Senior Engineer, Open System

  • 90 Cecil St, Singapore
  • Full-time

Company Description

RHB Singapore is a progressive and growing financial organization. We are committed to creating a fulfilling, dynamic and engaging work environment for our team of more than 15,000 employees across locations in ASEAN.

Job Description

PRIMARY OBJECTIVES:

Perform system administration related duties including advise, analyze, plan, implement, maintain, support (and retire/refresh where required) all locally hosted (On premise, Cloud) infra components required to run Singapore operations:

• Maintain and ensure infra components running in production are in a healthy state;

• Analyze and recommend new infra component acquisitions to meet evolving Singapore Operation’s needs;

• Ensure IT is operated in a manner that complies with Bank Policies and frameworks, standards, circulars, guidelines and MAS regulated act, notices, circulars, and guidelines applicable to technology (Compliance, Audit, Risk Adherence). – Infra components

• Ensure IT assets are protected and secure – Infra components

• Assist in annual budgeting – Infra components

• Be a key stakeholder and technology partner on the bank Digital journey.

• Foster and champion bank PRIDE values within the technology department and imbue the department with a culture of teamwork, innovation, discipline, resiliency and dedication to how work is approached.

• Provide day-to-day support for infra components

• Participate in the setup of test environments to ensure business can do their enhancements and new projects testing for assign applications.

HW, OS, and Core Infra: Infra on premise hardware located in the data centers, server operating systems (Linux, Windows), Storage/SAN, VMware virtualization, Backup and archiving, AD/LDAP domain administration, DNS, MDM/BYOB, SCCM, Linux patch mgr, Endpoints

 

KEY RESPONSIBILITIES:

Strategy, Planning, Mgmt. Reporting

• Provide expert advice and support to technology management in the area of expertise

• Contribute in the formulation a comprehensive Branch IT strategy covering IT policies and procedures, security, architecture, business solutions and operational functional requirements

• Keep abreast of developments and innovations in the FI IT landscape

• Provide mentorship, support and guidance to colleagues, share information and facilitate problem solving

• Contribute in the yearly budgeting for IT expenditures and investments.

IT Operations

• Ensure infra components system health

• Ensure prompt and efficient provision of IT support based on assigned area of expertise (includes request from Data center operations team)

• Oversee contingency plans and ensure their adequacy

• Ensure IT assets are protected and secure

• Maintain and ensure timely renewal of digital certificates and proper lodgment with IT security team.

• Ensure IT operations run in a manner consistent with high score from audit, risk, compliance assessments. The following to be operationalized as standard procedure against all IT asset components:

– Administrative Accounts – All admin accounts lodged into PAM solution per group IT Security guidelines and MAS notice 655 point 4.1

– Patching – Patch notification process established with vendors and patch calendar updated, upon patch release assessment and implementation as needed Per patching guidelines and MAS notice 655 point 4.2

– Hardening - Per component definition and enforcement against SG security standard and Group IT Security guidelines and SG addendum/s and MAS notice 655 point 4.3

– Network Perimeter Defense – Network traffic and segments, firewalls, proxies, dns, vpn access setup in secure manner per group IT security guidelines and MAS notice 655 4.4

– Malware – IT Security consulted and all required IT security protections installed on IT assets per MAS notice 655 point 4.5

– Multi-factor Authentication – MFA, where applicable implement MFA of administrative and internet accounts with access to customer information using PAM per MAS notice 655 point 4.6

– Logging and Monitoring – Security, Capacity, Downtime, Audit

– Capacity Mgmt. – Pre-emptive monitoring (via monitoring), planning and execution of capacity upgrades as needed

– EOL/EOS Upgrades – Per group guidelines. Track and execute upgrades and/or do risk assessment and deviation approval.

– Housekeeping – scripted clean-ups and truncations of logs and temp files after necessary archives executed

– Backups – Required backup strategy per backup guidelines operationalized to central Backup Platform. Recurring scheduled backup validation activities scheduled and performed ongoing to ensure backups working per need.

• Work with system stakeholders to ensure proper classification of system criticality and ensure design and architecture can meet the assessed criticality needs:

– MAS 644 defined Critical system – Ensure DR setup and working and can achieve RTO within 4 hours, RPO within 2 hours and maximum unplanned downtime of not more than 4 hours per rolling 12 months;

– MAS 644 defined non-critical system – Ensure HA/DR per stakeholder requirement.

• BCM related activity planning and execution

• Review and Approve/Reject production change requests as part of TCAB committee

• Raise CAB CR as necessary

• Cutover related planning and execution

• Ensure and maintain adequate test environments in good working order to support enhancements and new projects;

• Track IT related spend against budget.

• Write Memos to authorize procurements

• Write Memos to get deviation approvals where required.

Application and Systems Development / New Platform Acquisition

• Work with project and application teams to provide infra component provisioning to support the projects

• Assist in the migration of applications to run on Cloud for existing systems based on end-user needs and business rationale.

• Assist team lead to write and table committee papers as required to get new systems and/or platforms, or major refreshes approved.

• Initiate and lead IT Infra related projects.

• Write Memos to authorize procurements

• Write Memos to get deviation approvals where required

• Work with Digital Delivery and DevOps team to support migration of workloads running on-premises to Cloud.

Regulatory and Procedural Expertise

• Keep up to date and refreshed on required reading related to guiding how IT must be run in a regulated Financial institution. Minimum read list:

– MAS Technology Risk Management Guidelines (TRMG)

– MAS Notice 644 – Technology Risk Management.

– MAS Notice 655 – Cyber Hygiene

– MAS Outsourcing Guidelines

– RHB Group IT Security Guidelines and SG addendum/s

– SG Patching Guidelines

– SG Backup Guidelines

– SG Technology Department Operational Manual (OM)

– SG IT Standard Operational Procedures (SOP), and System Manuals (SM)

– SG Procurement Operational Manual (OM)

Qualifications

  • Bachelor degree and/or Master degree
  • Minimum 10 years of experience as an infra specialist working at an established financial services institution
  • Minimum of 5 years of experience specifically focused on HW, OS and Core infra.
  • Strong domain knowledge in Open systems OS (Linux, Windows)
  • Avamar data domain, VMWare vsphere, NSX, vSAN), AWS, DNS, Active Directory / LDAP Mgmt, System monitoring, MDM – Airwatch or Mobile Iron)
  • Experience in managing vendors

Additional Information

RHB is a dynamic organization that promotes a work culture of high performance, where its biggest asset, the RHB-ians, are continuously developed & nurtured to their fullest potential through its robust talent management practices.

At RHB, we take PRIDE in our people and our teams. Great relationships built on trust, a ‘leading it right’ environment, challenging assignments and a culture of excellence are the pillars to the dynamic and diversified workplace we call home.