AVP, Group Information Security

3 weeks ago


Singapore OCBC Full time
AVP, Group Information Security & Digital Risk Management

Get AI-powered advice on this job and more exclusive features.

Who We Are

As Singapore's longest established bank, we have been dedicated to enabling individuals and businesses to achieve their aspirations since 1932. We understand people and provide support, services, solutions, and career paths that meet individual needs. Today, we're on a journey of transformation, leveraging technology and creativity to become a future-ready learning organisation with the strategic ambition to be Asia's leading financial services partner for a sustainable future. Build the bank of the future, innovate the way we deliver financial services, and enjoy a vibrant, future-ready career.

Your Opportunity Starts Here Why Join

Protecting our customers\' assets and information is at the heart of what we do at OCBC. As an Information Security and Digital Risk Management Specialist, you\'ll play a critical role in safeguarding our digital landscape and ensuring the integrity of our systems. You\'ll be part of a team that stays ahead of emerging threats and risks.

How You Succeed

As the AVP of Information Security and Digital Risk Management (ISDRM), you will be responsible for the 2nd line governance and oversight of information security and digital risks (technology, information, and cyber) within the OCBC Group. The primary role would be the ISDRM lead to support the Bank of Singapore (BOS) entity and its subsidiaries as well as group-wide responsibilities on thematic and risk assurance reviews.

What You Do
  • Drive or support risk governance and oversight activities and provide effective challenge to strengthen the effectiveness of technology, information or cyber risk in Group, such as risk mitigation programs.
  • Plan and conduct 2nd line thematic reviews and risk assurance reviews in emerging risks arising from technology, information and cyber domains.
  • Perform regular risk monitoring and management reporting on risk posture to management and Board of Directors.
  • Drive or support the formulation and regular update of related Framework and supporting Policies to incorporate applicable industry leading practices and regulatory expectations.
  • Drive or support the review and enhancement of controls for existing banking services against emerging technology, information and cyber risks.
  • Provide risk advisory service, including recommendation of risk mitigation options, on technology, information and cyber risks associated with new banking services, fintech initiatives, outsourcing-related arrangements, regulatory and legal guidelines.
  • Support bank-wide initiatives to facilitate management of applicable legal & regulatory requirements (e.g., Cybersecurity Act, MAS Technology Risk Management Guidelines).
  • Keep abreast of new technologies and related risks, industry trends, and regulatory requirements relating to technology, information & cyber security.
Who You Are
  • Degree in Computer Science or equivalent technical degree.
  • Relevant professional certifications (e.g., CISA, CISM or CRISC) would be advantageous.
  • More than 7 years of relevant experience in technology, information or cyber risk management, information security or IT audit within the financial services industry.
  • Proficient in risk management, IT governance, information & cyber security standards.
  • Experienced in leading risk assessments and risk assurance testing.
  • Good knowledge and experience in managing legal and regulatory requirements pertaining to technology, information or cyber risk domains (e.g., Singapore, Malaysia, Hong Kong, China).
  • Good written and communication skills, as well as solution oriented.
  • Ability to interact, engage and influence with stakeholders across all levels.
  • Ability to contribute through others, collaborate well across seniority, cultures and locations.
  • Proactive and able to work well under pressure or tight deadlines.
What We Offer

Competitive base salary. A suite of holistic, flexible benefits to suit every lifestyle. Community initiatives. Industry-leading learning and professional development opportunities. Your wellbeing, growth and aspirations are every bit as cared for as the needs of our customers.

Seniority level
  • Executive
Employment type
  • Full-time
Job function
  • Information Technology
Industries
  • Banking

We're unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

#J-18808-Ljbffr

  • Singapore DBS Bank Full time

    Overview AVP, DevSecOps Engineer, Information Security Services, Group Technology Join to apply for the AVP, DevSecOps Engineer, Information Security Services, Group Technology role at DBS


  • Singapore OCBC Bank Berhad OCBC Al Amin Bank Berhad Full time

    You are about to enter websites controlled or offered by third parties. OCBC hereby disclaims liability for any information, materials, products or services posted or offered at any of these third party web-sites. By creating a link to these third party web-sites, OCBC does not endorse or recommend any products or services offered or information contained on...


  • Singapore OCBC Full time

    AVP, Group Information Security & Digital Risk Management Get AI-powered advice on this job and more exclusive features. Who We Are As Singapore’s longest established


  • Singapore OCBC Bank Berhad OCBC Al Amin Bank Berhad Full time

    You are about to enter websites controlled or offered by third parties. OCBC hereby disclaims liability for any information, materials, products or services posted or offered at any of these third party web-sites. By creating a link to these third party web-sites, OCBC does not endorse or recommend any products or services offered or information contained on...


  • Singapore DBS Bank Full time

    Overview AVP, DevSecOps Engineer, Information Security Services, Group Technology – DBS Bank. Join to apply for the AVP, DevSecOps Engineer, Information Security Services, Group Technology role at DBS Bank. Responsibilities Automate cybersecurity tasks to enhance the efficiency and effectiveness of the defense team, reducing manual intervention Strong...


  • Singapore DBS Bank Full time

    Overview AVP, DevSecOps Engineer, Information Security Services, Group Technology — DBS Bank. Join to apply for the AVP, DevSecOps Engineer, Information Security Services, Group Technology role at DBS Bank. Responsibilities Automate cybersecurity tasks to enhance the efficiency and effectiveness of the defense team, reducing manual intervention Strong...


  • Singapore DBS Bank Full time

    Overview AVP, DevSecOps Engineer, Information Security Services, Group Technology Join to apply for the AVP, DevSecOps Engineer, Information Security Services, Group Technology role at DBS Bank Business Function Group Technology enables and empowers the bank with an efficient, nimble and resilient infrastructure through a strategic focus on productivity,...


  • Singapore DBS Bank Full time

    AVP/Senior Associate, Cybersecurity Engineer - Machine Identity & Automation, Information Security Services, Group Technology Join to apply for the AVP/Senior Associate, Cybersecurity Engineer - Machine Identity & Automation, Information Security Services, Group Technology role at DBS


  • Singapore OCBC Bank Berhad OCBC Al Amin Bank Berhad Full time

    You are about to enter websites controlled or offered by third parties. OCBC hereby disclaims liability for any information, materials, products or services posted or offered at any of these third party web-sites. By creating a link to these third party web-sites, OCBC does not endorse or recommend any products or services offered or information contained on...


  • Singapore OCBC Bank Full time

    **AVP, Group Information Security & Digital Risk Management** **-** **(**25000009**)** **Why Join** The Group Information Security & Digital Risk Management team undertakes a wide range of responsibilities, including risk governance and oversight, risk reporting to senior management and Board, policy formulation, risk assessments, vulnerability management,...