Job Description

Business Function

Group Technology enables and empowers the bank with an efficient, nimble and resilient infrastructure through a strategic focus on productivity, quality & control, technology, people capability and innovation. In Group Technology, we manage most of the Bank's operational processes and inspire to delight our business partners through our multiple banking delivery channels.

Responsibilities

·       Monitor developing cybersecurity events around the world, and escalate to L2 team if relevant events are observed

·       Performs monitoring, risk assessment and analysis on security tools such as Anomaly Detection systems, Firewalls, Antivirus systems, Proxy devices 

·       Follow pre-defined actions to handle security alerts including escalating to L2 team and other support groups 

·       Execute daily ad-hoc tasks or lead small projects as needed 

·       Participate in daily and ad-hoc documentation related tasks 

·       Create and maintain operational reports for Key Performance Indicators and weekly and Monthly Metrics 

·       Perform assessment phase of Vulnerability & Threat Management process 

·       Receive threat intelligence from feeds the Group subscribed to and update to Threat Intel knowledge base

·       Be ready to support any security incident response investigation in the Group regardless of location and environment

·       Work closely with Team Lead to review, provide feedback and take actions to improve the methodology use in the Security Operations

·       Responsible to ensure all tickets logged are closed correctly and timely

·       Ensure timely submission of routine reports on threats, vulnerabilities and incidents handled by the Security Operations Center

·       Keep the Security Operations Center runbooks and procedures updated

Requirements

·       3+ years working in security operations, preferably with incident management experience. Fresh graduates are also encouraged to apply

·       Experience in the Banking industry will be an advantage

·       Familiar with security products and network devices

·       Extensive technical experience with network security practices including Intranet, Extranet and Internet access

·       Technical experience with UNIX, AIX, Linux, Windows 

·       Knowledge of TCP/IP, DNS, web, wireless security architectures and enterprise-grade security solutions

·       Knowledge of encryption and authentication methods such as 2FA, DES/AES/RSA, Digital Certificates, SSL/TLS, IPSec and development of DMZ’s 

·       Knowledge of intrusion detection (deep TCP/IP knowledge, and cybersecurity), various operating systems (Windows/UNIX), and web technologies (especially internet security)

·       Able to read and understand packet level data, handle Network/Host Security products (NIDS/NIPS, firewalls, HIPS, AV, scanners, etc.) and understand security events from these tools

·       Able to perform vulnerability assessment and manage such tools/processes, as well as application penetration testing or forensic analysis fields

·       Certifications from EC-Council, GIAC, (ISC)² are preferred [CISSP, CEH, GCIA, CCNA]. 

·       People Skills: 

o   Be performance oriented; always try to excel past achievements 

o   Able to work under pressure during critical situations 

o   Able to work in a collaborative manner with peers with excellent communication skills

Job Requirements