Cyber Threat Analyst

About the Organization

As Singapore’s longest established bank, we have been dedicated to enabling individuals and businesses to achieve their aspirations since 1932. By taking the time to truly understand people, we provide support, services, solutions, and career paths that meet their needs.

Today, we are on a journey of transformation, leveraging technology and creativity to become a future-ready learning organisation. Our strategic ambition is to be Asia’s leading financial services partner for a sustainable future. We invite you to build the bank of the future, innovate the way we deliver financial services, and enjoy a vibrant, future-ready career.

Your Opportunity

Protecting our customers’ assets and data is at the heart of everything we do. As a Cyber Engineering – Risk professional, you will play a critical role in safeguarding our systems and networks from cyber threats and will be part of a team shaping the future of cybersecurity in the financial industry.

To succeed in this role, you will stay one step ahead of emerging threats, work closely with engineering teams to identify and mitigate risks, and develop strategies to protect our systems and data. You should be proactive, collaborative, and continuously seek ways to improve our cybersecurity posture.

What You Will Do

• Perform monitoring, analysis/investigation, and escalation of real-time security events.
• Provide timely detection, identification, and containment of possible cyber-attacks or intrusions.
• Determine the effectiveness and impact assessment of observed attacks.
• Log security events and manage them until closure.
• Ensure that applicable Service Level Agreements are met.
• Support the team with reporting, documentation of cyber security events, and other cyber security-related matters.

Who You Are / Qualifications

• The candidate should ideally hold a Degree or Diploma related to cyber security or a related field.
• Knowledge of common network tools (e.g., ping, traceroute, nslookup).
• Knowledge of cyber defence policies, procedures, and regulations.
• Knowledge of different types of network communication (LAN, WAN, MAN, WWAN, WLAN).
• Knowledge of SIEM, Intrusion Detection System (IDS) tools and applications.
• Knowledge of different classes of attacks (e.g., passive, active, insider, close-in, distribution).
• Knowledge of vulnerability assessment tools, including open-source tools, and their capabilities.
• Knowledge of incident response and handling methodologies.
• Knowledge of general attack stages (footprinting and scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks).
• Knowledge of the cyber defence service provider reporting structure and processes within one’s own organization.
• Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, cross-site scripting, injections, race conditions, malicious code).

What We Offer

Competitive base salary and a suite of holistic, flexible benefits to suit every lifestyle. Community initiatives and industry-leading learning and professional development opportunities. Equal opportunity and fair employment. Your wellbeing, growth, and aspirations are important to us as much as the needs of our customers.