VP, Vulnerability Management, Group Info Security

About UOB

United Overseas Bank Limited (UOB) is a leading bank in Asia with a global network of more than 500 branches and offices in 19 countries and territories in Asia Pacific, Europe and North America. In Asia, we operate through our head office in Singapore and banking subsidiaries in China, Indonesia, Malaysia and Thailand, as well as branches and offices. Our history spans more than 80 years. Over this time, we have been guided by our values – Honorable, Enterprising, United and Committed. This means we always strive to do what is right, build for the future, work as one team and pursue long-term success. It is how we work, consistently, be it towards the company, our colleagues or our customers.

About the Department

Group Technology and Operations (GTO) provides software and system development, information technology support services and banking operations.

We have centralized and standardized the technology components into Singapore, creating a global footprint which can be utilized for supporting our regional subsidiaries and the branches around the world. We operate and support 19 countries with this architecture to provide a secure and flexible banking infrastructure.

Our Operations divisions provide transactional customer services for our businesses while also focusing on cost efficiency through process improvements, automation and straight through processing.

Job Responsibilities

he VP, Vulnerability Management will be responsible for the delivery of vulnerability management services and day-to-day operations and development of the bank security suite of products with key objective in designing, developing, deploying, maintaining, and enhancing the Bank’s vulnerability management capabilities

Key Responsibilities:

• Manage activities associated with attack surface reduction and proactive management of potential vulnerabilities to the Bank’s technology estate
• Ensure timely communication, management and reporting of product vulnerability advisories to application and infrastructure teams including monitoring the lifecycle of product vulnerabilities in conjunction with the Threat Intelligence team
• Provide best practice guidance to application and infrastructure teams on possible mitigating controls in the absence of product fixes for vulnerabilities
• Coordinate (as and when needed) vulnerability response for critical vulnerabilities in conjunction with the Group Security Operations Centre
• Automation development on existing processes and develop contextual data sets, reports, and dashboards to provide management, risk and service insights
• Product research and define requirements for new projects, perform product evaluation and technical Proof of Concept
• Provide support for all Audit and Regulatory requests

Others:

• Communicate effectively with a variety of internal teams and third-party service providers/vendors for the delivery of Vulnerability Management services/solutions.
• Capable of managing a variety of priorities and deliverables in an operational, interrupt driven environment with minimal guidance or supervision
• Work with internal technical teams and engineers in the prioritization and interpretation of attack surface reduction activities including providing guidance on countermeasures as mitigating controls
• Available to respond to any requests and assist with troubleshooting activities of vulnerability management solutions along with proper documentation.
• Resolve standard/routine issues with no guidance and complex/unusual issues with minimal guidance

Job Requirements

Education:

• Diploma/Degree in engineering/Computer Science/IT/Cyber Security from a recognized education institution
• Professional security related qualification (e.g., SANS, CISSP, CISA, CISM, etc.) will be favorable although not mandatory.

Technical Skills:

• Overall experience 8 to 12 years of experience
• 5 to 7 years of relevant experience with proven track record in managing, deploying, automating and streamlining Vulnerability Management services, technologies and process.
• Knowledgeable with the variety of Vulnerability Management technologies and familiar with the industry trends and best practices
• Knowledgeable with open systems (e.g., Windows, Unix, Linux), networking technologies (e.g., switches, routers, firewalls), end user technologies (Windows, iOS, Android) in relation to Vulnerability Management
• Knowledgeable with cloud technologies (e.g., AWS, Azure, M365, GCP) and containers (e.g., Docker and Kubernetes) in relation to Vulnerability Management
• Analytical problem solver and good at troubleshooting technical issues
• Hands-on experience in the use of Splunk, scripting (e.g., Python, Bash), security testing tools, and network vulnerability assessment tools (e.g., Nessus, Qualys, Rapid7, etc) will be favorable.

Soft Skills:

• Good written and verbal communication skills
• Process aware mindset.
• Strong analytical and problem-solving skills
• Effective time management and organizational skills
• Team player, including ability to establish and maintain effective working relationships within and across the organization.
• Proficient in Microsoft Office applications

Be a part of UOB Family

UOB is an equal opportunity employer. UOB does not discriminate on the basis of a candidate's age, race, gender, color, religion, sexual orientation, physical or mental disability, or other non-merit factors. All employment decisions at UOB are based on business needs, job requirements and qualifications. If you require any assistance or accommodations to be made for the recruitment process, please inform us when you submit your online application.

Apply now and make a difference.

Competencies

1. Strategise2. Engage3. Execute4. Develop5. Skills6. Experience