VP, DevSecOps Lead, Microservices & Continuous Delivery, Group Technology
Posting Date: 04-Oct-2020
Location: Raffles Place, Singapore, SG
Company: United Overseas Bank Limited About UOB
United Overseas Bank Limited (UOB) is a leading bank in Asia with a global network of more than 500 branches and offices in 19 countries and territories in Asia Pacific, Europe and North America. In Asia, we operate through our head office in Singapore and banking subsidiaries in China, Indonesia, Malaysia and Thailand, as well as branches and offices.
Our history spans more than 80 years. Over this time, we have been guided by our values - Honorable, Enterprising, United and Committed. This means we always strive to do what is right, build for the future, work as one team and pursue long-term success. It is how we work, consistently, be it towards the company, our colleagues or our customers. About the Department
The Technology and Operations
function is comprised of five teams of specialists with distinct capabilities: business partnership, technology, operations, risk governance and planning support and services. We work closely together to harness the power of technology to support our physical and digital banking services and operations. This includes developing, centralising and standardising technology systems as well as banking operations in Singapore and overseas branches. Job Responsibilities
You will be responsible for setting up DevSecOps strategy, roadmap, security standards and security gates to enhance the security practices in the DevOps pipeline as a measure of shift left methodology. The successful candidate must be a technically savvy, dynamic leader, excellent communicator, have demonstrable technical hands-on supporting DevSecOps implementation, setting up DevSecOps tools coupled with excellent infrastructure knowledge and automation expertise.
As part of a cross-functional product development group, you should be comfortable working with highly talented teams ensuring that modern technology and process are utilised as part of the role considering security as the top most priority.
- Develop AppSec roadmap, strategy, standards, policies, with Information Security team.
- Setup AppSec platforms, static application security testing (SAST), dynamic application security testing (DAST), software composition analysis (SCA), etc to fully integrate with central DevOps pipeline
- Design, develop and roll out AppSec tools with in-built security hard gates controls into standard DevOps pipeline
- Coordinate with the stakeholders to perform AppSec onboarding unto DevOps/DevSecOps pipeline.
- Lead analysis and resolution of root cause for DevSecOps issues covering platform, infrastructure and tools.
- Stay current with industry trends and leads development of key DevSecOps, Runtime, and Operational innovation platforms.
Be a part of UOB Family
- Deep technical background in security aspects such as static application security testing (SAST), dynamic application security testing (DAST) and software composition analysis (SCA)
- Technically savvy in setting up security strategy, roadmap, standards, maturity levels and soft/hard gates as part of DevSecOps pipeline.
- Sound knowledge in integrating security testing as part of DevSecOps pipeline to ensure security is in-built during build phase.
- In-depth understanding in setting up DevSecOps pipeline as a centralized solution including empowering features to development, testing and security teams.
- Possess solid knowledge in identifying security threats pro-actively and implement detection and prevention methods as part of DevSecOps pipeline.
- Prior experience installing, configuring and supporting security tools such as Veracode, blackduck, coverity, sonatype, whitesource and xray.
- Sound knowledge on DevSecOps governance, Security standards and audit requirements for DevSecOps pipeline.
- Strong leadership, motivator and experience with high performing teams
- Proven record of accomplishment of being results orientated with demonstrated ability to achieve aggressive goals.
- Be able to build relationships and obtain buy-in for proposed changes
- Evidenced delivery of complex projects
- Security concepts and what makes for a secure solution
- Analyzing, documenting and validating security requirements
- Ability to advice on industry standard tools for AppSec monitoring, alerting, configuration management and performance tuning of security detection and testing
- Able to design and execute security strategy and roadmap
- Ability to multitask and work in a fast-paced, collaborative team environment
- Excellent written and oral communication skills; writing, publishing and conference-level presentation skills
UOB is an equal opportunity employer. UOB does not discriminate on the basis of a candidate's age, race, gender, color, religion, sexual orientation, physical or mental disability, or other non-merit factors. All employment decisions at UOB are based on business needs, job requirements and qualifications. If you require any assistance or accommodations to be made for the recruitment process, please inform us when you submit your online application.
Apply now and make a difference.