Information Security Analyst Csoc jobs at Td Bank in Singapore, Singapore

An opportunity has opened up to support Global Market Operations within the APAC Funding & Cash Management team. The position will require you to work closely with treasury dealers, securities settlements and other internal departments to manage day-to-day requirements. These include meeting daily cash cut-offs for payments, trade settlements and balance management of accounts while collaborating with the internal teams and stakeholders. Funding & Cash Management is a very fast paced, dynamic business and will require someone that is able to prioritize work load, meet deadlines and respond well under pressure.
• Process payments and funding in an accurate and timely manner
• Provide accurate and timely calculation of the bank’s daily obligations across multiple entities
• Investigate discrepancies to align funding projections figures across different business units
• Investigate and analyze discrepancies between cash and ledger.
• Support treasury on desk and stakeholders on various queries and projects relating to funding and payments
• Any other ad hoc duties/projects as required and assigned
• A Bachelor's degree or equivalent
• Proactive, confident and detail focused. Ability to coordinate with Treasury and Operational teams independently.
• Excellent communications skills.
• Ability to work under pressure in a team environment and demonstrate experience meeting multiple daily cut-off's.
• Ability to liaise with all levels of the firm and people with different experiences and backgrounds
• Self-motivated and able to work unsupervised. Candidate will be able to manage own time and know when to escalate
• Strong team player able to work well independently and collaboratively with peers and stakeholders.
• Meticulous attention to detail.
• Strong analytical skills

Other Qualifications:

• Strives to bring new thoughts and ideas to teams in order to drive innovation and unique solutions
• Excels in working among diverse viewpoints to determine the best path forward
• Experience in connecting with a diverse set of clients to understand future business needs - is a continuous learner
• Commitment to challenging the status quo and promoting positive change.
• Participate in and drive collaborative efforts to advance tools, technology, and ways of working to better serve an evolving client base
• Believes in value of diversity so we can reflect, connect and meet the diverse needs of our clients and employees around the world

• Quantitative, analytical, proactive, able to work under pressure while adhering to tight deadlines.
• Good understanding of the life cycle of a trade and related interactions between internal stakeholders.
• Commercial mindset to partner and help evolve the business.
• Confident and articulate communicator.
• Strong team player able to work well independently and collaboratively with peers and stakeholders.
• Control and risk focused. Able to initiate solutions to remediate problems.
• Excellent communication and interpersonal skills.
• Meticulous attention to detail.
• 5+ years of investment banking experience, preferably in a trade support or settlements function.
• Ownership of day-to-day securities lending transactional processing for APAC markets.
• Trade bookings, amendments and exceptions processing.
• Position management and asset optimization.
• Management of counterparty exposure.
• Fails and inventory management.
• Supporting business growth by working closely with front office, technology and global operations teams.
• Support a risk focused culture. Anticipate risks and escalate appropriately.
• Foster an environment which constantly questions process inefficiencies and implements appropriate improvements.

This role requires candidate to come with aptitude for problem solving, attention to detail, a risk and control mindset, good communication skill and is able to build good working relationship with various internal and external stakeholders.

• Processing of instruction for Corporate Action events in an accurate, timely and consistent manner, in accordance with departmental procedures and to the agreed service level.
• Managing internal and external stakeholders on Corporate Action issues
• Adhering to documented procedures, control guidelines and compliance framework
• Attending to reconciliation breaks in accounts on a daily basis
• Ensuring that all queries are attended to and investigated promptly
• Supporting change by assisting in devising and implementing improved processes
• Participating in project initiatives and taking up ad hoc tasks as required
• Managing operational risk associated within the processes
• Tertiary education with a good academic track record
• At least 2 years of experience in Corporate Actions
• Strong knowledge of Corporate/Investment Banking within the Prime Brokerage space is preferred
o Prime brokerage are services that banks offer to financial institutions to hedge funds and similar clients – e.g. processing of Coporate actions – ranges from cash management, securities lending (loaning shares of stock, commodities) and etc.
• Ability to work in a fast paced environment
• Ability to prioritize heavy workloads and work efficiently in dynamic environment to meet deadlines
• An independent and proactive worker with strong communication skills

Responsibilities:

The Identity Defense Specialist will support design efforts to build out new processes, controls, and supporting governance related to implementation of human and non-human account monitoring to protect the Bank. You will utilize in-depth technical knowledge and business requirements to help implement scalable solutions, inclusive of monitoring, alerting, and escalation frameworks focused on core account protections. Leveraging your knowledge of both common and emerging threats related to account take-over, you will have an opportunity to proactively develop, implement, and influence controls and policy within the digital identity domain. You will partner with leaders from line of business organizations to triage security events and report on impacting security incidents.

The Analyst will regularly collaborate with experts in and out of our team, both in country and in other regions, so excellent communication skills are very important. The role will also involve discussion with employees as part of alert analysis and disposition. If you are seeking a demanding role within Global Information Security (GIS) and have the required skills, this will be a great opportunity for you. Typically, applicants should have 3+ years of cybersecurity or engineering experience. Responsibilities include, but are not limited to:

• Actively investigate alerts related to potentially anomalous behavior/activity.
• Confidently and professionally interview/question users to determine or confirm root cause.
• Communicate effectively with response and business partners.
• Build and monitor Splunk alerting and dashboards.
• Identify areas for further process automation, simplification, and improvement.
• Provide status updates for executives and stakeholders in non-technical terms encompassing risk, impact, containment, remediation, etc.
• Risk management.
• Comprehensively document analysis, investigative activities, actions, etc.

