Job Description

Business Function

Group Technology and Operations (T&O) enables and empowers the bank with an efficient, nimble and resilient infrastructure through a strategic focus on productivity, quality & control, technology, people capability and innovation. In Group T&O, we manage the majority of the Bank\'s operational processes and inspire to delight our business partners through our multiple banking delivery channels.

Responsibilities

• Support in daily operations, participate in Project Development.
• Ability to refine and translate complex requirements and execute best practice solutions.
• Develop a wide gamut of Cortex SOAR integrations with security platforms within ISRM (Information system Risk Management) leveraging their respective APIs (REST, GraphQL, SOAP, HTTP Request Methods. etc.).
• Liaise with user to gather requirement for improvement.
• Assess, design, and improve SOC processes and workflows with a focus on integrating automation through Security Orchestration, Automation and Response (SOAR) tools and technologies.
• Implement new SOC automation and ensure continued compatibility with existing or new detection and response tools.
• Integrate new logging sources and build playbooks to properly triage and respond to security incidents while reducing the time needed to analyse each event.
• Develop custom scripts to automate current detection and response workflows.
• Analyse SOC alerts statistics and workflows to reduce false positives and properly focus engineering efforts.
• Ability to document security analytics, mapping them to the MITRE ATT&CK framework.
• Ability to create documentation for SOAR playbooks.
• Evaluating commercial and open-source tools.

• Min Diploma in Computer Science/Studies or equivalent with 1 year of related working experience.
• Good programming experience in a higher-level language such as NodeJS, Ruby, Chef, Puppet, YAML, JSON, and/or Python.
• Understanding of API based security and compliance standards and Unix/Linux and Windows operating systems and scripting.
• Working knowledge of Endpoint Prevention, SIEM, vulnerability management tools, SOC, firewalls, and other security technologies both from a technology and a business driver standpoint.
• Experience understanding threat intelligence and threat hunting.
• Advanced knowledge of web threats and cybercrime.
• Strong analytical skills to evaluate complex multivariate problems and find a systematic approach to gain a quick resolution, often under duress.
• Mature and effective time-management skills.
• Cybersecurity knowledge and experience \xe2\x80\x93 advantage.
• People Skills:

• Be performance oriented; always try to excel past achievements.
• Able to work under pressure during critical situations.
• Able to work in a collaborative manner with peers.

• Communication Skills:
• Can communicate effectively with peers in discussions/meet.
• Be able to communicate technical information in a simplified, easy to understand manner.

DBS Bank