VP, Red Team, Group Information Security

VP, Red Team, Group Information Security

Posting Date: 10-Aug-2022

Location: Singapore, Singapore, SG

Company: United Overseas Bank Limited

About UOB
United Overseas Bank Limited (UOB) is a leading bank in Asia with a global network of more than 500 branches and offices in 19 countries and territories in Asia Pacific, Europe and North America. In Asia, we operate through our head office in Singapore and banking subsidiaries in China, Indonesia, Malaysia and Thailand, as well as branches and offices.
Our history spans more than 80 years. Over this time, we have been guided by our values - Honorable, Enterprising, United and Committed. This means we always strive to do what is right, build for the future, work as one team and pursue long-term success. It is how we work, consistently, be it towards the company, our colleagues or our customers.

About the Department
Group Technology and Operations (GTO) provides software and system development, information technology support services and banking operations.
We have centralized and standardized the technology components into Singapore, creating a global footprint which can be utilized for supporting our regional subsidiaries and the branches around the world. We operate and support 19 countries with this architecture to provide a secure and flexible banking infrastructure.
Our Operations divisions provide transactional customer services for our businesses while also focusing on cost efficiency through process improvements, automation and straight through processing.

Job Responsibilities

• Plan and execute red team operations and campaigns across the spectrum of people, processes and technologies.
• Develop techniques from the Mitre ATT&CK framework and perform purple teaming exercises working closely with the SOC team to enhance detection and prevention capabilities.
• Support the development of red teaming methods, operations and simulations within and across the enterprise to include cyber security, personnel security, operations security, facilities security, and third party vendors/service providers.
• Provide cybersecurity technical testing services, including network, system or application penetration test and vulnerability assessment through in-depth technical analysis and exploitation of vulnerabilities.
• Provide regular threat/risk updates, presenting findings and learnings from cyber-attacks, red team operations, and cyber-attack simulations within a context of overall risk to the enterprise.
• Work closely with existing technology infrastructure, business application and security teams, both to receive input and to provide practical and actionable threat intelligence.
• Evaluate, build and support a set of open-source and commercial security tools.
• Plan and manage third party red teaming and penetration tests.
• Presentations in various committees on vulnerability status, results and penetration testing/red teaming schedule.

Job Requirements

• Bachelor degree in Computer Science, Computer Engineering, Software Engineering or related discipline.
• OSCP and/or CREST CRT certified.
• Advanced certifications such as OSCE, OSEP, CRTE, OSEE, GXPN, CREST CCT and CCSAS would be an advantage.
• At least 8 years of IT experience, in which over 5 years are in the domain of technical security testing, preferably in a banking environment.
• Excellent infrastructure and web penetration testing skills.
• Ability to circumvent incident detection processes when conducting red team operations.
• Ability to build custom tools and exploits using one or more of the following: powershell, python or C#.
• Knowledge of the latest Cybersecurity tools and vulnerabilities.
• Experience in utilizing the Mitre ATT&CK framework would be an advantage.
• Reverse engineering and exploit development experience would be an advantage.
• Red teaming and purple teaming experience would be an advantage, but not a requirements
• Excellent communication, writing and presentation skills.
• Ability to collaborate and share knowledge within a fast-moving environment.
• Ability to work effectively with a variety of stakeholders interests within the enterprise.

Be a part of UOB Family
UOB is an equal opportunity employer. UOB does not discriminate on the basis of a candidate's age, race, gender, color, religion, sexual orientation, physical or mental disability, or other non-merit factors. All employment decisions at UOB are based on business needs, job requirements and qualifications. If you require any assistance or accommodations to be made for the recruitment process, please inform us when you submit your online application.

Apply now and make a difference.