Required Skills:

• 3+ years of experience with cloud information security related activities.
• 3+ years of experience in an operations focused cloud information security role.
• Experience conducting analysis/investigation and containment of potential data breaches or cyber security incidents.
• Ability to analyze data and evaluate relevance to a specific incident under investigation.
• Ability to handle multiple competing priorities in a fast-paced environment; ability to be decisive and take action without causing an undue delay.
• Ability to exercise independent judgment when responding to alerts.
• Ability to communicate effectively across all levels of the organization, to both technical and non-technical audiences.
• Familiarity with security vulnerabilities exploits and hacker techniques.
• Familiarity identity management standards, social engineering TTPs, and the incident response lifecycle.
• Familiarity with Splunk, and the ability to build queries, alerts, dashboards, etc.
• Knowledgeable of current authentication-based exploits.
• Proven experience presenting findings via written reports and orally to key stakeholders in clear and concise language.
• Supportive and can work well as part of a team as well as independently.
• Can remain calm under pressure.
• Ability to work in a strong team-orientated environment with a sense of urgency and resilience.
• Critical thinking - must be able to think outside the box and develop solutions to accomplish seemingly impossible tasks while remaining risk and objective focused.

Desired Skills:

Desired Skills/Qualifications/Certifications:

Cloud+; AZ-900 (Azure Fundamentals), AZ-500 (Azure Security Engineer Associate), SC-900 (Security, Compliance and Identity Fundamentals); AWS Certified Security Specialty 2024

Responsibilities:

The Identity Defense Specialist will support design efforts to build out new processes, controls, and supporting governance related to implementation of human and non-human account monitoring to protect the Bank. You will utilize in-depth technical knowledge and business requirements to help implement scalable solutions, inclusive of monitoring, alerting, and escalation frameworks focused on core account protections. Leveraging your knowledge of both common and emerging threats related to account take-over, you will have an opportunity to proactively develop, implement, and influence controls and policy within the digital identity domain. You will partner with leaders from line of business organizations to triage security events and report on impacting security incidents.

The Analyst will regularly collaborate with experts in and out of our team, both in country and in other regions, so excellent communication skills are very important. The role will also involve discussion with employees as part of alert analysis and disposition. If you are seeking a demanding role within Global Information Security (GIS) and have the required skills, this will be a great opportunity for you. Typically, applicants should have 3+ years of cybersecurity or engineering experience. Responsibilities include, but are not limited to:

• Actively investigate alerts related to potentially anomalous behavior/activity.
• Confidently and professionally interview/question users to determine or confirm root cause.
• Communicate effectively with response and business partners.
• Build and monitor Splunk alerting and dashboards.
• Identify areas for further process automation, simplification, and improvement.
• Provide status updates for executives and stakeholders in non-technical terms encompassing risk, impact, containment, remediation, etc.
• Risk management.
• Comprehensively document analysis, investigative activities, actions, etc.

Required Skills:

• 3+ years of experience with cloud information security related activities.
• 3+ years of experience in an operations focused cloud information security role.
• Experience conducting analysis/investigation and containment of potential data breaches or cyber security incidents.
• Ability to analyze data and evaluate relevance to a specific incident under investigation.
• Ability to handle multiple competing priorities in a fast-paced environment; ability to be decisive and take action without causing an undue delay.
• Ability to exercise independent judgment when responding to alerts.
• Ability to communicate effectively across all levels of the organization, to both technical and non-technical audiences.
• Familiarity with security vulnerabilities exploits and hacker techniques.
• Familiarity identity management standards, social engineering TTPs, and the incident response lifecycle.
• Familiarity with Splunk, and the ability to build queries, alerts, dashboards, etc.
• Knowledgeable of current authentication-based exploits.
• Proven experience presenting findings via written reports and orally to key stakeholders in clear and concise language.
• Supportive and can work well as part of a team as well as independently.
• Can remain calm under pressure.
• Ability to work in a strong team-orientated environment with a sense of urgency and resilience.
• Critical thinking - must be able to think outside the box and develop solutions to accomplish seemingly impossible tasks while remaining risk and objective focused.

Desired Skills:

Desired Skills/Qualifications/Certifications:

Cloud+; AZ-900 (Azure Fundamentals), AZ-500 (Azure Security Engineer Associate), SC-900 (Security, Compliance and Identity Fundamentals); AWS Certified Security Specialty 2024

Job Description:

Job Description:

Global Information Security (GIS) is responsible for protecting bank information systems, confidential and proprietary data, and customer information. GIS develops the bank’s Information Security strategy and policy, manages the Information Security program, identifies and addresses vulnerabilities and operates a global security operations center that monitors, detects and responds to cybersecurity incidents. Within GIS, Identity and Access Management (IAM) is a security discipline that enables the right individuals to access the right resources at the right times and in the right context. IAM addresses the mission-critical need to ensure appropriate access to the resources across increasingly heterogeneous technology environments, and to meet increasingly rigorous compliance requirements.

