Total 22 information technology job vacancies in Legal / Public / Security category in D22 Jurong, Jurong Island, Tuas

Job Overview:

We are seeking a dedicated Legal Assistant to join our dynamic team at TSGS, a leading fintech company. In this role, you will focus on supporting the legal operations of our innovative chat app, ensuring compliance with financial regulations and digital communication laws.

Responsibilities and Duties:

• Provide administrative support to the legal team in managing the legal aspects of the chat app.
• Assist in reviewing and drafting legal documents, contracts, and agreements related to the chat app's operations.
• Conduct legal research on regulations and laws pertinent to fintech and digital communication platforms.
• Coordinate with various departments to ensure the chat app complies with financial and privacy laws.
• Manage legal documentation and maintain organized files for easy retrieval and reference.
• Assist in the preparation of compliance reports and presentations for internal and external stakeholders.
• Liaise with external legal counsel as required.
• Keep abreast of changes in laws and regulations affecting the chat app and the fintech industry.
• Support the legal team in litigation matters, if any, involving the chat app.

Qualifications:

• Bachelor’s degree in Law, Paralegal Studies, or a related field.
• Proven experience as a Legal Assistant, Paralegal, or a similar role, preferably in the technology or fintech sector.
• Strong understanding of legal terminology and principles relevant to fintech and digital communication.
• Excellent organizational skills and attention to detail.
• Strong research, analytical, and problem-solving skills.
• Proficiency in legal research tools and Microsoft Office suite.
• Ability to work independently and collaboratively in a fast-paced environment.
• Excellent written and verbal communication skills.

Preferred Skills:

• Experience in legal operations related to chat apps or digital communication platforms.
• Familiarity with financial regulations and data privacy laws.
• Knowledge of intellectual property rights as they pertain to software and digital platforms.

Job Summary:

The Security Analyst will be responsible for supporting the organization's security initiatives, with a focus on achieving ISO 27001 certification and securing cloud infrastructure (AWS and GCP). This role is suitable for candidates with an Information Security degree, including recent graduates who are ready to apply their academic knowledge in a real-world fintech environment. The analyst will assist with risk assessments, incident response, and compliance efforts.

Key Responsibilities:

ISO 27001 Support:

• Assist in developing and maintaining the Information Security Management System (ISMS).
• Support the preparation of documentation for ISO 27001 audits and certification processes.

Cloud Security (AWS/GCP):

• Help secure AWS and GCP environments, learning best practices for access control, encryption, and monitoring.
• Participate in regular cloud security assessments and implement necessary security controls.

Risk Assessment and Management:

• Conduct security risk assessments and help implement risk mitigation strategies.
• Support the creation and maintenance of a risk register.

Compliance and Regulatory Support:

• Ensure compliance with relevant fintech regulations, including GDPR, AML, and PCI-DSS.
• Assist in preparing for and conducting internal and external security audits.

Incident Response:

• Monitor cloud environments and systems for security threats.
• Assist with incident response, investigating and resolving security incidents in a timely manner.

Qualifications:

Education:

• BSc/MSc in Information Security, Cybersecurity, or a related field.
• Recent graduates with relevant academic experience are encouraged to apply.

Skills:

• Knowledge of cloud platforms (AWS, GCP) and basic understanding of security frameworks (ISO 27001).
• Strong attention to detail, with good analytical and problem-solving skills.
• Willingness to learn and adapt in a fast-paced fintech environment.

Preferred Skills:

• Familiarity with security tools (e.g., SIEM, IDS/IPS).
• Knowledge of fintech regulations and best practices for cloud security.

Your background

• You have an innovative mindset. Not afraid to ask why and question established practices, always looking to own and improve quality via automation and tooling.
• You have strong analytical skills required to identify threats, vulnerabilities, and exploitations.
• You are broadly skilled who can pick up new technologies and concepts and apply them to your day-to-day work. You should understand the industry leading Data Loss Prevention tools and technologies.
• You are a good team player and willing to actively participate in team discussions and knowledge-sharing.
• You can demonstrate a problem-solving mindset with intellectual curiosity, critical thinking, and proactive solutions.
• You are willing to work weekend (Saturday and Sunday) on a rotational shift basis.
• You are willing to be enrolled into the bank’s Associate Investment Monitoring Program.

What you can expect

The Cyber Security Operation (CSO) function within Global Information Security is responsible for all aspects of threat intelligence and monitoring, application and network security, and insider threat. In addition, the CSO team drives out the enterprise-wide cyber exercise program. The Global Information Security - Cyber Security Operation team is a true global operations shop with leading edge tools, processes, and people. This role will be responsible for analyzing and escalating internet monitoring security events within a defined business SLA. The role requires someone who will be proactive in furthering the control’s maturity. The candidate should possess a high degree of intellectual curiosity and have a strong desire to find and mitigate risks

Candidate must be willing to enroll in Associate Investment Monitoring due to the nature of the role and access.

