United Overseas Bank Ltd (UOB)

AVP (Analyst)-Security Operations Centre

United Overseas Bank Ltd (UOB) | Date Posted: 4-Jan-2019
Save Job
Job Nature:

Job Description

Functional area: Business Technology Services
Employment type: Full-time
Job Type: Permanent

The Security Operation Center (SOC) is seeking a Singapore-based L2 SOC analyst. The successful candidate will have experience in incident triage, security threat monitoring, security compliance monitoring and familiar with SOC processes and environment. He/she will work as the shift lead in a 24x7x365 shift environment and will respond to security incidents in a SLA driven SOC.

The anaylst will be responsible to perform daily operational real-time monitoring and analysis of security events from multiple sources including but not limited to events from Security Information Monitoring tools, network and host based intrusion detection systems, network infrastructure logs, system logs (Unix & Windows), mainframes, midrange, applications and databases. He/she will also need to perform incident initial identification, classification and prioritization, daily health check on the system health status as well as shift scheduling and conduct daily shift handover. 

Other responsibilities are as follows: 
  • Proactive monitoring on Cyber threat landscape by performing research and study on latest security threats and vulnerabilities
  • Participate in the periodic review and establishment of stringent service level requirement
  • Generate security reporting and metrics as required and stay current on the latest threats and vulnerabilities to ensure operational tools and processes are up to date
  • Provide first line response to security incidents (malware infections, unauthorized access, malicious emails, Distributed Denial of Service (DDoS) attacks, etc)
  • Review the analysis and work of the L1 analyst and provide guidance to the L1 analyst team as well as provide L2 analysis of security alerts and incidents
  • Enhance and assist in the tuning of the SIEM and NIDS rules to identify security incidents and reduce false positives.
  • Review threat intelligence and investigate indicators of compromise (IOCs).
  • ITC/Diploma/Degree in Computer Science / IT Security from a recognized education institution
  • Professional security related qualification (e.g. SANS GCIA, GSEC, GCIH) will be favorable although not mandatory
  • 3 to 5 years of relevant experience in similar capacity but candidates without relevant experience are welcomed to apply as training will be provided. 
  • Strong understanding of basic computer science: algorithms, data structures, databases, operating systems, networks, and programming
  • Strong understanding of IT operations: help desk, end-point, server management, and networks
  • Strong ability to communicate at all levels and write clearly 
  • Good understanding of Cyber security: Cyber kill chain, TTP, threat intelligence, malware triage as well as information security concepts:  defense in depth, BYOD management, data loss protection, risk assessment and security metrics
  • A good knowledge in Internet infrastructure, networking technology and network security (i.e. DNS, DHCP, Firewall, WAF, IDS, IPS, VPN, APT and TCP/IP protocols)
  • Malware triage and analysis capability will be an advantage
  • Working experience with ArcSight or any major SIEM will be an advantage
  • Strong technical knowledge and log analysis for Operating Systems, Database, Security and Network device & application
Company Overview
United Overseas Bank Ltd (UOB)