Back to search results

Vice President, Security Operations Centre (SOC) Manager, Cyber Security Defence, Global Information Security

Singapore, Singapore

Job Description:

About Bank of America

Our purpose as a firm is to make financial lives better, through the power of every connection. Across the world, we partner with leading corporate and institutional investors through our offices in more than 35 countries. In the U.S. alone, we serve almost all of the Fortune 500 companies and approximately 67 million consumer and small-business clients. We provide a full suite of financial products and services, from banking and investments to asset and risk management. We cover a broad range of asset classes, making us a global leader in corporate and investment banking, sales and trading.

Connecting Asia Pacific to the world

Our Asia Pacific team is spread across 19 cities in 12 markets. We are focused on connecting Asia to the world and the world to Asia, using our global expertise to ensure success is shared between us, our clients and our communities. Our regional footprint covers 12 currencies, more than a dozen languages and five time zones, placing us firmly among the region’s leading financial services companies.

Position Description

Background: The Bank of America Global Information Security division (GIS) is seeking a positive, qualified security specialist to join the Cyber Security Operations/Defence, Monitoring and Triage team.

The M&T team directly supports the Security Operations Centre/Capability (SOC) by identifying, on-boarding and optimizing level one processes so that the SOC can perform initial triage for other operational teams that ultimately owns a control or process.

Candidate must be willing to enroll in Associate Investment Monitoring due to the nature of the role and access.

A strong customer relationship must be forged between partner operational teams in order to support legacy processes, as well as to identify new opportunities ongoing. A customer-service and consultant mind-set is important so that there is a purposeful, proactive effort to help partners/customers discover opportunities in level one processes, whether that be through transfer of new work to the SOC, or the optimization of existing work through optimization, efficiencies, and automation.

This sort of operational excellence is achieved through the proactive analysis and measurement of SOC effectiveness via metric collection and pattern identification. Our primary mission is the monitoring and timely triage of security events, mastery of the technologies and information we analyse, maintaining expert-level knowledge of detection tools and techniques, and proper escalation of incidents for immediate response, containment and recovery.

We are seeking a talented, well-rounded, self-motivated professional who have strong passion for cyber security, is exceptional in writing and verbal communications, and have a serious desire to learn.

This individual should be interested in being challenged on a daily basis to stay one step ahead of an ever-changing landscape of threats and adversaries.

We are also seeking individuals that are interested in working both collaboratively and independently to hunt down and identify anomalous and malicious activity, wherever it may be. Whether you are a seasoned cyber security professional or new to the field, we are looking for new team members to join us in defending our company as the first line of defence.

Responsibilities Include:

  • Effectively manage and lead SOC analysts
  • Ensure event triage is occurring on time
  • Ensure event triage is effective and accurate
  • Ensure capacity measurement is occurring and is within acceptable boundaries, allowing for burst capacity
  • Foster mentor relationships, based on personality and career aspirations, opportunities
  • Ensure Critical Thinking is being taught and utilized by SOC analysts
  • Assist SOC analysts in career development
  • Define and maintain new analyst on-boarding documentation and curriculum
  • Define and maintain training requirements
  • Assist in identifying any new processes the SOC can on-board
  • Maintain clear, consistent, accurate and dynamic documentation
  • Proactive relationship building and maintaining of existing relationships
  • Data pattern and trend identification via metric analysis, driving operational excellence and improvement
  • Maximize resource utilization (human, tools, etc.) through data analytics
  • Quality Assurance, ensure tickets are triaged correctly
  • Training SOC analysts on new and updates processes and tools
  • Weekly On-Call rotation, escalation point for after-hour queries or assistance for SOC staff
  • Detailed analysis using a variety of tools and techniques to investigate, navigate, correlate and understand cyber security incidents to the fullest extent of the data available
  • Tuning of rules, filters and policies for detection-related security technologies to improve accuracy and visibility
  • Data mining of log sources to uncover and investigate anomalous activity
  • Maintaining documentation of playbooks and procedures
  • Proper escalation and hand-off of security incidents for response, containment and recovery
  • Effective communication in both written and verbal form of event findings, analysis, current state

Required Skills:

  • Excellent verbal and written communication skills
  • Positive attitude
  • Flexibility, comfortable with change
  • Fast typing skills
  • Exceptional organizational abilities and attention to detail
  • Critical thinking, seeing beyond face-value
  • The ability to think creatively to find elegant solutions to complex problems
  • The ability to work both independently and collaboratively within a larger team
  • A willingness to be challenged along with a strong appetite for learning
  • Basic knowledge of common operating systems (Windows, Linux, etc.) and basic endpoint security principles, networking services and protocols (TCP/IP, SSH, FTP, DNS, DHCP, SMTP, SSL, etc.)
  • Basic understanding of common security technologies (IDS, Firewall, SIEM, etc.)
  • 3-5 years of experience in Cyber Security, Incident Response, or a related field
  • Prior experience detecting and analysing security events and/or responding to security incidents
  • Demonstrated ability to analyse and correlate information from a wide variety of enterprise technologies
  • Hands-on experience with common security technologies (IDS, Firewall, SIEM, etc.)
  • Knowledge of common security analysis tools & techniques
  • Understanding of common security threats, attack vectors, vulnerabilities and exploits
  • Search query language basics (SQL, Splunk, etc.)

Desired Skills:

  • Programming experience (Python, Perl, etc.)
  • Knowledge of regular expressions

Learn more about this role

Full time


Manages People:


Talent Acquisition Contact:

Referral Bonus:

Check out the Singapore office

Our office is near favourite Seah Im Food Centre and a short hop to Sentosa—a popular island resort and home of the Merlion, Singapore’s guardian of prosperity.

Close-up side shot of the words Bank of America Merrill Lynch on outside office wall

Street Address

Primary Location:
2 HARBOURFRONT PLACE, #02-01, Singapore, 098499