- Permanent, Full time
- Standard Chartered Bank
Data Visualization/Modeler Analyst – Security Monitoring & Analytics
- Location: Singapore
- Salary: Competitive
- Job Type: Full time
Data Visualization/Modeler Analyst – Security Monitoring & AnalyticsAbout Standard Chartered
We are a leading international bank focused on helping people and companies prosper across Asia, Africa and the Middle East.
To us, good performance is about much more than turning a profit. It's about showing how you embody our valued behaviours - do the right thing, better together and never settle - as well as our brand promise, Here for good.
We're committed to promoting equality in the workplace and creating an inclusive and flexible culture - one where everyone can realise their full potential and make a positive contribution to our organisation. This in turn helps us to provide better support to our broad client base.
The Role Responsibilities
Security Technology Services (STS) is a critical function within Standard Chartered Bank operating under the overall purview of "Technology Services" .
The STS team is made up of cyber security thought leaders, who are accountable for the provision of a global set of cyber security services and products to maintain and continuously improve Bank's cyber security posture in today's ever evolving cyber security landscape.
The STS team protect the Bank from cyber security threats by delivering effective information security technology services, managing and responding to security incidents to ensure, and support the continuity and growth of Bank's business operations; and meet the both internal and external stakeholders' expectations across 70+ countries and territories, in which SCB operates.
As part of the Security Transformation activities within SCB, STS is going through a capability transformation covering process and technology. The Security Monitoring & Analytics service is looking for a skilled data visualization / data modeler to join the Security Analytics sub-service. You will be designing and implementing data models within Splunk, developing advanced/interactive dashboards providing telemetry into threats, and custom machine learning detection models to mature detection capabilities within the bank. If you are proactive, idea driven, and capable of coming up with innovative/creative ideas and solutions to mature the analytics capabilities within the SMA service then this role is designed for you.
- Ensure data normalization and CIM mapping across data sources in Splunk/Splunk ES/Splunk UBA
- Develop and implement custom detection models in Splunk UBA or other analytics platform to detect advanced adversaries
- Develop interactive dashboards to support telemetry, hunt capabilities, and triage actions for security operations teams
- Work closely with Security Automation, Orchestration, and Response (SOAR) developers to build and automate playbooks aligned to analytics
- Develop Proof of Concept machine learning models for use cases and security visualizations
- Work with stakeholders to identify use cases and candidate data/platforms for implementing into the analytics platform
- Evaluate existing use cases and identify opportunities to enhance the effectiveness via analytics
- Develop code to interface with internal/external API's and reference data sources for data enrichment
- Implement data models and data model accelerations in Splunk/Splunk ES
- Cyber Defence Centre (CDC)
- Threat Intelligence (TI)
- Vulnerability Management (IAVM)
Competencies (knowledge & skills):
- Experience working in Banking or large MNC, Information Security Technology
- In depth understanding of cyber-attack methodologies, vectors and corresponding mitigations in an Enterprise environment.
- Experience working in a security operations role (e.g., SOC, Threat Intelligence, Forensics) with a solid understanding of challenges faced by security analysts
- Strong Technical skills and good understanding in Security Monitoring & Analytics Technologies (e.g., Splunk, SIEM, ArcSight, Threat Intel Platform, Phantom/Demisto)
- Bachelor Degree in Engineering, Computer Science/Information Technology or its equivalent with security related certifications (e.g. SANS GIAC, CISSP)
- Highly entrepreneurial with a high level of motivational energy, passion in field and an unrelenting drive to success
- Strong sense of personal ownership and responsibility in accomplishing the service line and function goals.
- Able to get things done in a fast-paced environment. Be transparent and open around what doesn't work and what does
- Experience writing advanced Splunk Processing Language (SPL) queries
- Experience with graph databases (e.g., GraphDB, neo4j), concepts, and use cases, GraphQL
- Experience with DevOps solutions such as Terraform, Chef, Docker, Kubernetes, OpenShift, Jenkins
- Experience with Public and Hybrid cloud capabilities (e.g., AWS, Azure, Google)
- Experience implementing data models and data model accelerations in Splunk/Splunk ES
- Experience analyzing and optimizing code/SPL to make execution more efficient
- Experience with common machine learning libraries (e.g., MLlib, Scikit-learn, Tensorflow, Splunk MLTK)
Apply now to join the Bank for those with big career ambitions.