What you will do

• Daily analysis of Internet monitoring alerts accurately within the defined business SLA Identify and escalate risk according to standard operation procedures.
• Willingness to actively participate in team discussions and knowledge-sharing
• Analyze events/metrics and escalation data, identify patterns and trends on high-risk controls and proactively suggest, develop, and implement enhancements to reduce risk.
• Self-starter with an ability to navigate and collaborate effectively within a geographically complex and dispersed global corporation.
• Basic understanding of networking systems, security vulnerabilities, exploits and attacks.
• Strong communications both written and verbal with the ability to present control topics to a broad audience.
• Willing to work weekend on a rotational shift basis.
• Perform real-time analysis and trending of security log data from various security devices and systems.
• Maintain data sources feeding the log monitoring system, develop and maintain detection and alerting rules.
• Respond to user incident reports and evaluates the type and severity of security events.
• Execute initial triage of incidents to rule out false positives.
• Identify recurring security issues and risks and develops mitigation plans and recommends process improvements.
• Interpret and apply security policies and procedures.
• Establish escalation processes for security incidents and develops contingency plans and disaster recovery procedures.

About Bank of America

Our purpose as a firm is to make financial lives better, through the power of every connection. Across the world, we partner with leading corporate and institutional investors through our offices in more than 35 countries. In the U.S. alone, we serve almost all the Fortune 500 companies and approximately 67 million consumer and small-business clients. We provide a full suite of financial products and services, from banking and investments to asset and risk management. We cover a broad range of asset classes, making us a global leader in corporate and investment banking, sales, and trading.

Connecting Asia Pacific to the world

Our Asia Pacific team is spread across 19 cities in 12 markets. We are focused on connecting Asia to the world and the world to Asia, using our global expertise to ensure success is shared between us, our clients, and our communities. Our regional footprint covers 12 currencies, more than a dozen languages and five time zones, placing us firmly among the region’s leading financial services companies.

Job Description:

As the Head of Legal, specializing in international government filings, you will be responsible for overseeing and managing all legal matters related to regulatory compliance and government interactions across our global operations. You will play a pivotal role in shaping the company's legal strategy and ensuring compliance with international laws and regulations.

Responsibilities:

• Provide leadership and guidance to the legal team, fostering a culture of excellence, collaboration, and continuous improvement.

• Develop and implement strategies for managing and optimizing international government filings, including regulatory submissions, permits, licenses, and other required documentation to enhance business decision making and operations.

• Collaborate with internal stakeholders, including executives, department heads, and legal teams, to ensure alignment with business objectives and regulatory requirements.

• Knowledge on incorporating companies in different jurisdictions.

• Stay abreast of changes in international laws and regulations that may impact the company's operations and provide proactive guidance to mitigate risks.

• Oversee the preparation and review of legal documents, including contracts, agreements, and regulatory filings, to ensure accuracy and compliance with applicable laws.

• Manage relationships with government agencies, regulatory bodies, and other external stakeholders to facilitate efficient and effective communication and compliance.

• Advise senior management on legal matters such as in legal proceedings, negotiations, and other interactions with governmental entities as necessary.

• Collaborate with external legal counsel and advisors as needed to address complex legal issues and ensure the company's interests are protected.

• Lead and advise the team on non-legal tasks, such as preparation of business cases and related submissions to authorities

Qualifications:

• Juris Doctor (JD) degree from an accredited law school.

• Admission to the bar in at least one jurisdiction; additional admissions preferred.

• Minimum of 5- 8 years of experience practicing law, with a focus on international regulatory compliance and government filings.

• Proven track record of success in managing complex legal matters and regulatory challenges within a global context on improving business processes / operations.

• Strong understanding of international laws and regulations, with expertise in areas such as SEC & FINRA

• Excellent communication and interpersonal skills, with the ability to effectively collaborate and negotiate with internal and external stakeholders.

• Demonstrated leadership abilities, with experience managing and developing high-performing legal teams.

• Strategic thinker with the ability to anticipate and mitigate legal risks while supporting business objectives.

• Detail-oriented and organized, with the ability to manage multiple priorities and deadlines effectively.

Familiarity with the below is advantageous:

• Prior experience in the fintech industry with familiarity on the unique legal challenges and regulatory frameworks governing financial technology companies. This includes compliance with financial regulations (e.g., KYC, AML, GDPR, PSD2)

• Understanding of US financial regulations such as the Securities and Exchange Commission (SEC), the Commodity Futures Trading Commission (CFTC), the Financial Industry Regulatory Authority (FINRA), and other federal and state regulatory bodies

• Advising on the legal aspects of fundraising strategies, including private placements, public offerings, crowdfunding, and other fundraising methods with the SEC.

• Possesses good knowledge on Taxation Law.

• Drafting and reviewing offering documents, such as private placement memorandum (PPMs), prospectuses, subscription agreements, and other disclosure materials.

• Ensuring compliance with securities registration requirements or exemptions under Regulation CF, Regulation D, Regulation A, or other exemptions available under US securities laws.

• Conducting due diligence on investors and potential counterparties to ensure compliance with AML/KYC requirements and mitigate legal risks.

• Negotiating and structuring shareholdings, investment transactions, including equity investments, debt financing, convertible securities, and other financial instruments.

