This site uses cookies. To find out more, see our Cookies Policy

SVP, Cyber Orchestration Manager (GSOC) in Singapore at UOB Group

Date Posted: 2/14/2018

Job Snapshot

  • Employee Type:
    Full-Time
  • Location:
    Singapore
  • Job Type:
    Operations
  • Experience:
    7 to 10 years
  • Date Posted:
    2/14/2018

Job Description

Functional area: T&O Policy & OA
Employment type: Full-time
Job Type: Permanent

The GSOC Cyber orchestration Manager is part of the SOC core team providing leadership in Cyber threat response and subject matter expertise. The selected candidate will be involved in both operational and capability improvement activities. Research and recommend purchase of security technologies, hardware, and software systems for the bank needs. Direct all effort in areas of threat hunting, use-case development and automation to enhance the detection, prevention, response and monitoring capabilities of GSOC.

Key Responsibilities:
  • Provide direct leadership, management, and operational oversight for our Level 3 engineers as well as execution of enhanced cyber security capabilities build-up programs.
  • Responsible for engineering design and development of cyber security technology along with integration of new architectural features into existing infrastructures while maintaining the integrity and security of enterprise-wide cyber security systems and networks.
  • Provide technical and security expertise to IT and business leadership and technical teams to identify cost-effective and appropriate security technology solutions and develop security reference architectures and strategies to achieve business results.
  • Develop/integrate cyber security solutions with multi-level security requirements for enhanced monitoring and detection capability
  • Maintain awareness of trends and issues in area of security expertise, evaluate new security technologies opportunities, and provide analysis of their potential advantage to the business.
Additional responsibilities:
  • Perform as a member of the Cyber security capability enhancement team to drive or participate in product evaluation, project discussion and deployments
  • Work within established practices and handling guidelines to develop and deploy preventive maintenance processes for GSOC infrastructure
  • Work with internal technical teams and engineers in technical troubleshooting, exercises and forums
  • Available to respond to client requests and assist with troubleshooting activities
  • Able to resolve customer related issues with minimal guidance
  • Communicate effectively with a variety of internal teams and external contacts including technical and executive contacts
  • Capable of juggling variety of priorities and deliverables in an interrupt driven environment with minimal guidance or supervision
Requirements
  • Preferred Degree in engineering/Computer Science / IT/Cyber Security from a recognized education institution
  • Professional security related qualification (e.g. SANS GCIA, GCIH etc.) is favorable
  • Min 7-10 years of relevant Cyber security experience
  • Expert knowledge in networking technology and network security (i.e. Firewalls, WAF, IDS, IPS, VPN, HIPS, ADS, SIEM, UBA and TCP/IP protocols)
  • Minimum 5 years of relevant working experience in a SOC environment and leading a team of highly skilled Cyber Engineers
  • Familiar with SOC processes
  • Understanding of threat response and incident response
  • Understanding in Unix/Linux and Windows administration
  • Understanding in Security Information Event Management System (SIEMS) example: HP ArcSight / Splunk
  • Strong foundation in security threat TTPs and attack counter measure
  • Analytical problem solver and good at troubleshooting technical issues
  • Effective time management and organizational skills
  • Operational knowledge of SIEMS, Breach Detection System, Network Forensic System, Big Data analytics, User Behavior Analytics and endpoint security technology
  • Understanding of malware analysis platforms and tools
  • Understanding of threat intelligence platforms and tools
  • Technical/logical understanding of FW/IDS/IPS/WAF rule and SIEM rule construction
  • Programming, concepts and scripting languages – Python, Ruby, Power-shell, Java, C/C++, Regex, STIX
  • Good understanding of network forensics and packet analysis
  • Good understanding of SQL/Database, SOAP-XML, Restful API
  • Good understanding of internet concepts and technologies – internet services, search engines, open source tools, android/iOS - mobile technology, LAMP, iOT, TOR etc.
  • Good written and verbal communication skills
  • Process and procedure adherence
  • Strong analytical and problem solving skill