Senior Associate / Associate, Security Engineer (Project Advisory & En
DBS Bank Limited
Group Technology and Operations (T&O) enables and empowers the bank with an efficient, nimble and resilient infrastructure through a strategic focus on productivity, quality & control, technology, people capability and innovation. In Group T&O, we manage the majority of the Bank's operational processes and inspire to delight our business partners through our multiple banking delivery channels.
About the role
We need an experienced technology specialist to join our in-house Information Security Services team. The incumbent will participate in various bank projects as an information security engineer to perform threat modelling, risk assessment and engineer information security related solutions to support the project. As an Information Security Specialist, the incumbent will evaluate and drive the use of new technologies to enhance the security strength of our organization. We're looking for a responsive, highly productive professional who can work with numerous business and technical employees and vendors to deliver quality project advisory services.
- Evaluate, built, implement and operate security tools for monitoring and securing public cloud
- Participate, perform threat modelling, risk assessment, and recommend information security controls/processes for key projects
- information security controls/processes for key projects
- Perform information security due diligence on outsourcing service providers, including conducting site audit of their premise and facilities.
- Explain assessed risk and recommended security controls/processes to key stakeholders including senior management
- Provide guidance and mentoring to less experienced security engineers
- Collaborate with colleagues on information security solutions
- Evaluate, recommend and drive the use of new technologies and processes that will enhance the bank's security strength while balancing user experience and security objectives
- Respond to information security issues during each stage of a project's lifecycle
- Working experience developing applications or managing infrastructure services for public cloud such as AWS, GCP or Azure
- Working experience in the information technology domain (computer/mobile application, APIs, container technology such as Dockers, public cloud, data science etc) and preferably in the information security domain
- Experience performing system analysis and design requirements gathering.
- Bachelor's or Master's degree in Computer Science or equivalent
- Professional certification such as CISSP, GIAC GISP will be an added advantage
- Public cloud certifications
- Able to travel on a need-to basis
Functional / Technical Competencies
- Possess good technical knowledge in various security tools (end-point, network, authentication etc)
- Good understanding of regulatory requirements (e.g. MAS Technology Risk Management Guidelines, PCI DSS, Personal Data Protection Act)
- Knowledge of tactics, techniques, and procedures associated with malicious insider activity, organized crime/fraud groups and both state and non-state sponsored threat actors.
- Able to perform coding on need-to basis to build or enhance existing security solution
- The following will be added advantage:
- Knowledge and working experience of financial security standards such as EMV, PCI DSS
- Good networking with other security professionals in the financial industry
We offer a competitive salary and benefits package and the professional advantages of a dynamic environment that supports your development and recognises your achievements.
FindTheBestJob is a free service and does not charge a fee at any stage of application or recruitment process. Don’t provide your bank account or credit card details to anyone during job application. FindTheBestJob does not guarantee the availability of a job since organizations may end applications earlier than due date.