Job Description:

As the Head of Legal, specializing in international government filings, you will be responsible for overseeing and managing all legal matters related to regulatory compliance and government interactions across our global operations. You will play a pivotal role in shaping the company's legal strategy and ensuring compliance with international laws and regulations.

Responsibilities:

• Provide leadership and guidance to the legal team, fostering a culture of excellence, collaboration, and continuous improvement.

• Develop and implement strategies for managing and optimizing international government filings, including regulatory submissions, permits, licenses, and other required documentation to enhance business decision making and operations.

• Collaborate with internal stakeholders, including executives, department heads, and legal teams, to ensure alignment with business objectives and regulatory requirements.

• Knowledge on incorporating companies in different jurisdictions.

• Stay abreast of changes in international laws and regulations that may impact the company's operations and provide proactive guidance to mitigate risks.

• Oversee the preparation and review of legal documents, including contracts, agreements, and regulatory filings, to ensure accuracy and compliance with applicable laws.

• Manage relationships with government agencies, regulatory bodies, and other external stakeholders to facilitate efficient and effective communication and compliance.

• Advise senior management on legal matters such as in legal proceedings, negotiations, and other interactions with governmental entities as necessary.

• Collaborate with external legal counsel and advisors as needed to address complex legal issues and ensure the company's interests are protected.

• Lead and advise the team on non-legal tasks, such as preparation of business cases and related submissions to authorities

Qualifications:

• Juris Doctor (JD) degree from an accredited law school.

• Admission to the bar in at least one jurisdiction; additional admissions preferred.

• Minimum of 5- 8 years of experience practicing law, with a focus on international regulatory compliance and government filings.

• Proven track record of success in managing complex legal matters and regulatory challenges within a global context on improving business processes / operations.

• Strong understanding of international laws and regulations, with expertise in areas such as SEC & FINRA

• Excellent communication and interpersonal skills, with the ability to effectively collaborate and negotiate with internal and external stakeholders.

• Demonstrated leadership abilities, with experience managing and developing high-performing legal teams.

• Strategic thinker with the ability to anticipate and mitigate legal risks while supporting business objectives.

• Detail-oriented and organized, with the ability to manage multiple priorities and deadlines effectively.

Familiarity with the below is advantageous:

• Prior experience in the fintech industry with familiarity on the unique legal challenges and regulatory frameworks governing financial technology companies. This includes compliance with financial regulations (e.g., KYC, AML, GDPR, PSD2)

• Understanding of US financial regulations such as the Securities and Exchange Commission (SEC), the Commodity Futures Trading Commission (CFTC), the Financial Industry Regulatory Authority (FINRA), and other federal and state regulatory bodies

• Advising on the legal aspects of fundraising strategies, including private placements, public offerings, crowdfunding, and other fundraising methods with the SEC.

• Possesses good knowledge on Taxation Law.

• Drafting and reviewing offering documents, such as private placement memorandum (PPMs), prospectuses, subscription agreements, and other disclosure materials.

• Ensuring compliance with securities registration requirements or exemptions under Regulation CF, Regulation D, Regulation A, or other exemptions available under US securities laws.

• Conducting due diligence on investors and potential counterparties to ensure compliance with AML/KYC requirements and mitigate legal risks.

• Negotiating and structuring shareholdings, investment transactions, including equity investments, debt financing, convertible securities, and other financial instruments.

ABOUT THE NATIONAL INSTITUTE OF EDUCATION (NIE)

The National Institute of Education (NIE), Singapore, is Singapore’s national teacher education institute and we are proud to be an integral part of the nation’s education service. We play a key role in the preparation of teachers and in the provision of teacher professional and school leadership development programmes. We are committed to our vision of being An Institute of Distinction: Leading the Future of Education and our mission to Inspire Learning, Transform Teaching and Advance Research.

NIE invites suitable candidates to join the Division of Academic Computing & Information Services (ACIS) as a Senior IT Security Analyst (3-year contract).

Key Responsibilities:

Incident Response Leadership

• Oversee the entire incident response lifecycle from detection to resolution.
• Lead investigations of IT security incidents and ensure thorough root cause analysis and remediation.
• Develop and maintain incident response playbooks and procedures.
• Coordinate with internal, external stakeholders, and vendors during incidents.
• Conduct post-incident reviews and report findings to management.

Monitoring and Detection

• Develop and implement advanced threat detection and monitoring strategies.
• Utilize SIEM, EDR, and other security tools for timely incident detection.
• Perform threat hunting and proactive security assessments.
• Collaborate with IT teams to deploy and optimize security solutions.

AI and Automation

• Integrate AI and automation technologies to enhance security operations.
• Develop automated workflows and scripts for incident response and routine tasks using SOAR.
• Leverage machine learning and AI-driven tools for threat detection and analysis.
• Stay updated with advancements in AI and evaluate their applicability to security operations.
• Apply system design thinking to security solutions.

Threat Statistics and Reporting

• Analyze and compile statistics on threats relevant to the Institute.
• Prepare and present detailed reports on threat statistics to stakeholders.
• Use data visualization tools to communicate threat trends and insights.

