degree in engineering/Computer Science / IT/Cyber Security from a recognized educational institution.
- Certification in Network security is a plus.
- Professional security related qualification (e.g. SANS GCIA, GCIH etc.) will be favorable although not mandatory.
Technical Skills
- Overall experience of 10+ years.
- Hands-on experience with security or monitoring products, with in-depth knowledge of 3 or more of the following systems: NDR, FireEye, Symantec CAS, IDS/IPS and EDR.
- Understanding of defense-in-depth and layered network security architectures. Web Servers, Encryption.
- Administrative and functional understanding of related security technologies.