VP, Vulnerability Management, Information Security
United Overseas Bank Limited (UOB) is a leading bank in Asia with a global network of more than 500 branches and offices in 19 countries and territories in Asia Pacific, Europe and North America. In Asia, we operate through our head office in Singapore and banking subsidiaries in China, Indonesia, Malaysia and Thailand, as well as branches and offices.
Our history spans more than 80 years. Over this time, we have been guided by our values — Honorable, Enterprising, United and Committed. This means we always strive to do what is right, build for the future, work as one team and pursue long-term success. It is how we work, consistently, be it towards the company, our colleagues or our customers.
About the Department
The Technology and Operations function is comprised of five teams of specialists with distinct capabilities: business partnership, technology, operations, risk governance and planning support and services. We work closely together to harness the power of technology to support our physical and digital banking services and operations. This includes developing, centralising and standardising technology systems as well as banking operations in Singapore and overseas branches.
- Conduct regular perimeter or internal application and network vulnerability scanning
- Responsible for researching and analyzing vulnerabilities, identifying relevant threats, corrective action recommendations, summarizing and reporting remediation results
- Work with internal departments or application teams for addressing vulnerabilities include system patching, deployment of specialized controls, code fix or infrastructure changes
- Identify and resolve any false positive findings in assessment results
- Manage tracking and remediation of vulnerabilities by leveraging agreed-upon action plans and timelines with responsible application owner and support teams
- Build effective relationships with stakeholders who own and support applications, IT infrastructure, and operations
- Review web application firewall (WAF) and Trend Micro Deep Security (HIPS) policies
- Utilize business and technical expertise to develop Splunk use cases and build Splunk apps, complex searches, custom reports/dashboards to meet business requirements
- Support clustered Splunk deployments and optimize system configurations
- Bachelor's degree in a related field and/or a minimum of 3-5+ years of experience in performing vulnerability assessments, or equivalent experience
- Experience using Rapid7 Nexpose and Tenable Nessus as the primary vulnerability scanners
- Understanding of security controls (e.g. access control, auditing, authentication, encryption, integrity, physical security, and application security)
- Experience in scripting (PowerShell, Python, Ruby, etc.) or programming
- Excellent problem solving and troubleshooting skills
- Ideally one or more security certifications (e.g. CISSP, OSCP, GPEN) or related certifications
- Experience with Splunk in large scale & clustered Splunk deployment and/or experience in developing Splunk applications
- Experience in configuring Splunk Search Heads, Indexers, and Universal Forwarders in a distributed environment
- DevOps familiarity with Chef (or Puppet/Ansible), Git and Jenkins
- Familiarity with security tools such as web application firewall, host instruction prevention system, file integrity monitoring, privileged session monitoring
- Self-motivated and able to collaboratively with both customers and other team members, and deliver results with minimal supervision
- Project Management experience
Be a part of UOB Family
Apply now and make a difference.
United Overseas Bank Ltd (UOB)