AVP, Group Information Security

AVP, Group Information Security & Digital Risk Management

Get AI-powered advice on this job and more exclusive features.

Who We Are

As Singapore's longest established bank, we have been dedicated to enabling individuals and businesses to achieve their aspirations since 1932. We understand people and provide support, services, solutions, and career paths that meet individual needs. Today, we're on a journey of transformation, leveraging technology and creativity to become a future-ready learning organisation with the strategic ambition to be Asia's leading financial services partner for a sustainable future. Build the bank of the future, innovate the way we deliver financial services, and enjoy a vibrant, future-ready career.

Your Opportunity Starts Here Why Join

Protecting our customers\' assets and information is at the heart of what we do at OCBC. As an Information Security and Digital Risk Management Specialist, you\'ll play a critical role in safeguarding our digital landscape and ensuring the integrity of our systems. You\'ll be part of a team that stays ahead of emerging threats and risks.

How You Succeed

As the AVP of Information Security and Digital Risk Management (ISDRM), you will be responsible for the 2nd line governance and oversight of information security and digital risks (technology, information, and cyber) within the OCBC Group. The primary role would be the ISDRM lead to support the Bank of Singapore (BOS) entity and its subsidiaries as well as group-wide responsibilities on thematic and risk assurance reviews.

What You Do

• Drive or support risk governance and oversight activities and provide effective challenge to strengthen the effectiveness of technology, information or cyber risk in Group, such as risk mitigation programs.
• Plan and conduct 2nd line thematic reviews and risk assurance reviews in emerging risks arising from technology, information and cyber domains.
• Perform regular risk monitoring and management reporting on risk posture to management and Board of Directors.
• Drive or support the formulation and regular update of related Framework and supporting Policies to incorporate applicable industry leading practices and regulatory expectations.
• Drive or support the review and enhancement of controls for existing banking services against emerging technology, information and cyber risks.
• Provide risk advisory service, including recommendation of risk mitigation options, on technology, information and cyber risks associated with new banking services, fintech initiatives, outsourcing-related arrangements, regulatory and legal guidelines.
• Support bank-wide initiatives to facilitate management of applicable legal & regulatory requirements (e.g., Cybersecurity Act, MAS Technology Risk Management Guidelines).
• Keep abreast of new technologies and related risks, industry trends, and regulatory requirements relating to technology, information & cyber security.

Who You Are

• Degree in Computer Science or equivalent technical degree.
• Relevant professional certifications (e.g., CISA, CISM or CRISC) would be advantageous.
• More than 7 years of relevant experience in technology, information or cyber risk management, information security or IT audit within the financial services industry.
• Proficient in risk management, IT governance, information & cyber security standards.
• Experienced in leading risk assessments and risk assurance testing.
• Good knowledge and experience in managing legal and regulatory requirements pertaining to technology, information or cyber risk domains (e.g., Singapore, Malaysia, Hong Kong, China).
• Good written and communication skills, as well as solution oriented.
• Ability to interact, engage and influence with stakeholders across all levels.
• Ability to contribute through others, collaborate well across seniority, cultures and locations.
• Proactive and able to work well under pressure or tight deadlines.

What We Offer

Competitive base salary. A suite of holistic, flexible benefits to suit every lifestyle. Community initiatives. Industry-leading learning and professional development opportunities. Your wellbeing, growth and aspirations are every bit as cared for as the needs of our customers.

Seniority level

• Executive

Employment type

• Full-time

Job function

• Information Technology

Industries

• Banking

We're unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

#J-18808-Ljbffr

---