First VP, Security Architect, Group Information Security
Posting Date: 2 Oct 2024
Location: Singapore (City Area), SG, 048624
Company: United Overseas Bank Ltd
About UOB
United Overseas Bank Limited (UOB) is a leading bank in Asia with a global network of more than 500 branches and offices in 19 countries and territories in Asia Pacific, Europe and North America. In Asia, we operate through our head office in Singapore and banking subsidiaries in China, Indonesia, Malaysia and Thailand, as well as branches and offices. Our history spans more than 80 years. Over this time, we have been guided by our values – Honorable, Enterprising, United and Committed. This means we always strive to do what is right, build for the future, work as one team and pursue long-term success. It is how we work, consistently, be it towards the company, our colleagues or our customers.
About the Department
Group Technology and Operations (GTO) provides software and system development, information technology support services and banking operations. We have centralized and standardized the technology components into Singapore, creating a global footprint which can be utilized for supporting our regional subsidiaries and the branches around the world. We operate and support 19 countries with this architecture to provide a secure and flexible banking infrastructure. Our Operations divisions provide transactional customer services for our businesses while also focusing on cost efficiency through process improvements, automation and straight through processing.
Job Responsibilities
Security Architects are trusted partners and key enablers in GTO. Security Architects work with GTO teams that design, implement and operate the bank’s IT systems and applications to build in effective and consistent security controls to meet business needs, comply with regulatory requirements and protect the organization against cyberattacks.
Job Role & Responsibilities
- Drive the security design in the Group. Develop security reference architecture and design patterns that can be adopted as part of the enterprise standard and building blocks. Promote the use of standard security controls and design patterns across the organization.
- Conduct security architecture reviews across Group wide projects to ensure that effective security controls are built in and aligned to reference design.
- Identify design gaps in existing or new systems and drive the review, evaluation, and recommendations of security controls to address the risks.
- As a trusted subject matter expert, provide security advisories to stakeholders at all levels in IT and Non-IT teams. Communicate security requirements for IT systems across various security domains such as Data, Network, Workload, Cloud and Application security.
- Support the Group’s information and cyber security strategy. Represent Group IS Department, support the architecture development community and participate in related technology working groups.
- Drive the innovation on cyber security systems architecture and design. Stay current with technology trends. Connect and collaborate with regulatory and professional bodies, industry and domain experts.
Job Requirements
- Degree in Information Security, Computer Science/Engineering or related discipline. At least 10 - 15 years of relevant security experience across security domains such as Application, Cloud, Data, Application, Workload, Network, Identity & Access Management (IAM), Vulnerability Management and Security Monitoring in large and complex environment such as MNCs and Financial Institutions.
- Deep knowledge and hands-on experience in one or more of the following domains:
- Application Security: Banking system security, web application security, API security, authentication/authorization protocols, etc.
- Infrastructure Security: Networking, Operating systems, Databases, Zero trust, Security monitoring solutions and Cryptography, etc.
- Cloud Security/DevSecOps: Cloud native environment such as public cloud, containers, serverless. DevSecOps practices and tools for integrating security into CI/CD pipelines, etc.
- Good understanding on key aspects of IT lifecycle including strategic planning, application development, implementation & support, IT infrastructure and operations, vendor management, IT audit, risk management and business continuity planning.
- Relevant security certifications such as CISSP, TOGAF, SABSA, CCSK, CCIE Security or certifications from AWS/Azure/SANS/CREST, etc.
- Candidates currently in related architecture roles but intending to switch to security domains will also be considered.
- Excellent written and verbal communication skills and ability to explain complex topics to both technical and non-technical audiences at all levels.
- Meticulous and inquisitive with strong analytical and problem-solving skills.
- Able to work independently or in a team with minimal supervision.
Be a part of UOB Family
UOB is an equal opportunity employer. UOB does not discriminate on the basis of a candidate's age, race, gender, color, religion, sexual orientation, physical or mental disability, or other non-merit factors. All employment decisions at UOB are based on business needs, job requirements and qualifications. If you require any assistance or accommodations to be made for the recruitment process, please inform us when you submit your online application.