Innovation and Continuous Improvement

• Evaluate and integrate new technologies to enhance security operations.
• Foster a culture of continuous improvement within the team.
• Encourage continuous learning and professional development.

Forensics Capability Development

• Enhance the team's digital forensics capabilities.
• Develop forensic investigation procedures and protocols.
• Train team members in forensic tools and methodologies.
• Oversee the collection, preservation, and analysis of digital evidence.
• Collaborate with legal and compliance teams to ensure regulatory alignment.
• Conduct regular drills and simulations for forensic readiness.

Requirements:

• Degree in Information Systems, Computer Science, Cybersecurity, or a related field.
• Professional Certification(s) in incident handling and security analysis preferred.
• GCIH or its equivalent is preferred
• Minimum of 8 years of progressive experience in IT security, with a focus on Incident response
• Minimum of 4 years of experience in a security operations center, with proven leadership capabilities.
• Intermediate knowledge of security operations, incident analysis, incident handling, and vulnerability management or testing, system patching, log analysis, intrusion detection, or firewall administration
• Proven experience in managing incident response and performing threat hunting
• Proven experience in integrating AI and automation in IT Security using Security Orchestration Automated Response (SOAR) technologies.
• Proficiency in Security Information and Event Management (SIEM), Endpoint Detection and Response (EDR), traffic and packet analysis, digital forensics, and cloud security.
• Experience in Blue/Purple teaming, firewall, Intrusion Prevention Systems (IPS), Web Application Firewalls (WAF) administration, virtualization, and cloud technologies.
• Experience in monitoring and administering host-based intrusion detection systems.
• Knowledge and experience in Linux/Windows/Database technologies preferred.
• Strong knowledge of industry standards and information security policy frameworks.
• Hands-on experience with scripting and automation tools to enhance security operations.
• Ability to conduct gap analysis of current processes and identify opportunities for improvement.
• Evaluate internal and external environments for threats related to Information Security and act as a subject matter expert to ensure these are properly addressed and controlled.
• Continuously improve event correlation and alerting processes and use cases to detect potential incidents.
• Automate manual processes to enhance security incident response.
• Experience with network security assessment tools.
• Excellent leadership and team management skills, with the ability to inspire and motivate a team.
• Strong communication skills, with the ability to effectively interact with stakeholders at all levels, including University administration.
• Demonstrated ability to drive strategic initiatives and lead a team through change.
• Exceptional problem-solving skills and the ability to think critically under pressure.
• Ability to interview stakeholders to define and document business requirements.
• Provide advice and guidance on response action plans for information risk events and incidents based on incident type and severity.

Other Information

NIE staff can take chartered buses at their own expense from or near their home to the NIE campus. This is subject to the availability of bus routes and seats.

Req ID: R00018131

Position: Chief Information Security Officer

Job Description

• Developing and implementing secure processes and systems used to prevent, detect, mitigate, and recover from cyberattacks
• Educating and managing technology risk in collaboration with business leaders
• Building and driving a cybersecurity strategy and framework, with initiatives to secure the organization's cyber and technology assets
• Continuously evaluating and managing the cyber and technology risk posture of the organization
• Implementing and managing the cyber governance, risk, and compliance (GRC) process
• Reporting to the most senior levels of the organization (the CEO and board of directors, or equivalent)
• Developing, justifying, and evaluating cybersecurity investments
• Developing and implementing ongoing security awareness training and education for users
• Leading cybersecurity operations and implementing disaster recovery protocols and business continuity plans with business resilience in mind

Requirements and qualifications

• Possess IT certifications such as the Certified Information Systems Security Professional (CISSP) from (ISC)2 or Certified Information Security Manager (CISM) designations from ISACA
• Relevent Cybersecurity licences or qualifications

Technical Skills

• In-depth knowledge of information security
• management frameworks (e.g., ISO/IEC 27001, NIST).
• Experience with security technologies and tools (e.g., firewalls, IDS/IPS, SIEM).
• Understanding of network security, application security, and data protection principles

Soft Skills

• Strong leadership and management abilities.
• Excellent communication and interpersonal skills.
• Ability to work under pressure and handle stressful situations.
• Strategic thinking and problem-solving skills.
  

Your background

• Previous information technology/security audit/assessment experience preferred.
• Ability to leverage attention to detail and analytical skills.
• Ability to multi-task and work both independently as well as part of an assessment team
• Ability to plan, execute and document assessment and remediation activities following established processes and procedures.
• Must be comfortable in delivering messages across a wide spectrum of individuals having varying degrees of technical understanding.
• Minimally, CISSP and/or CISA certifications are required as well as five to eight years of experience in information security or business continuity.
• Technical skills include the domains of information security and business continuity including:
  Information Security Controls (Cloud Security, Infrastructure Security, Access Management, Physical Security, Application Security, etc.),
  IT Compliance, SOX Compliance
  Change Management
  Enterprise Risk Management
  Solid grasp of NIST, PCI, ISO, SDLC, COBIT, and ITIL standards.
• Must be able to travel up to 25% of the time.
• Experience in Cloud technologies, OSINT and threat modeling will be advantageous.

