Senior VP, Security Architect, Group Information Security
Posting Date: 14-Oct-2020
Location: Alexandra, Singapore, SG
Company: United Overseas Bank Limited About UOB
United Overseas Bank Limited (UOB) is a leading bank in Asia with a global network of more than 500 branches and offices in 19 countries and territories in Asia Pacific, Europe and North America. In Asia, we operate through our head office in Singapore and banking subsidiaries in China, Indonesia, Malaysia and Thailand, as well as branches and offices.
Our history spans more than 80 years. Over this time, we have been guided by our values - Honorable, Enterprising, United and Committed. This means we always strive to do what is right, build for the future, work as one team and pursue long-term success. It is how we work, consistently, be it towards the company, our colleagues or our customers. About the Department
The Technology and Operations
function is comprised of five teams of specialists with distinct capabilities: business partnership, technology, operations, risk governance and planning support and services. We work closely together to harness the power of technology to support our physical and digital banking services and operations. This includes developing, centralising and standardising technology systems as well as banking operations in Singapore and overseas branches. Job Responsibilities
This is a senior technical role responsible to drive security architecture, innovation and strategy and help GTO teams to design, deploy and operate systems with appropriate security controls to meet business goals along with customer and regulatory requirements. This role is part of Group Information Security who is driving overall security strategy and practice in the bank. Key Responsibilities:
•Drive the security strategy and architecture for the group.
•Lead security architect team. Design the overall security architecture and standard methodology of implementing security controls across the bank's platforms
•Drive the development of reference architectures and associated reusable work products and assessment assets including detailed designs that provide deployable building blocks.
•Promote the use of standard controls, solutions and assets across the organization
•Evaluate and recommend the security controls to be used across the banks environment
•Identify security design gaps in existing or new system and recommend mitigations.
•Determine and communicate security requirements for IT systems such as network, application, OS and data by evaluating business strategies and requirements, understanding the threat landscape, evaluating emerging technology, keeping awareness of industry standard and regulatory requirement, and conducting risk assessments.
•As security subject matter expert, provide security advisory service to IT and non-IT teams.
•Participate and support the architecture development community and specific working groups.
•Maintain personal and management awareness of technologies trends, innovations and issues.
•Connect with industry and participate in forums and conferences. Job Requirements Education
•Degree in Information Security, Computer Science/Engineering or related discipline. Master Degree in Information Security or Computer Science is a plus.
•At least 15 years of IT experience, in which over 6 years are in the capacity of leading security architect team preferably in a large BFSI environment with proven track record in building security solutions.
•Deep understanding of enterprise architecture and security frameworks like TOGAF, NIST, CIS, etc.
•Solid know-how of security technology such as authentication and authorization, cryptography, programming, cloud security, devops, etc.
•Good understanding of the key IT aspects including strategic planning, application development, implementation & support, IT Infrastructure and operation, vendor management, IT audit, risk management and business continuity planning.
•Hands on experience of banking systems and operations.
•Familiar with Secure SDLC, dynamic and static code analysis and application threat modeling.
•Familiar with the regulator requirement.
•Relevant certifications such as TOGAF, SABSA, CISSP, ISSEP and CSSLP would be advantages. Soft Skills
•Excellent written and verbal communication skills
•Ability to effectively interact with a broad cross-section of personnel to explain and enforce security controls
•Strong analytical and critical thinking skills
•Strong leadership, project and team-building skills, including the ability to lead teams and drive projects and initiatives in multiple departments
•Able to work independently with minimum supervision Be a part of UOB Family
Apply now and make a difference.