Cyber Defence & Fusion Centre Lead

Trust is the first of a new breed of banks in Singapore – digitally native and focused on delivering a delightful customer experience. You will work in a fast-paced and collaborative environment to solve new and interesting challenges each day. Together with our Trust team, you will help shape the future of our bank and be able to work on and solve many interesting challenges which we are facing, learn new ways of working, and help build delightful high quality products for our customers.

As a Cyber Defence & Fusion Centre Lead you'd be able to work on and solve some of the many interesting challenges we are facing, learn new ways of working, and build delightful high-quality products for our customers.

Job Responsibilities

The Cyber Defence & Fusion Centre Lead is at the center of the value we are offering our customers: driving best of breed capabilities and practices in the monitoring, detection, and response to threats. We are leading a close knit and lean team bringing in modern approaches to security, integrating cloud-native security designs, offensive security and agile development. You will lead a network of external managed security partners, internal analysts, engineers, and responders, and work closely with business stakeholders and technology engineers to design adaptive controls, improve security risk remediation, continuously improve our Time-to-Detect and Time-to-Remediate vulnerabilities and threats. As a Digital Bank focused on its customers’ wellbeing, the role will also lead the way in the collaborating with fraud prevention initiatives to ensure our customers are safe in their journey with the Bank.

Key Responsibilities

Our Digital Bank is set for a rapid growth and rapidly evolutive environment, thus the individual will need to shape and adapt a Cyber Defence Fusion Centre, continuously maintaining control effectiveness. The role will be set to evolve and grow over time as the company develops.

Not exhaustively, the Cyber Defence & Fusion Centre Leader will own the following outcomes:

• Defining an appropriate control and event monitoring strategy and operational framework, integrating existing frameworks and capabilities available in the group where relevant
• Managing the Managed Security Service Provider in charge of SIEM engineering and L1/L2 monitoring, to review and maintain effective SLAs and SLIs
• Building, testing and maintaining the effectiveness of cybersecurity and incident response playbooks
• Working closely with Product squads, Application Security and End-user Computing to ensure threat models are established and maintained, deriving adequate control plans adapted to each business context
• Collaborating closely with business stakeholders to improve persona-based risk identification, tune custom monitoring and improve insider threat anomaly detection
• Develop synergies with SCB Group’s counterpart to enable the maximum of capabilities and consolidate reporting frameworks
• Providing meaningful metrics and dashboards to product owners and control functions to facilitate the risk-based decision making through quantification
• Working closely with the group to ensure our Digital Bank meets and exceeds control objective requirements across cyber defence, investigations, incident response and forensics
• Automating the collection of control output artefacts and audit trails to facilitate audit and regulatory reporting
• Defining and developing Fusion Center capabilities with a focus on fraud prevention synergies and risk analytics
• Working with Offensive Security team to ensure the result of intrusion tests and bug bounties positively improve our capacity to detect and respond to flaws and attacks
• Developing and growing a team of talented engineers and analysts to support the delivery of our Digital Bank’s exciting customer services and the above outcomes

In order to be successful at the role, you must have the following:

• 10+ years of relevant experience, with a blend on operational analysis, incident response and vendor management
• Hands-on expertise to build and support the operational objective of the faster growing Digital Bank in the work
• Has in depth experience of building and running security operation centers and fusion centers, ideally with a good grasp of threats and requirements specific to Banking
• Self-driven, can articulate the risk of missing controls to all levels of executives
• Solid experience in control effectiveness assessment frameworks such as MITRE ATT&CK
• Collaborative, with a vision of how to work with developers to embed immutability, anomaly detection, forensics and normal-state resumption in the fabric of the application
• Ideally, has experience working in supporting regulated digital payment services such as payment industry & digital banking, or e-commerce services
• Experienced in monitoring, incident response and forensics in cloud environments, including IaaS providers, cloud-native platforms (Kubernetes) and SaaS third-party applications
• Develop response automation and forensics scripts and data analytics capabilities
• General understanding of DevOps and CI/CD pipelines in a context of security and compliance guardrails

Role Specific Technical Competencies

• Experienced in monitoring, incident response and forensics in cloud environments, including IaaS providers, cloud-native platforms (Kubernetes) and SaaS third-party applications
• Develop response automation and forensics scripts and data analytics capabilities
• General understanding of DevOps and CI/CD pipelines in a context of security and compliance guardrails

If you apply for a job with Trust or submit any personal information in connection with a possible job opportunity, you agree to our privacy notice for job applicants.

Come as you are! Trust is an inclusive and open-minded workplace. If you are good at what you do and care about doing a good job, that’s what we focus and want from you. So come as you are.