Cyber Defence

Trust is the first of a new breed of banks in Singapore - digitally native and focused on delivering a delightful customer experience. You will work in a fast-paced and collaborative environment to solve new and interesting challenges each day. Together with our Trust team, you will help shape the future of our bank and be able to work on and solve many interesting challenges which we are facing, learn new ways of working, and help build delightful high quality products for our customers.

As a **Cyber Defence & Fusion Centre Lead** you'd be able to work on and solve some of the many interesting challenges we are facing, learn new ways of working, and build delightful high-quality products for our customers.

**Responsibilities**:
**Key Responsibilities**

Our Digital Bank is set for a rapid growth and rapidly evolutive environment, thus the individual will need to shape and adapt a Cyber Defence Fusion Centre, continuously maintaining control effectiveness. The role will be set to evolve and grow over time as the company develops.

Not exhaustively, the Cyber Defence & Fusion Centre Leader will own the following outcomes:

- Defining an appropriate control and event monitoring strategy and operational framework, integrating existing frameworks and capabilities available in the group where relevant
- Managing the Managed Security Service Provider in charge of SIEM engineering and L1/L2 monitoring, to review and maintain effective SLAs and SLIs
- Building, testing and maintaining the effectiveness of cybersecurity and incident response playbooks
- Working closely with Product squads, Application Security and End-user Computing to ensure threat models are established and maintained, deriving adequate control plans adapted to each business context
- Collaborating closely with business stakeholders to improve persona-based risk identification, tune custom monitoring and improve insider threat anomaly detection
- Develop synergies with SCB Group's counterpart to enable the maximum of capabilities and consolidate reporting frameworks
- Providing meaningful metrics and dashboards to product owners and control functions to facilitate the risk-based decision making through quantification
- Working closely with the group to ensure our Digital Bank meets and exceeds control objective requirements across cyber defence, investigations, incident response and forensics
- Automating the collection of control output artefacts and audit trails to facilitate audit and regulatory reporting
- Defining and developing Fusion Center capabilities with a focus on fraud prevention synergies and risk analytics
- Working with Offensive Security team to ensure the result of intrusion tests and bug bounties positively improve our capacity to detect and respond to flaws and attacks
- Developing and growing a team of talented engineers and analysts to support the delivery of our Digital Bank's exciting customer services and the above outcomes

In order to be successful at the role, you must have the following:

- 10+ years of relevant experience, with a blend on operational analysis, incident response and vendor management
- Hands-on expertise to build and support the operational objective of the faster growing Digital Bank in the work
- Has in depth experience of building and running security operation centers and fusion centers, ideally with a good grasp of threats and requirements specific to Banking
- Self-driven, can articulate the risk of missing controls to all levels of executives
- Solid experience in control effectiveness assessment frameworks such as MITRE ATT&CK
- Ideally, has experience working in supporting regulated digital payment services such as payment industry & digital banking, or e-commerce services
- Develop response automation and forensics scripts and data analytics capabilities
- General understanding of DevOps and CI/CD pipelines in a context of security and compliance guardrails

**Role Specific Technical Competencies**
- Develop response automation and forensics scripts and data analytics capabilities
- General understanding of DevOps and CI/CD pipelines in a context of security and compliance guardrails

**Come as you are** Trust is an inclusive and open-minded workplace. If you are good at what you do and care about doing a good job, that's what we focus and want from you. So come as you are.

**Trust is an equal opportunity employer. We prohibit discrimination and harassment of any kind.** We are committed to the principle of equal employment opportunity for all employees and to providing employees with a work environment free of discrimination and harassment. All employment decisions at Trust are based on business needs, job requirements and individual qualifications, without regard to age, gender, physical ability, race, religion or belief, family or parental status, sexuality, or any other status protected by laws or regulations. We will not tolerate discrimination or harassment based on any of these cha