VP, SIEM Security Engineer, Group Information Security
United Overseas Bank Limited (UOB) is a leading bank in Asia with a global network of more than 500 branches and offices in 19 countries and territories in Asia Pacific, Europe and North America. In Asia, we operate through our head office in Singapore and banking subsidiaries in China, Indonesia, Malaysia and Thailand, as well as branches and offices.
Our history spans more than 80 years. Over this time, we have been guided by our values — Honorable, Enterprising, United and Committed. This means we always strive to do what is right, build for the future, work as one team and pursue long-term success. It is how we work, consistently, be it towards the company, our colleagues or our customers.About the Department
The Technology and Operations function is comprised of five teams of specialists with distinct capabilities: business partnership, technology, operations, risk governance and planning support and services. We work closely together to harness the power of technology to support our physical and digital banking services and operations. This includes developing, centralising and standardising technology systems as well as banking operations in Singapore and overseas branches.Job Responsibilities
The SIEM Security engineer will support the day to day operations and development of the bank security suite of products with key objective in maintain, develop and enhance the detection, prevention, response and monitoring capabilities of GSOC.
• Support a wide array of security solutions and infrastructure deployed within the bank.
• Propose, develop, test and manage application, system and infrastructure changes, upgrades, troubleshooting, patch and improvements.
• Drive upgrades and migration to ensure solutions and or related platform are maintained in tip-top working conditions with proper documentation and RCA.
• Implement new technology and process improvements for the bank.
• Onboarding new log sources, enabling new use cases, developing new threat mode and supporting all existing use cases.
• Manage and support the log management environment.
• Conduct regression testing on new rules and enhancements.
• Manage and coordinate change process engagement with regards to current security solutions.
• Automation development on existing procedure able to understand the complete Data Flow for all log sources and manage them as well.
• Provide support for all Audit requests.
• Research and define requirements for new projects, perform product evaluation and technical Proof of Concept.
• Work within established practices and handling guidelines to triage device outages.
• Work with internal technical teams and engineers in technical troubleshooting, exercises and forums.
• Available to respond to any requests and assist with troubleshooting activities along with proper documentation.
• Resolve standard/routine issues with no guidance and complex/unusual issues with minimal guidance.
• Communicate effectively with a variety of internal teams and external contacts including technical and executive contacts.
• Capable of juggling variety of priorities and deliverables in an operational, interrupt driven environment with minimal guidance or supervision.
• ITC/Diploma/Degree in engineering/Computer Science / IT/Cyber Security from a recognized education institution
• Professional security related qualification (e.g. SANS GCIA, GCIH etc.) will be favorable although not mandatory
• Overall experience 8+ years of experience
• 5+ years of relevant experience in any SIEM technologies.
• Good knowledge in SIEM and network security (i.e. Firewalls, WAF, IDS, IPS, VPN, HIPS, ADS and TCP/IP protocols)
• Hands-on experience in Unix/Linux and Windows administration
• Hands-on experience in Syslog / Snare administration at server / client side
• Hands-on experience in Security Information Event Management platform with different connectors.
• Development of standard use cases, Threat Model, APT and behavior based use cases.
• Map use cases to MITRE ATT&CK framework.
• Experience in parsing of logs and writing regex.
• Handling Data analytics, Peer Group analytics, User and Entity Behavior analytics, Tier based analytics will be an added advantage
• Hands-on coding experience: python, shell scripts, Dev-Ops
• Analytical problem solver and good at troubleshooting technical issues
• Good understanding of SQL/Database, SOAP-XML, Restful API
• Good understanding of Application monitoring techniques on a SIEM platform
• Familiar with Big data Eco System components is added advantage
• Good understanding of internet concepts and technologies – internet services, search engines, open source tools, mobile technology, LAMP, IOT, TOR etc.
• Good understanding of network forensics and packet analysis.
• Minimal 2 years of relevant working experience in a SOC environment and related processes.
• Good written and verbal communication skills
• Process and procedure adherence
• Strong analytical and problem solving skill
• Effective time management and organizational skills.
Apply now and make a difference.
United Overseas Bank Ltd (UOB)