What you can expect

The Third Party Cyber Security Assessor will conduct information security and business continuity assessments of third parties providing services to Bank of America. The assessor will examine a third party's program to determine if they meet the Bank’s requirements, identifying control gaps that may expose the Bank to risks and subsequently work with the third party on all remediation activities.

To succeed in this role, you should be highly independent, motivated and possess strong, hands-on, technical knowledge of a wide range of information security and business continuity controls and the processes used for evaluating their design and effectiveness and possess strong written and verbal communication skills including ability to communicate clearly and concisely to various levels, up to and including executive level management, and explain the need for key controls to technical and non-technical resources.

There will be opportunities to be involved in projects to improve processes & transform the assessment program. This will enable you to leverage and grow your leadership skills as you'll be expose to various internal stakeholders and industry partners.

What you will do

• Manage and execute assessments of third parties providing services to Bank of America.
• Evaluate design and effectiveness of controls implemented by third parties providing services to Bank of America
• Drive remediation of issues identified through the assessments and any subsequent risk conversations with the third parties and other internal stakeholders.
• Interface with external third parties and internal line of business stakeholders to provide consultation on information security topics and build strong working relationships with these parties.
• Partner with regional and global GIS teammates to collaborate on opportunities and to identify, analyze, and resolve complex problems or security gaps.
• Contribute to the development and transformation of the Third Party Cyber Assurance program.
• Conduct cyber risk assessment in support of technology initiatives to help identify IT related risk and determine appropriate controls to mitigate risks.
• Monitor, track, and manage risk mitigations and exceptions and ensure adequate monitoring capability is incorporated into solutions.

About Bank of America

Our purpose as a firm is to make financial lives better, through the power of every connection. Across the world, we partner with leading corporate and institutional investors through our offices in more than 35 countries. In the U.S. alone, we serve almost all of the Fortune 500 companies and approximately 67 million consumer and small-business clients. We provide a full suite of financial products and services, from banking and investments to asset and risk management. We cover a broad range of asset classes, making us a global leader in corporate and investment banking, sales and trading.

Connecting Asia Pacific to the world

Our Asia Pacific team is spread across 19 cities in 12 markets. We are focused on connecting Asia to the world and the world to Asia, using our global expertise to ensure success is shared between us, our clients and our communities. Our regional footprint covers 12 currencies, more than a dozen languages and five time zones, placing us firmly among the region’s leading financial services companies.

Role Accountability

This role is responsible for supporting Lubrizol’s Information Security Training and Awareness initiatives to elevate the understanding and adoption of a security culture that reduces overall cyber risk to the organization. Participate in the development and delivery of training and educational materials, Lubrizol’s simulated phishing program, all while providing reporting of activity to stakeholders with a respectful understanding of Lubrizol’s multicultural, global background.

Essential Job Functions

• Support the Information Security Training and Awareness program initiatives, following our internal policies and procedures.
• Identify training needs among the various business units supporting Lubrizol and supporting the phishing simulation program as needed.
• Assist with tabulation and reporting of results of training and phishing activities, tracking activity status in a consistently manner.
• Provide a bridge of communication utilizing all channels available to achieve a positive behavioural change.
• Support the Security Ambassadors program across Lubrizol.
• Gain an understanding of the unique security awareness requirements of Lubrizol business and manufacturing environments and serve as their primary point of contact.
• Instil a security culture that reduces the possibility of information security incidents.
• Provide insight and recommendations as part of a global information security team.
• Other Information Security activities as needed.

Critical Competencies

• Dynamic, initiative-taker that applies their strong, people-centric cyber-risk background along with effective communication and training skills to significantly improve the cybersecurity culture.
• Demonstrated effectiveness of working independently, establishing priorities, and managing task completion.
• Organizational awareness with an understanding of how to engage with employees and contractors to achieve best results.
• A true collaborator with a strong internal customer service approach, able to effectively build relationships and work in a collaborative, global environment.
• Sound decision-making and initiative-taking/creative critical thinking skills.
• Strong people skills.
• Responsive to internal stakeholders.

Required Qualifications

Education / Certifications:

• Associate degree in information technology (IT) or equivalent business experience.
• SACP, CSAP certifications are a plus.

Experience:

• Minimum four (4) years of IT or relevant business experience, preferably working in a cybersecurity team.
• Understanding of cybersecurity, human, and IT risk concepts, along with industry standards.

Skills & Systems:

• Solid experience with Microsoft Windows-based operating systems and Office products.
• Understanding of information security concepts.
• Ability to resolve issues via research and investigation.
• Experience in documenting issues and solutions to assist end user understanding.
• Understanding of the manufacturing environment and its unique information security needs a plus.
• Non-English language proficiency a plus.

Your background

Skills:

· Experience in conducting vulnerability assessments, code reviews and penetration tests against web/mobile application technologies, services, platforms and languages to find flaws and exploits (e.g. SQL Injection, Cross-Site Scripting, Cross-Site Request Forgery, Remote Code Execution, Authentication/Authorization, Privilege Escalation, Business Logic Bypass, etc.)

