Assistant VP - Security Projects Assessments, GIS

Singapore (City Area), Singapore, Singapore, 048624

About UOB

United Overseas Bank Limited (UOB) is a leading bank in Asia with a global network of more than 500 branches and offices in 19 countries and territories in Asia Pacific, Europe and North America. In Asia, we operate through our head office in Singapore and banking subsidiaries in China, Indonesia, Malaysia and Thailand, as well as branches and offices. Our history spans more than 80 years. Over this time, we have been guided by our values – Honorable, Enterprising, United and Committed. This means we always strive to do what is right, build for the future, work as one team and pursue long-term success. It is how we work, consistently, be it towards the company, our colleagues or our customers.

About the Department

Group Technology and Operations (GTO) provides software and system development, information technology support services and banking operations.

We have centralized and standardized the technology components into Singapore, creating a global footprint which can be utilized for supporting our regional subsidiaries and the branches around the world. We operate and support 19 countries with this architecture to provide a secure and flexible banking infrastructure.

Our Operations divisions provide transactional customer services for our businesses while also focusing on cost efficiency through process improvements, automation and straight through processing.

Job Responsibilities

• Plan and conduct IT Security Risk Assessment on bank's IT systems throughout the lifecycle covering different layers of technology architecture to identify possible security risks. This include both on-premise and 3rd party hosted systems.
• Perform third party IS Due diligence, including on-site assessments when required.
• Assess and determine controls to address identified gaps and follow-up on the implementation of the controls in 3rd party vendors engagement
• Work closely with business stakeholders to ensure security risks are identified, communicated, understood and assist stakeholders to make informed risk decision.
• Strong understanding of the Bank's IS policy and standards, regulatory and industry good practices in providing appropriate recommendation, resolution and remediation options to the businesses
• Evaluate information security solutions/processes and provide risk advisory
• Contribute and maintain status as a subject matter expert of Information Security matters to Business, Technology and Operation stakeholders.
• Support activities within the Region to ensure oversight and consistency on IT security risk management
• Maintain awareness of security trends covering both new threats and technologies in order to understand the risk and better safeguard the organization.
• Support the IT security workgroups and committees to ensure robust IT security risk governance and management
• Provide reporting and tracking of work deliverables 

Job Requirements

• Bachelor’s degree in Computer science, Information Technology, or a related field is required
• Minimum 3 years of experience in Information Security, Technology Risk, Risk Management
• Industry certifications such as CISSP, CISM, CRISC, CISA is an advantage
• Proactive and strong team player with minimal supervision 
• Effective communication with both technical and non-technical staff
• Good interpersonal, analytical and problem-solving skills
• Experience in industry standards and requirements such as ISO 27001, MAS TRM, NIST, CCM