About UOB United Overseas Bank Limited (UOB) is a leading bank in Asia with a global network of more than 500 branches and offices in 19 countries and territories in Asia Pacific, Europe and North America. In Asia, we operate through our head office in Singapore and banking subsidiaries in China, Indonesia, Malaysia and Thailand, as well as branches and offices. Our history spans more than 80 years. Over this time, we have been guided by our values - Honorable, Enterprising, United and Committed. This means we always strive to do what is right, build for the future, work as one team and pursue long-term success. It is how we work, consistently, be it towards the company, our colleagues or our customers.
About the Department The Technology and Operations function is comprised of five teams of specialists with distinct capabilities: business partnership, technology, operations, risk governance and planning support and services. We work closely together to harness the power of technology to support our physical and digital banking services and operations. This includes developing, centralising and standardising technology systems as well as banking operations in Singapore and overseas branches.
Job Responsibilities Support in developing and implementing advance new use cases and threat model as per the Cyber Security landscape by following industry leading Security framework and enhance the existing use cases and threat model detection capabilities to detect sophisticated cyber-attacks. Key Responsibilities:
Drive and lead advanced security analytics initiative to drive value from Security Analytics.
Review all existing Security contents in SIEM and Big Data Security Analytics
Define new use cases and threat models and risk score threshold for use cases on SIEM and BIG Data platform
Work with other stakeholders and develop custom use cases
Ability to understand business problems and apply technology solutions, leveraging technology trends to deliver results by working closing with SOC and other key stakeholders
Work with respective engineering team to articulate the clear requirements of attributes related for each data feeds those are required for creating use cases and threat model
Development, implementation and maintenance of use cases and also develop content around threat intel feeds
Map all current and new use cases to MITRE ATT&CK framework and NIST methodology
Develop detection strategies and security content for various threats
Responsible for proactively developing common and known use cases.
Development, optimization and management of use case framework
Working with SOC and other key stakeholders in explaining all use cases and threat model for UAT, other testing and fine tuning.
Performing Data Analytics and Threat hunting to get the context for use cases and threat model creation.
Integrate and Monitor threat intel feed on the SIEM and Big Data platforms
Monitor and track threat feeds ingestion and best utilization of threat feeds
Use case (life cycle) management (research, development & maintenance)
Conduct detailed analytical queries and investigations, identify areas that require specific attention, identify indicators of compromise (IOC) or events of interest (EOI) that need further investigation and develop use cases and rules to be developed into the SIEM platform
Create and enhance internal processes and procedures how to the business requirements from other stakeholders.
Act as a mentor and team lead to all First Level Security Analysts, support and supervise them, ensure knowledge transfer within the team
Deliver qualified information about actual threats and indications, recommendations how the associated risk can be mitigated
Develop, automate and maintain reports and dashboards
Train and coach members of project groups to ensure effective knowledge management
Engage in Purple Teaming exercises with our Red Team.
Job Requirements Education
ITC/Diploma/Degree in engineering/Computer Science / IT/Cyber Security from a recognized education institution
Demonstrated content development experience on any analytical platform or solution.