VP, Cyber Threat Hunter, Group Information Security

About UOB

United Overseas Bank Limited (UOB) is a leading bank in Asia with a global network of more than 500 branches and offices in 19 countries and territories in Asia Pacific, Europe and North America. In Asia, we operate through our head office in Singapore and banking subsidiaries in China, Indonesia, Malaysia and Thailand, as well as branches and offices.
Our history spans more than 80 years. Over this time, we have been guided by our values — Honorable, Enterprising, United and Committed. This means we always strive to do what is right, build for the future, work as one team and pursue long-term success. It is how we work, consistently, be it towards the company, our colleagues or our customers.
 

About the Department

The Technology and Operations function is comprised of five teams of specialists with distinct capabilities: business partnership, technology, operations, risk governance and planning support and services. We work closely together to harness the power of technology to support our physical and digital banking services and operations. This includes developing, centralising and standardising technology systems as well as banking operations in Singapore and overseas branches.
 

Job Responsibilities

The Cyber Threat Hunter is a specialist role within UOB’s Group Security Operations Center (GSOC). The incumbent will be responsible for running day to day cyber threat hunting operations, leverage on advanced cyber tools, threat hunting techniques and intelligence to identify and mitigate potential cyber and emerging threats. In addition, the candidate must have good knowledge of cybersecurity principles and a deep understanding of the current state of cyber adversary tactics and techniques. Candidates must have past working experience in building cyber threat use-case or automation to enhance the detection, prevention, response and monitoring capabilities for security operations.

Key Responsibilities:

• Proactive threat hunting activity with advanced cyber tools, work with machine data from multiple sources to determine anomalies, threats and suspected compromises. 
• Conduct security analysis using logs, network traffic and other sources. 
• Conduct cyber forensics investigation and analysis.
• Continuously re-engineer and tune GSOC workflows and capabilities to improve operational effectiveness. 
• Develop and streamline GSOC prevent, detect, response processes using automation and orchestration tools.
• Respond to Cyber threats. \
• Provide subject matter expertise to the incident response manager. 
• Develop and operationalize new threat response mechanism and processes. 
• Conduct Cyber response exercises to tune processes and maintain operational readiness.
• Participate in Red team, Purple team exercises and table top drills.
• Support and maintain GSOC’s detection, prevention, response and monitoring systems and infrastructure via change management process. 
• Enhance current detection capabilities and develop new detection use-cases
• Conduct POC, testing and build enhancements on GSOC security systems. Implement new technology and process improvements to security monitoring and cyber defense mechanisms. 
• Research and define requirements for new projects; perform product evaluations and technical Proof of Concepts

Others:

• Perform as a member of the Cyber security capability enhancement team to drive or participate in product evaluation, project discussion and deployments
• Collaborate with other cross-functional teams in projects to enhance threat detection and response
• Work within established practices and handling guidelines to develop and deploy preventive maintenance processes for GSOC infrastructure
• Work with internal technical teams and engineers in technical troubleshooting, exercises and forums
• Available to respond to client requests and assist with troubleshooting activities
• Able to resolve customer related issues with minimal guidance
• Communicate effectively with a variety of internal teams and external contacts including technical and executive contacts
• Capable of juggling variety of priorities and deliverables in an interrupt driven environment with minimal guidance or supervision

Job Requirements

Education

• ITC/Diploma/Degree in engineering/Computer Science / IT/Cyber Security from a recognized education institution
• Professional security related qualification (e.g. SANS GCIA, GCIH, GCFA, GREM etc.) is favorable

Technical Skills and experience

• Min 6-8 years of relevant Cyber security experience with at least 3 years hands-on experience in threat hunting
• Experienced with SOC operations and processes
• Advanced understanding of Cyber security, threat response and incident response
• Advanced understanding of Unix/Linux and Windows infrastructure and systems
• Understanding of Cloud infrastructure and systems
• Advanced understanding of adversary TTPs including the Mitre Att&ck framework
• Hands-on experience in SIEM/security analytics use cases
• Hands-on coding experience: powershell, python, VBA, scripting
• Hands-on experience working on X/EDR
• Hands-on experience in network packet analysis
• Hands-on experience in SOAR use cases 
• Use of malware analysis platforms and tools
• Use of cyber forensics platforms and tools
• Use of threat intelligence platforms and tools
• Malware reverse engineering

Soft Skills

• Good written and verbal communication skills
• Process and procedure adherence
• Strong analytical and problem solving skills

Other Requirements

• Willing to perform on-call duties.

Be a part of UOB Family

UOB is an equal opportunity employer. UOB does not discriminate on the basis of a candidate's age, race, gender, color, religion, sexual orientation, physical or mental disability, or other non-merit factors. All employment decisions at UOB are based on business needs, job requirements and qualifications. If you require any assistance or accommodations to be made for the recruitment process, please inform us when you submit your online application.

Apply now and make a difference.

Competencies