Senior Associate, Cyber Security Engineer, Information Security Services, Group

The bank has also been named “Safest Bank in Asia” by Global Finance for seven consecutive years from 2009 to 2015.

Business Function

Group Technology enables and empowers the bank with an efficient, nimble and resilient infrastructure through a strategic focus on productivity, quality & control, technology, people capability and innovation. In Group Technology, we managethe majority ofthe Bank's operational processes and inspire to delight our business partners through our multiple banking delivery channels.

Job Description

The candidate is also expected to manage various Cyber defence tools deployed within the Bank and work with stakeholders to drive new security projects across the regions with DBS presence.

• Drive security projects across the region which involves vendor management, collaboration with stakeholders, business users and application teams.
• Lead overall end-to-end project delivery.
• Keep abreast of relevant technology to improve service delivery.
• Identify areas of improvement through process improvement and/or automation.
• Manage information security management processes, standards and procedures to ensure control effectiveness and service quality.
• Monitor developing security events, provide a detailed analysis of the impact of such events to DBS Group and recommend steps to be taken to mitigate any impact to business operations.
• Lead any Security Incident Response investigation that involves newly discovered malware and security threats.
• Review the methodology used in Cyber defence framework to identify any potential gaps or opportunities for process improvement.
• Work with all stakeholders to ensure cybersecurity risks are managed properly.

• 3+ years working experience recommended with prior work knowledge in the Banking industry will be an advantage.
• Degree in computer science, engineering, or other computer-related field of study.
• Certifications from EC-Council, GIAC, (ISC)² are preferred [CISSP, C|EH, GCIA, CCNA].
• Fluent with programming languages and familiar with application security by design.
• Experience with secure coding and knowledge of OWASP is highly recommended.
• Familiar with security products and network devices.
• Good domain knowledge of information security governance and strong risk management background.
• Prior experience in implementing security solution and information security governance.
• Knowledge and understanding of emerging risk areas, e.g., mobile, remote access, wireless technologies, DLP, cloud computing, etc.
• Extensive technical experience with network security practices including Intranet, Extranet and Internet access.
• Technical experience with UNIX, AIX, Linux, Windows.
• Knowledge of TCP/IP, DNS, web, wireless security architectures.
• Knowledge of encryption and authentication methods such as 2FA, DES, Digital Certificates, SSL, IPSec and development of DMZ’s.
• Knowledge of intrusion detection (deep TCP/IP knowledge, and cybersecurity), various operating systems (Windows/UNIX), and web technologies (especially internet security).
• Able to read and understand packet level data, handle Network/Host Security products (NIDS/NIPS, firewalls, HIPS, AV, scanners, etc.) and understand security events from these tools.
• Able to perform vulnerability assessment and manage such tools/processes, as well as application penetration testing or forensic analysis fields.
• People Skills:
• Be performance oriented; always try to excel past achievements.
• Able to work under pressure during critical situations.
• Able to work in a collaborative manner with peers.
• Communication Skills:
• Can communicate effectively with peers in discussions/meetings.

Apply Now

• en