VP/AVP, Cloud Security Engineer, Information Security Services, Group Technology

The bank has also been named “Safest Bank in Asia” by Global Finance for seven consecutive years from 2009 to 2015.

Business Function

Group Technology enables and empowers the bank with an efficient, nimble and resilient infrastructure through a strategic focus on productivity, quality & control, technology, people capability and innovation. In Group Tech, we manage the majority of the Bank's operational processes and inspire to delight our business partners through our multiple banking delivery channels.

Responsibilities

This candidate will be responsible for the implementation and governance of cloud and container security controls and tooling across platforms, while driving risk assessments, incident response, and compliance in cloud-native and containerized environments.

• Lead the evaluation, implementation, and operationalization of security controls for public clouds and container platforms such as (AWS, GCP, Azure, OpenShift, PCF, VIC).
• Define and enforce security baselines, architecture patterns, and hardening standards for cloud workloads and container platforms.
• Participate, perform threat modelling and risk assessments for cloud projects, identifying security gaps and defining effective controls aligned with regulatory and industry frameworks.
• Review and assess cloud implementations, defined through Infrastructure as Code (IaC) and CI/CD pipelines, to identify security gaps and ensure alignment with access control best practices and compliance requirements.
• Serve as a trusted security advisor to stakeholders and senior management, translating technical risks into actionable strategies for secure cloud adoption.
• Continuously evaluate emerging threats and technologies, driving the adoption of new technologies and processes to enhance the bank’s cloud security posture without compromising performance or usability.
• Develop and manage monitoring and alerting systems, perform incident triage, vulnerability scans, and execute root-cause analysis.
• Design and implement automated detection, alerting, and remediation workflows using scripting, IaC, and SOAR platforms.

• Bachelor’s or Master’s degree in Computer Science or equivalent
• Working experience developing applications or managing infrastructure services for public cloud such as AWS, GCP or Azure
• Programming skills in at least one programming language: Python, Javascript, Java, C/C++
• Working experience in the information technology domain (computer/mobile application, APIs, container technology such as Dockers, public cloud, data science etc) and preferably in the information security (public cloud) domain
• Experience performing system analysis and design requirements gathering.
• Professional certification such as CISSP, GIAC GISP will be an added advantage
• Public cloud certifications
• Possess good technical knowledge in various security tools (end-point, network, authentication etc)
• Good understanding of regulatory requirements (e.g. MAS Technology Risk Management Guidelines, PCI DSS, Personal Data Protection Act)
• Knowledge of tactics, techniques, and procedures associated with malicious insider activity, organized crime/fraud groups and both state and non-state sponsored threat actors.
• Able to perform coding on need-to basis to build or enhance existing security solution
• Knowledge and working experience of financial security standards such as EMV, PCI DSS, is advantageous.
• Good networking with other security professionals in the financial industry

Apply Now

We offer a competitive salary and benefits package and the professional advantages of a dynamic environment that supports your development and recognises your achievements.