· Experience in conducting Threat Modeling

· Knowledge of network and Web related protocols/technologies

· Experience with web application vulnerability scanning tools (e.g. IBM AppScan, NetSparker, Burp Suite Pro etc.)

· Experience with vulnerability assessment tools and penetration testing techniques (e.g. web application proxies, packet capture analysis software, browser extensions, advanced penetration testing Linux distributions, static source code analyzers, SoapUI etc.)

· Experience of penetration testing on mobile platforms such as iOS, Android, Windows and RIM.

· Solid programming/debugging skills with proficiency in one or more of the following: Java, JavaScript, HTML, XML, PHP, ASP.NET, AJAX, JSON, Objective-C

· Strong scripting skills (e.g. Python, Perl, Shell script, JavaScript)

· Mobile programming abilities such as Xcode, Objective-C

· Knowledge of a Structured Query Language

· Expert-level experience and very detailed technical knowledge in at least 3 of the following areas: general information security; security engineering; application architecture; authentication and security protocols; application session management; applied cryptography; common communication protocols; mobile frameworks, single sign-on technologies; exploit automation platforms; RESTful web services

Competencies:

· The ability to work independently and as part of a team, in a very large scale, enterprise setting

· Previous experience as an application security professional with a large Financial Institution is a plus

· Intellectually Curious

· Consistently thinks like a threat actor

· Demonstrated ability to learn and apply critical thinking to a variety of situations

· Ability to clearly communicate (written & verbal) business risk associated with a given vulnerability

· Adaptable & Flexible approach to work

· Ability to demonstrate manual web application testing experience

Qualifications:

· BS/MS in Computer Science (or relevant work experience in a large scale IT environment)

· Additionally penetration testing specific qualifications would preferably include one or more from the following list:

o CREST Registered Penetration Testers (CRT)

o CREST Certified Web Application Tester

o Offensive Security Certified Professional (OSCP)

o Offensive Security Certified Expert (OSCE)

o Offensive Security Exploitation Expert (OSEE)

o Offensive Security Web Expert (OSWE)

o SANS GIAC Penetration Tester (GPEN)

o SANS GIAC Exploit Researcher and Advanced Penetration Tester (GXPN)

o SANS GIAC Web Application Penetration Tester (GWAPT)

o Certified Ethical Hacker (CEH)

What you can expect

The Cyber Security Assurance (CSA) department is responsible for providing an uncompromised technology and application environment for employees, customers, clients, and shareholders through continuous comprehensive cyber security testing. CSA consists of multiple assessment teams that focuses on different technology, platform, and stakeholders.

As a Manual Ethical Hacking Specialist, you will join a dynamic team of world class security experts to conduct application security/penetration tests of our internal/external web, mobile and web service applications, leveraging both manual techniques as well as automated tools in order to uncover and report security vulnerabilities that exist.

You will be knowledgeable with business risks associated with common security vulnerabilities and be able to effectively communicate security vulnerabilities to application developers and/or senior managers who may have little to no experience with application security vulnerability specifics.

What you will do

Responsibilities include, but are not limited to:

· Understanding the requirements of the applications and how to use them

· Testing applications using a variety of tools to identify vulnerabilities that could expose the Bank to risk

· Monitoring existing and proposed security standard setting groups

· Conducting meetings to communicate the findings and implications to stakeholders

· Performing vulnerability fix verification testing in support of the remediation

· Providing technical support to clients, management and staff throughout risk assessments and the implementation of appropriate data security procedures and products

· Acting as a SME, providing guidance and knowledge to reduce the vulnerabilities and risk when apps are being created

· Sharing knowledge with technical and non-technical colleagues directly and through training sessions

· Ensuring identified risks are managed effectively

· Contributing to the development and enhancement of the control function

· Design and perform tests and check cases to determine if infrastructure components, systems and applications meet confidentiality, integrity, authentication, availability, authorization, and non-repudiation standards.

· Translate requirements into test plan, write and execute test scripts or codes in line with standards and procedures to determine vulnerability to attacks.

· Certify infrastructure components, systems and applications that meet security standards.

About Bank of America

Our purpose as a firm is to make financial lives better, through the power of every connection. Across the world, we partner with leading corporate and institutional investors through our offices in more than 35 countries. In the U.S. alone, we serve almost all of the Fortune 500 companies and approximately 67 million consumer and small-business clients. We provide a full suite of financial products and services, from banking and investments to asset and risk management. We cover a broad range of asset classes, making us a global leader in corporate and investment banking, sales and trading.

Connecting Asia Pacific to the world

Our Asia Pacific team is spread across 19 cities in 12 markets. We are focused on connecting Asia to the world and the world to Asia, using our global expertise to ensure success is shared between us, our clients and our communities. Our regional footprint covers 12 currencies, more than a dozen languages and five time zones, placing us firmly among the region’s leading financial services companies.

