Senior Engineer, Open System
- Full-time
Company Description
RHB Singapore is a progressive and growing financial organization. We are committed to creating a fulfilling, dynamic and engaging work environment for our team of more than 15,000 employees across locations in ASEAN.
Job Description
PRIMARY OBJECTIVES:
Perform system administration related duties including advise, analyze, plan, implement, maintain, support (and retire/refresh where required) all locally hosted (On premise, Cloud) infra components required to run Singapore operations:
• Maintain and ensure infra components running in production are in a healthy state;
• Analyze and recommend new infra component acquisitions to meet evolving Singapore Operation’s needs;
• Ensure IT is operated in a manner that complies with Bank Policies and frameworks, standards, circulars, guidelines and MAS regulated act, notices, circulars, and guidelines applicable to technology (Compliance, Audit, Risk Adherence). – Infra components
• Ensure IT assets are protected and secure – Infra components
• Assist in annual budgeting – Infra components
• Be a key stakeholder and technology partner on the bank Digital journey.
• Foster and champion bank PRIDE values within the technology department and imbue the department with a culture of teamwork, innovation, discipline, resiliency and dedication to how work is approached.
• Provide day-to-day support for infra components
• Participate in the setup of test environments to ensure business can do their enhancements and new projects testing for assign applications.
HW, OS, and Core Infra: Infra on premise hardware located in the data centers, server operating systems (Linux, Windows), Storage/SAN, VMware virtualization, Backup and archiving, AD/LDAP domain administration, DNS, MDM/BYOB, SCCM, Linux patch mgr, Endpoints
KEY RESPONSIBILITIES:
Strategy, Planning, Mgmt. Reporting
• Provide expert advice and support to technology management in the area of expertise
• Contribute in the formulation a comprehensive Branch IT strategy covering IT policies and procedures, security, architecture, business solutions and operational functional requirements
• Keep abreast of developments and innovations in the FI IT landscape
• Provide mentorship, support and guidance to colleagues, share information and facilitate problem solving
• Contribute in the yearly budgeting for IT expenditures and investments.
IT Operations
• Ensure infra components system health
• Ensure prompt and efficient provision of IT support based on assigned area of expertise (includes request from Data center operations team)
• Oversee contingency plans and ensure their adequacy
• Ensure IT assets are protected and secure
• Maintain and ensure timely renewal of digital certificates and proper lodgment with IT security team.
• Ensure IT operations run in a manner consistent with high score from audit, risk, compliance assessments. The following to be operationalized as standard procedure against all IT asset components:
– Administrative Accounts – All admin accounts lodged into PAM solution per group IT Security guidelines and MAS notice 655 point 4.1
– Patching – Patch notification process established with vendors and patch calendar updated, upon patch release assessment and implementation as needed Per patching guidelines and MAS notice 655 point 4.2
– Hardening - Per component definition and enforcement against SG security standard and Group IT Security guidelines and SG addendum/s and MAS notice 655 point 4.3
– Network Perimeter Defense – Network traffic and segments, firewalls, proxies, dns, vpn access setup in secure manner per group IT security guidelines and MAS notice 655 4.4
– Malware – IT Security consulted and all required IT security protections installed on IT assets per MAS notice 655 point 4.5
– Multi-factor Authentication – MFA, where applicable implement MFA of administrative and internet accounts with access to customer information using PAM per MAS notice 655 point 4.6
– Logging and Monitoring – Security, Capacity, Downtime, Audit
– Capacity Mgmt. – Pre-emptive monitoring (via monitoring), planning and execution of capacity upgrades as needed
– EOL/EOS Upgrades – Per group guidelines. Track and execute upgrades and/or do risk assessment and deviation approval.
– Housekeeping – scripted clean-ups and truncations of logs and temp files after necessary archives executed
– Backups – Required backup strategy per backup guidelines operationalized to central Backup Platform. Recurring scheduled backup validation activities scheduled and performed ongoing to ensure backups working per need.
• Work with system stakeholders to ensure proper classification of system criticality and ensure design and architecture can meet the assessed criticality needs:
– MAS 644 defined Critical system – Ensure DR setup and working and can achieve RTO within 4 hours, RPO within 2 hours and maximum unplanned downtime of not more than 4 hours per rolling 12 months;
– MAS 644 defined non-critical system – Ensure HA/DR per stakeholder requirement.
• BCM related activity planning and execution
• Review and Approve/Reject production change requests as part of TCAB committee
• Raise CAB CR as necessary
• Cutover related planning and execution
• Ensure and maintain adequate test environments in good working order to support enhancements and new projects;
• Track IT related spend against budget.
• Write Memos to authorize procurements
• Write Memos to get deviation approvals where required.
Application and Systems Development / New Platform Acquisition
• Work with project and application teams to provide infra component provisioning to support the projects
• Assist in the migration of applications to run on Cloud for existing systems based on end-user needs and business rationale.
• Assist team lead to write and table committee papers as required to get new systems and/or platforms, or major refreshes approved.
• Initiate and lead IT Infra related projects.
• Write Memos to authorize procurements
• Write Memos to get deviation approvals where required
• Work with Digital Delivery and DevOps team to support migration of workloads running on-premises to Cloud.
Regulatory and Procedural Expertise
• Keep up to date and refreshed on required reading related to guiding how IT must be run in a regulated Financial institution. Minimum read list:
– MAS Technology Risk Management Guidelines (TRMG)
– MAS Notice 644 – Technology Risk Management.
– MAS Notice 655 – Cyber Hygiene
– MAS Outsourcing Guidelines
– RHB Group IT Security Guidelines and SG addendum/s
– SG Patching Guidelines
– SG Backup Guidelines
– SG Technology Department Operational Manual (OM)
– SG IT Standard Operational Procedures (SOP), and System Manuals (SM)
– SG Procurement Operational Manual (OM)
Qualifications
- Bachelor degree and/or Master degree
- Minimum 10 years of experience as an infra specialist working at an established financial services institution
- Minimum of 5 years of experience specifically focused on HW, OS and Core infra.
- Strong domain knowledge in Open systems OS (Linux, Windows)
- Avamar data domain, VMWare vsphere, NSX, vSAN), AWS, DNS, Active Directory / LDAP Mgmt, System monitoring, MDM – Airwatch or Mobile Iron)
- Experience in managing vendors
Additional Information
RHB is a dynamic organization that promotes a work culture of high performance, where its biggest asset, the RHB-ians, are continuously developed & nurtured to their fullest potential through its robust talent management practices.
At RHB, we take PRIDE in our people and our teams. Great relationships built on trust, a ‘leading it right’ environment, challenging assignments and a culture of excellence are the pillars to the dynamic and diversified workplace we call home.