Total 2 security job vacancies in d06 beach road high street

We’re on a mission to make financial services accessible and effortless for SMEs. As one of Singapore’s latest digital wholesale banks fully regulated by MAS, we’re committed to continuous innovation to bring about simpler, safer and more rewarding financial services. #bringingaboutwhatsnext

We are looking for a highly motivated Bank Security Engineer who will report directly to the Chief Information Security Officer (CISO). The ideal candidate will possess advanced proficiency in firewall and Web Application Firewall (WAF), Mobile Device Management (MDM), cloud desktop security, bastion host configuration, as well as Identity and Access Management (IAM) and Key Management Service (KMS) administration. In this pivotal role, you will collaborate closely with our Security Engineer Lead to design, deploy, and sustain the bank's security infrastructure. Your primary objective will be to fortify our defenses against cyber threats while ensuring adherence to regulatory mandates.

Job Description:

• Manage the end-to-end lifecycle of security solutions with Infra team.
• Implement and oversee the configuration of firewall and Web Application Firewall (WAF) systems to safeguard the bank's applications against external threats and malicious attacks.
• Collaborate closely with the infrastructure team to facilitate the monthly rollout of security patches across all cloud instances and data centre security systems.
• Administer Mobile Device Management (MDM) solutions to ensure secure access and management of mobile devices used by bank employees.
• Oversee the formulation and maintenance of cloud desktop security policies, including the coordination with the infrastructure team to apply security patches. This ensures the secure access to banking applications and data.
• Configure and manage bastion hosts to provide secure remote access to internal banking systems for authorized users, including employees and third-party partners.
• Administer Identity and Access Management (IAM) systems to control user access and permissions across the bank's internal applications and databases.
• Oversee Key Management Systems (KMS) and Hardware Security Modules (HSM) to facilitate the lifecycle management of digital certificates and cryptographic keys, including generation, distribution, rotation, and revocation of digital certificates and cryptographic keys.
• Implementation of various kernel hardening techniques in accordance with industry standards.
• Continuously evaluate and enhance overall security posture of cloud environments and maintain a good security score.
• Troubleshoot and resolve device outages with technology teams, engineers and vendors. Perform the incident and problems management for security systems.
• Ensure security systems are implemented and operated in compliance with regulatory requirements, the established security standards and control procedures.

Requirement:

• BS/MS in Computer Science / Cybersecurity with 5 years and above relevant experience in cyber security, with a focus on network security, endpoints security and identity access management domains
• Experience implementing, operating cloud-based security systems and services
• Experience solutioning and incorporating technical security controls align with industrial framework and regulatory requirements such as NIST CSF framework, MAS TRMG, MAS Cloud Advisory
• Hands-on experience deploying, operating, automating security systems
• Strong working knowledge of cloud computing, OS, networking (TCP/IP, DNS, proxy, etc) and its security aspects
• Keeps abreast with relevant vulnerabilities, response and mitigating technical controls
• Strong analytical skills and a problem-solver
• Relevant certifications in CISSP, CISA, GSEC, CEH will be an added advantage

We’re on a mission to make financial services accessible and effortless for SMEs. As one of Singapore’s latest digital wholesale banks fully regulated by MAS, we’re committed to continuous innovation to bring about simpler, safer and more rewarding financial services. #bringingaboutwhatsnext

We are looking for a passionate application security professional to be part of ANEXT Bank’s Cyber Security team, to protect our applications and infrastructure from the ever-evolving threats.

Qualified candidates are expected to:

• Perform application and infrastructure vulnerability assessments, source code reviews, and internal penetration tests on web and mobile applications to identify vulnerabilities and security risks
• Own and continuously enhance the bank’s application and infrastructure vulnerability management process, including end-to-end identification, tracking and remediation work
• Work with external pentest team to perform independent penetration tests on web and mobile applications, triage the security findings and manage the remediations required
• Participate in the system design and architecture security reviews of business projects to ensure security is incorporated into the early stages of the project development lifecycle
• Work with our dev and devops team to ensure security is integrated into the SDLC, provide expertise in advising dev team on the mitigation of identified vulnerabilities and application security risks
• Continuously enhance/improve the integration of security controls into CI/CD pipelines
• Conduct training to dev team on secure coding best practices and vulnerability remediation
• Ensure applications are designed and implemented following standard security principles such as layered defence, least privilege, etc
• Respond to and investigate security incidents related to application security
• Manage the bank’s application security systems
• Maintain and enhance application security policies, standards and operational procedures

Requirements:

• BS/MS in Computer Science / Computer Engineering / Cybersecurity with at least 5-year experience in cyber security and at least 2-year experience in penetration test/red teaming and vulnerability management
• Experience in conducting application and infrastructure security assessments
• Experience with application security and vulnerability assessment tools (e.g. Burp Suite, Kali Linux, Fortify, Nessus, NMAP)
• Strong analytical and communication skills in real time problem-solving
• Fast learner and keeps abreast with relevant vulnerability management and penetration test technology
• Relevant certifications such as OSCP and CISSP will be an added advantage