We are seeking a highly skilled and experienced Chief Legal Officer (CLO) with expertise in international government filings and US financial regulations to join our dynamic team. you will be responsible for overseeing and managing all legal matters related to regulatory compliance and government interactions across our global operations, playing a pivotal role in shaping the company's legal strategy and ensuring compliance with international laws and regulations

Responsibilities:

• Develop and implement strategies for managing and optimizing international government filings, including regulatory submissions, permits, licenses, and other required documentation.
• Collaborate with internal stakeholders, including executives, department heads, and legal teams, to ensure alignment with business objectives and regulatory requirements.
• Collaborate with external legal counsel and advisors as needed to address complex legal issues and ensure the company's interests are protected.
• Advising on the legal aspects of fundraising strategies, including private placements, public offerings, crowdfunding, and other fundraising methods.
• Drafting and reviewing offering documents, such as private placement memorandum (PPMs), prospectuses, subscription agreements, and other disclosure materials.
• Ensuring compliance with securities registration requirements or exemptions under Regulation CF, Regulation D, Regulation S, Regulation A+, or other exemptions available under US securities laws.
• Conducting due diligence on investors and potential counterparties to ensure compliance with AML/KYC requirements and mitigate legal risks.
• Negotiating and structuring investment transactions, including equity investments, debt financing, convertible securities, and other financial instruments.
• Manage relationships with government agencies, regulatory bodies, and other external stakeholders to facilitate efficient and effective communication and compliance.
• Provide leadership and guidance to the legal team, fostering a culture of excellence, collaboration, and continuous improvement.
• Conduct internal audits and assessments to identify areas of non-compliance or potential risk and develop strategies to address them.
• Represent the company in legal proceedings, negotiations, and other interactions with governmental entities as necessary.
• Stay abreast of changes in international laws and regulations that may impact the company's operations and provide proactive guidance to mitigate risks.

Requirements

• Juris Doctor (J.D.) Degree from an accredited law school.
• Admission to the bar in at least one jurisdiction; additional admissions preferred.
• Minimum of 7 - 10 years of experience practicing law, with a focus on international regulatory compliance and government filings.
• Excellent communication and interpersonal skills, with the ability to effectively collaborate and negotiate with internal and external stakeholders.
• Demonstrated leadership abilities, with experience managing and developing high-performing legal teams.
• Strategic thinker with the ability to anticipate and mitigate legal risks while supporting business objectives.

Desirable Experience (Added Advantage):

• Proven track record of success in managing complex legal matters, regulatory challenges and experience in the fintech industry with familiarity on the unique legal challenges and regulatory frameworks governing financial technology companies. This includes compliance with financial regulations (e.g., KYC, AML, GDPR, PSD2)
• Deep understanding of US financial regulations such as the Securities and Exchange Commission (SEC), the Commodity Futures Trading Commission (CFTC), the Financial Industry Regulatory Authority (FINRA), and other federal and state regulatory bodies

Job Responsibilities:

· Drive the fortification and optimization of the wallet security system, including but not limited to security policies, patching vulnerabilities, and monitoring unusual activities.

· Responsible for the daily operational maintenance of the wallet system, including but not limited to node deployment, on-chain data synchronization, and system backup, etc.

· Provide reasonable and effective suggestions for the existing wallet system framework, assist in upgrading the security organizational framework, participate in the design and implementation of security policies, to ensure the security of the exchange wallet system.

· Design and collaborate on the development of a security framework with rational security logic.

· Enrich and optimize existing rules, participate in the emergency response to daily security incidents, as well as the maintenance of security systems.

· Continuously track the latest technologies and threats in the field of blockchain and digital asset security, providing professional advice and guidance to the team.

· Proactively identify and resolve potential system risks, improving the overall security awareness and capabilities of the team.

Qualification Requirements:

· Have a sense of infrastructure security, familiar with common security vulnerabilities and attack methods.

· Capable of independently developing, writing, and maintaining a security framework.

· Familiar with common Linux commands and tools, penetration testing processes and tools.

· Familiar with security risk management, security node upgrades.

· Familiar with WEB3 development technology, with priority given to those who have experience in Solidity smart contract development.

· Have a deep understanding of blockchain technology and digital assets, familiar with the application skills of common scenarios on the chain.

· Good communication and written expression abilities, able to effectively communicate and cooperate with colleagues in different positions.

Bonus Points:

· Experience in security framework design.

· Experience in handling security incidents & offensive and defensive real-world experiences.

· Priority given to those with practical project or tool development experience.

Job Overview:

We are seeking a dedicated Legal Assistant to join our dynamic team at TSGS, a leading fintech company. In this role, you will focus on supporting the legal operations of our innovative chat app, ensuring compliance with financial regulations and digital communication laws.

Responsibilities and Duties:

• Provide administrative support to the legal team in managing the legal aspects of the chat app.
• Assist in reviewing and drafting legal documents, contracts, and agreements related to the chat app's operations.
• Conduct legal research on regulations and laws pertinent to fintech and digital communication platforms.
• Coordinate with various departments to ensure the chat app complies with financial and privacy laws.
• Manage legal documentation and maintain organized files for easy retrieval and reference.
• Assist in the preparation of compliance reports and presentations for internal and external stakeholders.
• Liaise with external legal counsel as required.
• Keep abreast of changes in laws and regulations affecting the chat app and the fintech industry.
• Support the legal team in litigation matters, if any, involving the chat app.

