VP, Security Engineer (Big Data Security Analytics) , Group Information Security
United Overseas Bank Limited (UOB) is a leading bank in Asia with a global network of more than 500 branches and offices in 19 countries and territories in Asia Pacific, Europe and North America. In Asia, we operate through our head office in Singapore and banking subsidiaries in China, Indonesia, Malaysia and Thailand, as well as branches and offices.
Our history spans more than 80 years. Over this time, we have been guided by our values — Honorable, Enterprising, United and Committed. This means we always strive to do what is right, build for the future, work as one team and pursue long-term success. It is how we work, consistently, be it towards the company, our colleagues or our customers.About the Department
The Technology and Operations function is comprised of five teams of specialists with distinct capabilities: business partnership, technology, operations, risk governance and planning support and services. We work closely together to harness the power of technology to support our physical and digital banking services and operations. This includes developing, centralising and standardising technology systems as well as banking operations in Singapore and overseas branches.Job Responsibilities
The Security engineer will support the day to day Security application administration, operations and development activities of the bank security suite of products with key objective in maintain, develop and enhance the detection, prevention, response and monitoring capabilities of GSOC using Big Data Security Analytics platform and solutions.
• Be part of Advance Security Analytics initiatives
• Provide administration support to Big Data Security Analytics Platform and other security solutions related infrastructure deployed within the bank.
• Normalize the data and perform data preparation using Python, Spark programing
• Onboarding new log sources, enabling new use cases, threat model and supporting all existing use cases.
• Follow MIRTE ATT&CK framework and NIST methodology
• Create use cases and threat models
• Conduct regression testing on existing use cases, threat models and future enhancement by adding more new use cases and threat model to protect the bank from sophisticated Cyber-attacks.
• Automation development on existing data feed and contextual data so we get different data from various log feeds to one location.
• Develop and support case management workflow, reports and dashboards.
• Manage and support the log management environment.
• Implement new technology and process improvements for the bank.
• Provide support for all Audit requests.
• Drive upgrades and migration to ensure solutions and or related platform are maintained in tip-top working conditions with proper documentation and RCA.
• Manage and coordinate change process engagement with regards to current security solutions.
• Research and define requirements for new projects, perform product evaluation and technical Proof of Concept.
• Experience with any insider threat tools
• Propose, develop, test and manage application, system and infrastructure changes, upgrades, enhancements, troubleshooting, patch and improvements by working with internal and external teams.
• Work within established practices and handling guidelines to triage device outages.
• Available to respond to any requests and assist with troubleshooting activities along with proper documentation.
• Resolve standard/routine issues with no guidance and complex/unusual issues with minimal guidance.
• Capable of juggling variety of priorities and deliverables in an operational, interrupt driven environment with minimal guidance or supervision.
• Communicate effectively with a variety of internal teams and external contacts including technical and executive contacts.
• ITC/Diploma/Degree in engineering/Computer Science / IT/Cyber Security from a recognized education institution
• Certified SNYPR administrator would be plus
• Cloudera Administration or Developer Certifications
• Professional security related qualification (e.g. SANS GCIA, GCIH etc.) will be favorable although not mandatory
• Overall experience 8+ years of experience.
• 4+ years of relevant experience in the area for managing SIEM, advanced SIEM or any Big Data Security Analytics
• Hands on experience in Advanced SIEM, Security Analytic solution, Hadoop – Big Data components, Linux and database (MySQL, Oracle/SQL)
• Scripting knowledge on Python, Spark, Shell and SQL.
• Experience in Normalize and Data preparation to clean the data
• Strong knowledge in understanding OS, Proxy, Network and other main-stream Infrastructure, Application, Access and Cloud logs.
• Strong Knowledge in developing custom parsers (regex) required for data ingestion for any infrastructure or application based data feeds.
• Advance knowledge and hands-on experience on implementing Use Cases and threat model development.
• Experience in integrating workflow with SOAR.
• Experience in Data/Device Integration and provide the data back to other platform.
• Drive upgrades and migration of SIEM and related Hadoop components to ensure solutions and or related platform are maintained in tip-top working conditions with proper documentation and RCA.
• Strong knowledge to optimize performance related to Big Data components.
• Strong understanding of HDFS, HIVE, SOLR, HBASE, Cloudera, Impala, Spark, Kafka, REDIS and MySQL etc.
• Ability to understand of Data generated by infrastructure and application across bank
• Experience in Automation
• Strong troubleshooting skills.
• Good written and verbal communication skills
• Process and procedure adherence
• Strong analytical and problem solving skill
• Effective time management and organizational skills
Apply now and make a difference.
United Overseas Bank Ltd (UOB)