Contract Staff (Senior), IT Risk and Security Analyst, Institutional Banking Group Technology, Technology & Operations

  • Competitive
  • Singapore
  • Permanent, Full time
  • DBS Bank Limited
  • 23 Jan 18 2018-01-23

See job description for details



Business Function

Group Technology and Operations (T&O) enables and empowers the bank with an efficient, nimble and resilient infrastructure through a strategic focus on productivity, quality & control, technology, people capability and innovation. In Group T&O, we manage the majority of the Bank's operational processes and inspire to delight our business partners through our multiple banking delivery channels.

Responsibilities

  • Privilege IDs and ID-related activities
    • Track the privilege ID with manual-managed password to ensure the change of password as per standards
    • Perform the ID reviews on relevant OS platforms, database and folder permission and application access matrix.
    • Govern the reviews on application and database monitoring logs/alerts
  • Cybersecurity
    • Perform security testing (penetration tests) as part of issue verification
    • Review the relevant results of pentest, network and source code vulnerability scans to assess the risk and recommend mitigating controls
    • Track and monitor the cybersecurity-related issues until closure
  • IT Risk Governance
    • Ensure all compliance and security control functions are performed in a timely and structured manner.
    • Track and monitor security-related issue/action plan arising from self-declaration, risk events, key risk indicators, regulatory inspections, audits, security assessment activities or other risk issues, and alert management of potential and/or actual past due issues
    • Review and validate significant security incidents reported for factual accuracy, proper categorization of event, cause, effect and ensure that proper action plans are established to correct and prevent event from recurring.
    • Promote risk and control awareness, including ensuring operational risk trainings are conducted and training plans are established and complied with
    • Coordinate with auditors (internal, external, regulators) and application teams for all requests for information and to track all the outstanding items
    Requirements
    • ID management
    • Penetration testing/security review/ID review on different OS and DB platforms
    • IT Risk Management including escalation
    • Minimum number of years required: 5 years and above
    • Self-starter with a proven track record in ID management and cybersecurity
    • Must have experience in ID review on AIX, LINUX, WINTEL, MARIADB, ORACLE, SOLARIS
    • Comfortable working in an extremely fast paced environment, meet deadlines and prioritize accordingly
    • Critical thinking; ability to understand, dissect and analyse information
    • Promotes a culture of collaboration and teamwork
    • Strong written and verbal communication skills combined
    • Able to write programs and scripts will be an advantage
    Apply Now

    We offer a competitive salary and benefits package and the professional advantages of a dynamic environment that supports your development and recognises your achievements.