What you can expect in Identity & Access Management:

Responsibilities:

What you will do

• Process requisition for Id management account provisioning and deprovisioning.
• Provide L1 & L2 support for the internal resources via chat and mailbox channels as part of the 24x5 support.
• Work well as a team and build relationships to the global partners.
• Excellent organizational skills, with the ability to prioritize workload.
• Ability to multitask and maintain focus on all areas of responsibility concurrently.
• Taking ownership to identify and assess the appropriate outcome for the violation and manage through.
• Plan, manage and execute projects, partnering with line of business.
• Must be comfortable in delivering messages across a wide spectrum of individuals having varying degrees of technical understanding.
• Working in tandem with the global teams to support their initiatives and achieve Global Information Security goals.
• To identify, escalate and debate all risks in line with the bank’s framework.
• By analyzing events/metrics and escalation data, identify patterns and trends on high-risk controls and proactively suggest, develop and implement enhancements to reduce risk.

Required Skills:

Your background

• ID Access Management team (IAM) - Data Engineering and Service Enablement team is part of the Global Information Security team that manages the Bank’s Network accesses and entitlements adhering and adopts to the enterprise policies and standards.
• Possess at least Diploma/ Degree in Information Technology, information security or related field with minimum of 3 years relevant experience.

Required skills:

• Experience in ID Management account provisioning /deprovisioning. Platforms covers; Windows, CyberArk, SailPoint, Access Review and good to have knowledge on UNIX, Mainframe & Midrange.
• Preferably with knowledge in scripting (e.g., PowerShell, Phyton, VBA. JAVA and html) for infrastructure automation.
• Project Management
• Data Analysis (for reporting)
• 2 shifts on rotation (24x5):
• 1st Shift: 7am to 4pm SGT
• 2nd Shift: 8am to 5pm SGT
• Required to attend evening calls during US hours occasionally.
• Rotational weekend standby and public holidays coverage required.

Responsibilities: Secure Code Review

• Deliver secure code review assessment on programming languages such as Java, C#, PHP, Python, Perl, C/C++ , SQL, >
• Analyze and identify security vulnerabilities in source code using both automated and manual static analysis tools and techniques.
• Train and assist developers in writing secure software and remediating existing vulnerabilities.
• Develop and review custom vulnerability description, business impact and remediation content.
• Develop, research, and recommend open-source tools assisting in secure code review.
• Contribute to development and delivery of secure coding and remediation training.
• Mentor and assist team members in effectively delivering assessments and enhancing skillsets.
• Key Lead in Release Based Testing Process and Td Mitigation Proposal Review Process.
• On Call Position – to approve change requests if needed.

Responsibilities: Pentesting

• Conduct thorough and comprehensive penetration testing on various applications, networks, and infrastructure using both manual and automated techniques.
• Identify vulnerabilities in a web applications, mobile applications, and manual code reviews.
• Document and report findings and provide actionable recommendations to improve security posture.
• Collaborate with other team members and application development teams to assess security risks and assist in remediation and mitigation strategies.
• Research and stay up to date with the latest trends, threats, and vulnerabilities in the cybersecurity industry.
• Communicate effectively with technical and non-technical stakeholders, as well as other team members.

Requirements:

• Proven experience in conducting penetration testing and vulnerability assessments on various systems, networks, and applications.
• Proven experience in Secure Code Review.
• Expertise in using a range of penetration testing tools and techniques, including Burp Suite, Metasploit, and Nmap.
• Solid understanding of web applications, mobile applications, and databases.
• Experience in detecting, analysing and providing recommendation guidance on security vulnerabilities in at least two of the following languages: Java, C#, PHP, Python, Perl, C/C++ , SQL, >
• Hands-on experience conducting security focused static analysis using commercial SAST tools such as Checkmarx, Appscan Source, Veracode, Coverity, Fortify and SonarQube.
• Strong analytical and problem-solving skills.
• Excellent written and verbal communication skills.
• Ability to work both independently and as part of a team.
• Relevant industry certifications such as OSCP a plus.

Experience and Education:

• University degree
• Information security certification / accreditation an asset
• 5+ years of relevant experience
• 3+ years of experience in application security including secure code review, web application penetration testing or threat modelling.
• Detailed understanding of the OWASP Top 10 and CWE Top 25 issues with focus on ability to identify and remediate vulnerability in source code.
• Ability to explain risk and business impact of security vulnerabilities in source code to variety of audience.

If you’re interested in a specific career path or are looking to build certain skills, we want to help you succeed. You’ll have regular career, development, and performance conversations with your manager, as well as access to an online learning platform and a variety of mentoring programs to help you unlock future opportunities. Whether you have a passion for helping customers and want to expand your experience, or you want to coach and inspire your colleagues, there are many different career paths within our organization at TD – and we’re committed to helping you identify opportunities that support your goals.

We will provide training and onboarding sessions to ensure that you’ve got everything you need to succeed in your new role.