Implement, operationalise and optimise an enterprise network vulnerability assessment system for the Bank and its entities.
Perform independent review of network vulnerability assessment process to ensure compliance to established standards.
Review and update scan policy as current cyber threat landscape evolves.
Assess and prioritise vulnerabilities discovered and advise IT custodians on mitigation of vulnerabilities.
Develop, review and update dashboards for effective management of vulnerabilities.
Develop, review and update user access matrix of enterprise vulnerability management system to provide least privileges to users.
Perform independent review of changes to the enterprise vulnerability system to ensure they are in good order.
Disseminate reports to key stakeholders and internal teams to prioritise remediation efforts to address vulnerabilities.
Possess a mindset to continuously improve vulnerability assessment process for efficiency, effectiveness, and scalability.
Assist with the Annual Penetration Test Program for the Bank by liaising with external consultants and work with IT custodians to remediate the findings.
Assist with the Bug Bounty Program for the Bank by liaising with external consultants and work with IT custodians to remediate the findings.
Support auditor’s and regulator’s requests for threat and vulnerability assessment.
Qualifications
Job Qualifications
The candidate must have at least 2 years of hands-on experience in configuring and managing an enterprise vulnerability assessment system, performing vulnerability assessment scans for a large enterprise, and engaging stakeholders in remediating the vulnerabilities according to established timelines.
Degree/Diploma in Computer Science, Cyber Security or equivalent.
Certified Information Systems Security Professional, Certified Information Systems Auditor or Certified Risk and Information System Control, Certified Ethical Hacker, will be desired.
Independent and able to perform tasks with minimum supervision.
Excellent communication and interpersonal skills with a good command of English.
Have a very strong commitment to personal development and drive to develop himself / herself technically and professionally.
Knowledgeable in cryptographic algorithms, mitigating controls to reduce the risks a vulnerability posed to the Bank.
Knowledgeable in compliance with MAS TRM, ABS, BNM, HKMA, CBRC, etc guidelines and regulatory notices.
Knowledgeable in application penetration testing methodologies, such as OWASP will be an advantage.
Knowledgeable with application development experience and programming/coding will be an advantage.
LI-WS
Primary Location: Singapore
Job: Information Technology
Organization: Group Operations & Technology Division
Schedule: Permanent
Job Posting: 22-Jun-2022, 12:36:21 AM
Beware of fraud agents! do not pay money to get a job
MNCJobz.com will not be responsible for any payment made to a third-party. All Terms of Use are applicable.