Qualifications:

• Bachelor’s degree in Law, Paralegal Studies, or a related field.
• Proven experience as a Legal Assistant, Paralegal, or a similar role, preferably in the technology or fintech sector.
• Strong understanding of legal terminology and principles relevant to fintech and digital communication.
• Excellent organizational skills and attention to detail.
• Strong research, analytical, and problem-solving skills.
• Proficiency in legal research tools and Microsoft Office suite.
• Ability to work independently and collaboratively in a fast-paced environment.
• Excellent written and verbal communication skills.

Preferred Skills:

• Experience in legal operations related to chat apps or digital communication platforms.
• Familiarity with financial regulations and data privacy laws.
• Knowledge of intellectual property rights as they pertain to software and digital platforms.

We are seeking a highly skilled and experienced Chief Legal Officer (CLO) with expertise in international government filings to join our dynamic team.

Job Description:

As the Chief Legal Officer (CLO) specializing in international government filings, you will be responsible for overseeing and managing all legal matters related to regulatory compliance and government interactions across our global operations. You will play a pivotal role in shaping the company's legal strategy and ensuring compliance with international laws and regulations.

Responsibilities:

• Develop and implement strategies for managing and optimizing international government filings, including regulatory submissions, permits, licenses, and other required documentation.
• Collaborate with internal stakeholders, including executives, department heads, and legal teams, to ensure alignment with business objectives and regulatory requirements.
• Stay abreast of changes in international laws and regulations that may impact the company's operations and provide proactive guidance to mitigate risks.
• Oversee the preparation and review of legal documents, including contracts, agreements, and regulatory filings, to ensure accuracy and compliance with applicable laws.
• Manage relationships with government agencies, regulatory bodies, and other external stakeholders to facilitate efficient and effective communication and compliance.
• Provide leadership and guidance to the legal team, fostering a culture of excellence, collaboration, and continuous improvement.
• Conduct internal audits and assessments to identify areas of non-compliance or potential risk and develop strategies to address them.
• Represent the company in legal proceedings, negotiations, and other interactions with governmental entities as necessary.
• Advise senior management on legal matters related to international government filings, offering strategic insights and recommendations to support informed decision-making.
• Collaborate with external legal counsel and advisors as needed to address complex legal issues and ensure the company's interests are protected.

Qualifications:

• Juris Doctor (JD) degree from an accredited law school.
• Admission to the bar in at least one jurisdiction; additional admissions preferred.
• Minimum of 7 - 10 years of experience practicing law, with a focus on international regulatory compliance and government filings.
• Proven track record of success in managing complex legal matters and regulatory challenges within a global context.
• Strong understanding of international laws and regulations, with expertise in areas such as [specific regulations relevant to the industry].
• Excellent communication and interpersonal skills, with the ability to effectively collaborate and negotiate with internal and external stakeholders.
• Demonstrated leadership abilities, with experience managing and developing high-performing legal teams.
• Strategic thinker with the ability to anticipate and mitigate legal risks while supporting business objectives.
• Detail-oriented and organized, with the ability to manage multiple priorities and deadlines effectively.

We are seeking a dedicated Legal Assistant to join our dynamic team at TSGS, a leading fintech company. In this role, you will focus on supporting the legal operations of our innovative chat app, ensuring compliance with financial regulations and digital communication laws.

Responsibilities and Duties:

• Provide administrative support to the legal team in managing the legal aspects of the chat app.
• Assist in reviewing and drafting legal documents, contracts, and agreements related to the chat app's operations.
• Conduct legal research on regulations and laws pertinent to fintech and digital communication platforms.
• Coordinate with various departments to ensure the chat app complies with financial and privacy laws.
• Manage legal documentation and maintain organized files for easy retrieval and reference.
• Assist in the preparation of compliance reports and presentations for internal and external stakeholders.
• Liaise with external legal counsel as required.
• Keep abreast of changes in laws and regulations affecting the chat app and the fintech industry.
• Support the legal team in litigation matters, if any, involving the chat app.

Qualifications:

• Bachelor’s degree in Law, Paralegal Studies, or a related field.
• Proven experience as a Legal Assistant, Paralegal, or a similar role, preferably in the technology or fintech sector.
• Strong understanding of legal terminology and principles relevant to fintech and digital communication.
• Excellent organizational skills and attention to detail.
• Strong research, analytical, and problem-solving skills.
• Proficiency in legal research tools and Microsoft Office suite.
• Ability to work independently and collaboratively in a fast-paced environment.
• Excellent written and verbal communication skills.

Preferred Skills:

• Experience in legal operations related to chat apps or digital communication platforms.
• Familiarity with financial regulations and data privacy laws.
• Knowledge of intellectual property rights as they pertain to software and digital platforms.