Job Detail

Integration Service Security Engineer

IN

Job Description

Ready to take the next step in your career with us? 

 

To us, good performance is about much more than turning a profit.  It's about showing how you embody our valued behaviours - do the right thing, better together and never settle - as well as our brand promise, Here for good. 

 

We're committed to promoting equality in the workplace and creating an inclusive and flexible culture - one where everyone can realise their full potential and make a positive contribution to our organisation. This in turn helps us to provide better support to our broad client base. 

 

 

 

The Role Responsibilities

 

 

Integration Service, being part of Bank’s Enterprise Technology, is considered as the veins and arteries of the bank’s IT systems & carriers of data for bank's global system. The critical service offerings deal with transportation of real time transactions, reports, file transfers, emails, SMS, synchronous and asynchronous events, batch transactions, east-west and north-south traffic and much more.

 

 

We are looking for Integration Service security engineer who are well-versed in cyber security and possess deep technical and operational hand-on skillset to assist in embedding security into the design, engineering, and operation of various service offerings in Integration Services.  

 

In this role, not only you will have great exposure to learn the most advanced integration technology such as IBM MQ, Solace messaging, Webmethod broker, APIs gateway, Cloud, and DevSecOp, but also the opportunity to work with most talented people from a diverse background including solution architects, developers, engineers, risk managers and other cyber security experts across the organization. 

 

 

Responsibilities:

  • Perform and document Secure-by-Design architectural review for the complex interconnected systems and solutions used by Integration Services deployed both on-Prem and in the Cloud. In doing so, systemically apply threat modelling technique to proactively identify threats and recommend security controls to mitigate them.
     
  • Develop product specific security standard and configuration guideline by taking into consideration of industry security best practices, the Bank’s operating environment, as well group ICS policy/ standards. Additionally, work with product engineer to develop tooling and processes to enforce the configuration baseline and risk manage exceptions.
     
  • Drive the adoption of the Bank’s central security Policy/Standards, Services, tooling and processes within Integration Services (e.g. Security Impact Assessment, Privileged ID management, Crypto-as-a-Service, IAM service, etc) to improve the security posture. Where needed, tweak to make them fit-for-purpose to meet the specific needs of the Business. 

 

  • Analyse security requirements, contribute to architect and design of innovative solutions to meet the unique security needs of Integration Services, such as built more effective security patching methods, or implement security logging and monitoring solutions. 

 

  • Act in first line of defence capacity to continuously perform security risk assessment in diverse platform environments including cloud based, on-prem & hybrid deployment of systems including middleware, backend and application services, as well as drive related security improvement plan. 

 

  • Analyse security vulnerability and penetration testing report, audit findings. Work with Services owners to risk assess and prioritize remediation. Occasionally, handle security incident and response in collaboration with service owner and Cyber Defence Centre. 

 

  • Engage a diverse internal and external stakeholder including developers, architects, other security engineer, risk and audit function, act as focal point for all security related remediation activity and program management.
     
  • Promote positive security culture among Integration Services, such as conduct security awareness and education brownbag session. Take every opportunity to influence stakeholders to give adequate consideration to security in their decision making process. 

 

  • Drive end to end system security through 4D secure approach (secure by design, secure in development, secure by deployment, secure by default), by working with diverse stakeholders and navigating through complex environment. 

 

  • Provide input to project management, budget, resource, and technology selection RFP. 

 

  • Identify continuous improvement opportunity to simplify and streamline security processes while enabling Business. 

 

 

Regulatory & Business Conduct

  • Display exemplary conduct and live by the Group’s Values and Code of Conduct.
  • Take personal responsibility for embedding the highest standards of ethics, including regulatory and business conduct, across Standard Chartered Bank. This includes understanding and ensuring compliance with, in letter and spirit, all applicable laws, regulations, guidelines and the Group Code of Conduct.
  • Lead the Integration Design Engineering team to achieve the outcomes set out in the Bank’s Conduct Principles: Fair Outcomes for Clients; Effective Financial Markets; Financial Crime Compliance; The Right Environment.
  • Effectively and collaboratively identify, escalate, mitigate and resolve risk, conduct and compliance matters.

Job Requirement

Our Ideal Candidate

 

  • Deep technical know-how on security technology such as IAM, PKI, Cryptography, application security, networking and Cloud security.   
  • Capable of conducting deep technical research into advanced technology or product to understand security implications and derive implementation plan. 
  • Experience in working with CI/CD, DevSecOps, including Bitbucket, Jenkin, Hashicorp, container technology, OCP/Kubernetes, and deploying application in AWS/Azure. 
  • Familiar with enterprise integration concept such as SOA, ESB, understand how technology protocol works such as SOAP and REST web, XML, JSON, JWT, Oauth, OIDC. 
  • It is a plus, however not a must, to have prior hands-on experience with middleware technology such as IBM MQ, Solace, Software AG webmethod, Axway, API gateway, CDN, Reverse proxy. However, the candidate MUST be willing to invest in continuous learning and acquire new skills as needed.   
  • Familiar with one or more programming languages such as Java or Python, PERL, PowerShell, and able to perform coding and debugging when required.  
  • Good at explaining security concepts to non security people and articulate security risks to senior stakeholders in an impactful manner.  
  • At least 8-10 years Working experience in Technology, preferably with exposure in Banking and Finance Technology.    
  • Bachelor’s degree (or higher) in Computer Science or related field 
  • Relevant security certification such as CISSP, GIAC, AWS, Azure is an advantage 
  • Ability to work with geographically dispersed and highly varied stakeholders 
  • Able to embrace agile working in a dynamic and fast paced environment.

 

Must possess sharp technical acumen, excellent interpersonal skills and multi-cultural awareness and sensitivity

Logo
View More Jobs
Standard Chartered Bank India
Standard Chartered Bank is India’s largest international bank with 100 branches in 43 cities, and we have been operating here since 1858. Key clients segments include Corporate & Institutional Banking, Commercial & Private Banking as well as Retail Banking. Standard Chartered also has the following subsidiaries operating in India: Standard Chartered Securities (India) Ltd; Standard Chartered Investments and Loans (India) Ltd; Standard Chartered Finance Limited and Standard Chartered GBS Pvt Ltd. We offer banking services that help people and companies to succeed, creating wealth and growth across our markets. Our heritage and values are expressed in our brand promise – Here for good. With 85,000 employees and a presence in 60 markets, our network serves customers in close to 150 markets worldwide. We’re listed on the London and Hong Kong Stock Exchanges as well as the Bombay and National Stock Exchanges in India.FSTS Integration function is responsible for the building Integration assets for the bank and make them “Fit for Purpose with Growth” through strategic programs. FSTS Integration is a dynamic and diverse team within the T&I; department, which is spread across multiple global locations and is focused on enhancing the technical and operational capabilities of the FSTS Integration assets for the bank. It is a forward-thinking and highly productive area and an excellent place for technologists and associated support functions to succeed in a rapidly changing and challenging environment.

Contact Us
Website
×

Full Name*
Email address*
Upload a different Resume (Your application will be submitted using this resume instead)
Choose a file
Only .pdf is allowed
HACKERBUCK AWARDED

Report

Harassment or bullying behavior
Contains mature or sensitive content
Contains misleading or false information
Contains abusive or derogatory content
Contains spam, fake content or potential malware

Block Member?

Please confirm you want to block this member.

You will no longer be able to:

  • See blocked member's posts
  • Mention this member in posts
  • Invite this member to groups
  • Message this member
  • Add this member as a connection

Please note: This action will also remove this member from your connections and send a report to the site admin. Please allow a few minutes for this process to complete.

Report

You have already reported this .