Information Security Senior Analyst, Vulnerability Management
Vulnerability Management Information Security Senior Analyst Bukit Jalil, Malaysia Job Purpose
Security Technology Services (STS) is a critical function within Standard Chartered Bank operating under the overall purview of "Technology Services" .
The STS team is made up of cyber security thought leaders, who are accountable for the provision of a global set of cyber security services and products in order to maintain and continuously improve Bank's cyber security posture in today's ever evolving cyber security landscape.
The STS team protect the Bank from cyber security threats by delivering effective information security technology services, managing and responding to security incidents to ensure, and support the continuity and growth of Bank's business operations; and meet the both internal and external stakeholders' expectations across 70+ countries and territories, in which SCB operates.
As part of the ongoing Vulnerablity Management in SCB, this role is to support to improve Bank's network and application security posture in order protect the Bank from complex cyber threats. The Role Responsibilities
Our Ideal Candidate
- Operation planning and execute of vulnerability management deliverables.
- Responsible and accountable for operation of vulnerability scanning day to day running.
- Perform vulnerabilities analysing for false posisitve using manual testing method.
- Responsible threats validation and provide recommendation on remediation.
- Support remediation effort to reduce Bank's exposure.
- Support improvement through process and tools optimisation and service improvement projects.
- Support quality assurance and effiency through process re-engineering, technology transformation, integration
About Standard Chartered
- 8-10 years experience in Infrastructure vulnerability assessment
- Strong knowledge of security frameworks, information security principles, architecture, vulnerability assessement methods and cryptography
- Hands-on technical skills on vulnerability assessement execution
- Experience and ability to various operation system, traditional infrastructure, cloud
- Experience in coding or ability to understand software developer languages and scripting languages
- Strong sense of personal ownership and responsibility in accomplishing team and individual's P3 objectives
- Self-starter and ability work in complex large global Financial service organisation
- Understand security related regulatory requirements from MAS, HKMA, RBI, PRA, DFSNY, PCI etc
- Detail-orienteered in effectively with ambiguity, critical thinking and problem solving skills
- Technical security certifications e.g. CEH, SANS GIAC/GPEN/GWEB, CASS, OSWE, CCSP, CISSP, etc
- Bachelor Degree in Engineering, Computer Science/Information Technology or its equivalent
We are a leading international bank focused on helping people and companies prosper across Asia, Africa and the Middle East.
To us, good performance is about much more than turning a profit. It's about showing how you embody our valued behaviours - do the right thing, better together and never settle - as well as our brand promise, Here for good.
We're committed to promoting equality in the workplace and creating an inclusive and flexible culture - one where everyone can realise their full potential and make a positive contribution to our organisation. This in turn helps us to provide better support to our broad client base.