Overview
Group Technology Services
Description
The candidate is responsible for performing monitoring and analysing cyber threats that occur within the organisation. The candidate is expected to provide accurate evaluation, escalation of cyber incidents to the management and perform containment of incidents.
The candidate will operate in a 24×7 cyber security operations centre (located in the East). Advancement opportunities will be given to candidates with exemplary performance.
Main Responsibility
– Perform monitoring, analysis/investigation and escalation of real-time security events.
– Provide timely detection, identification and containment of possible cyber-attacks/intrusions.
– Determine the effectiveness and impact assessment of an observed attack.
– Log security events and manage till closure
– Ensure that Service Level Agreements are met
– Additional responsibilities will include reporting, documenting cyber security events, as well as supporting the team in cyber security related matters.
Qualifications
• The candidate should ideally hold a Degree or Diploma related to the field of cyber security.
• Both fresh graduates and candidates with relevant experience are welcomed to apply. On-the-job training will be provided.
• Knowledge of common network tools (e.g., ping, traceroute, nslookup)
• Knowledge of cyber defence policies, procedures, and regulations
• Knowledge of different types of network communication (e.g., Local Area Network [LAN], Wide Area Network [WAN], Metropolitan Area Network [MAN], Wireless Wide Area Network [WWAN], Wireless Local Area Network [WLAN])
• Knowledge of SIEM, Intrusion Detection System (IDS) tools and applications
• Knowledge of different classes of attacks (e.g., passive, active, insider, close-in, distribution)
• Knowledge of vulnerability assessment tools, including open source tools, and their capabilities
• Knowledge of incident response and handling methodologies
• Knowledge of general attack stages (e.g., footprinting and scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks)
• Knowledge of the cyber defence service provider reporting structure and processes within one’s own organization
• Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, Procedural and injections, race conditions, covert channel, replay, return-oriented attacks, malicious code)Language/Structured Query Language [PL/SQL]
Internal
• Ability to interpret and incorporate data from multiple tool sources
• Knowledge of file extensions (e.g. .dll, .bat, .zip, .pcap, .gzip)
• Knowledge of the common attack vectors on the network layer
• Skill in reading and interpreting signatures (e.g., Snort)
• Knowledge of web filtering technologies
• Knowledge of intrusion detection methodologies and techniques for detecting host- and network-based intrusions via intrusion detection technologies
• Knowledge of host/network access controls (e.g., access control list)
• Knowledge of network protocols (e.g., Transmission Control Protocol and Internet Protocol [TCP/IP], Dynamic Host Configuration Protocol [DHCP]) and directory services (e.g., Domain Name System [DNS])
• Knowledge of the common networking protocols (e.g., Transmission Control Protocol and Internet Protocol [TCP/IP]) and services (e.g., web, mail, Domain Name System [DNS]) and how they interact to provide network communications
• Knowledge of Windows command line (e.g., ipconfig, netstat, dir, nbtstat)
• Knowledge of Defence-in-depth principles and network security architecture
• Knowledge of how traffic flows across the network (e.g., Transmission Control Protocol and Internet Protocol [TCP/IP], Open System Interconnection model [OSI], Information Technology Infrastructure Library [ITIL])
• Knowledge of signature implementation impact
• Skill in recognizing and categorizing types of vulnerabilities and associated attacks
• Skill in detecting host and network-based intrusions via intrusion detection technologies
Primary Location
: Singapore
Job
: Information Technology
Organization
: Group Technology Services
Schedule
: Permanent
Job Posting
: 06-Jan-2025, 11:46:18 AM
About OCBC Bank
OCBC is the longest established Singapore bank, formed in 1932 from the merger of three local banks, the oldest of which was founded in 1912. It is now the second largest financial services group in Southeast Asia by assets and one of the world’s most highly-rated banks, with an Aa1 rating from Moody’s. Recognised for its financial strength and stability, OCBC is consistently ranked among the World’s Top 50 Safest Banks by Global Finance and has been named Best Managed Bank in Singapore by The Asian Banker.
OCBC and its subsidiaries offer a broad array of commercial banking, specialist financial and wealth management services, ranging from consumer, corporate, investment, private and transaction banking to treasury, insurance, asset management and stockbroking services.
OCBC’s key markets are Singapore, Malaysia, Indonesia and Greater China. It has more than 570 branches and representative offices in 19 countries and regions. These include about 300 branches and offices in Indonesia under subsidiary Bank OCBC NISP, and over 90 branches and offices in Mainland China, Hong Kong SAR and Macau SAR under OCBC Wing Hang.
OCBC’s private banking services are provided by its wholly-owned subsidiary Bank of Singapore, which operates on a unique open-architecture product platform to source for the best-in-class products to meet its clients’ goals.
OCBC's insurance subsidiary, Great Eastern Holdings, is the oldest and most established life insurance group in Singapore and Malaysia. Its asset management subsidiary, Lion Global Investors, is one of the largest private sector asset management companies in Southeast Asia.
