Job Description

• Implement, operationalise and optimise an enterprise network vulnerability assessment system for the Bank and its entities.
• Perform independent review of network vulnerability assessment process to ensure compliance to established standards.
• Review and update scan policy as current cyber threat landscape evolves.
• Assess and prioritise vulnerabilities discovered and advise IT custodians on mitigation of vulnerabilities.
• Develop, review and update dashboards for effective management of vulnerabilities.
• Develop, review and update user access matrix of enterprise vulnerability management system to provide least privileges to users.
• Perform independent review of changes to the enterprise vulnerability system to ensure they are in good order.
• Disseminate reports to key stakeholders and internal teams to prioritise remediation efforts to address vulnerabilities.
• Possess a mindset to continuously improve vulnerability assessment process for efficiency, effectiveness, and scalability.
• Assist with the Annual Penetration Test Program for the Bank by liaising with external consultants and work with IT custodians to remediate the findings.
• Assist with the Bug Bounty Program for the Bank by liaising with external consultants and work with IT custodians to remediate the findings.
• Support auditor’s and regulator’s requests for threat and vulnerability assessment.
  

Qualifications

Job Qualifications

• The candidate must have at least 2 years of hands-on experience in configuring and managing an enterprise vulnerability assessment system, performing vulnerability assessment scans for a large enterprise, and engaging stakeholders in remediating the vulnerabilities according to established timelines.
• Degree/Diploma in Computer Science, Cyber Security or equivalent.
• Certified Information Systems Security Professional, Certified Information Systems Auditor or Certified Risk and Information System Control, Certified Ethical Hacker, will be desired.
• Independent and able to perform tasks with minimum supervision.
• Excellent communication and interpersonal skills with a good command of English.
• Have a very strong commitment to personal development and drive to develop himself / herself technically and professionally.
• Knowledgeable in cryptographic algorithms, mitigating controls to reduce the risks a vulnerability posed to the Bank.
• Knowledgeable in compliance with MAS TRM, ABS, BNM, HKMA, CBRC, etc guidelines and regulatory notices.
• Knowledgeable in application penetration testing methodologies, such as OWASP will be an advantage.
• Knowledgeable with application development experience and programming/coding will be an advantage.

• LI-WS

Primary Location: Singapore Job: Information Technology Organization: Group Operations & Technology Division Schedule: Permanent Job Posting: 22-Jun-2022, 12:36:21 AM