MyPage is a personalized page based on your interests.The page is customized to help you to find content that matters you the most.


I'm not curious
4

AVP / Snr Assoc , Lead Security Engineer

Location Singapore, Singapore
Posted 15-October-2021
Description
We need an experienced technology specialist to join our in-house Information Security Services team in a long-term position. The successful candidate will serve two functions within the company. First, he or she will participate in various bank projects as an information security engineer to perform threat modeling, risk assessment and engineer information security related solutions to support the project; and second, the Information Security Specialist will evaluate and drive the use of new technologies to enhance the security strength of our organization.

Were looking for a responsive, highly productive professional who can work with numerous business and technical employees and vendors to deliver quality project advisory services.

Responsibilities

Evaluate, built, implement and operate security tools for monitoring and securing public clouds (AWS, GCP, Azure)
Perform risk assessment for business, application and infrastructure use of public cloud
Participate, perform threat modeling, risk assessment, and recommend information security controls/processes for key projects
Perform information security due diligence on outsourcing service providers, including conducting site audit of their premise and facilities.
Explain assessed risk and recommended security controls/processes to key stakeholders including senior management
Provide guidance and mentoring to less experienced security engineers
Collaborate with colleagues on information security solutions
Evaluate, recommend and drive the use of new technologies and processes that will enhance the banks security strength while balancing user experience and security objectives
Respond to information security issues during each stage of a projects lifecycle

Requirements

Working experience developing applications or managing infrastructure services for public cloud such as AWS and GCP
Programming skills in at least one programming language: Python, Javascript, Java
Working experience in the information technology domain (computer/mobile application, APIs, container technology such as Dockers, public cloud, data science etc) and preferably in the information security domain
Experience performing system analysis and design requirements gathering.
Bachelors or Masters degree in Computer Science or equivalent
Professional certification such as CISSP, GIAC GISP will be an added advantage
Public cloud certifications
Able to travel on a need to basis

Functional / Technical Competencies

Possess good technical knowledge in various security tools (end-point, network, authentication etc)
Good understanding of regulatory requirements (e.g. MAS Technology Risk Management Guidelines, PCI DSS, Personal Data Protection Act)
Knowledge of tactics, techniques, and procedures associated with malicious insider activity, organized crime/fraud groups and both state and non-state sponsored threat actors.
Able to perform coding on need-to basis to build or enhance existing security solutions.

 
Awards & Accolades for MyTechLogy
Winner of
REDHERRING
Top 100 Asia
Finalist at SiTF Awards 2014 under the category Best Social & Community Product
Finalist at HR Vendor of the Year 2015 Awards under the category Best Learning Management System
Finalist at HR Vendor of the Year 2015 Awards under the category Best Talent Management Software
Hidden Image Url