AVP, Group Information Security & Digital Risk Management - OCBC

As Singapore's longest established bank, we have been dedicated to enabling individuals and businesses to achieve their aspirations since 1932. How? By taking the time to truly understand people. From there, we provide support, services, solutions, and career paths that meet their individual needs and desires.

Today, we're on a journey of transformation. Leveraging technology and creativity to become a future-ready learning organisation. But for all that change, our strategic ambition is consistently clear and bold, which is to be Asia's leading financial services partner for a sustainable future.

We invite you to build the bank of the future. Innovate the way we deliver financial services. Work in friendly, supportive teams. Build lasting value in your community. Help people grow their assets, business, and investments. Take your learning as far as you can. Or simply enjoy a vibrant, future-ready career.

Your Opportunity Starts Here.

You'll be part of a team that's passionate about staying ahead of emerging threats and risks.

The primary role would be the ISDRM lead to support the Bank of Singapore (BOS) entity and its subsidiaries as well as group-wide responsibilities on thematic and risk assurance reviews.

• Drive or support risk governance and oversight activities and provide effective challenge to strengthen the effectiveness of technology, information or cyber risk in Group, such as risk mitigation programs.
• Plan and conduct 2nd line thematic reviews and risk assurance reviews in emerging risks arising from technology, information and cyber domains.
• Perform regular risk monitoring and management reporting on risk posture to management and Board of Directors.
• Drive or support the formulation and regular update of related Framework and supporting Policies to incorporate applicable industry leading practices and regulatory expectations.
• Drive or support the review and enhancement of controls for existing banking services against emerging technology, information and cyber risks.
• Provide risk advisory service, including recommendation of risk mitigation options, on technology, information and cyber risks associated with new banking services, fintech initiatives, outsourcing-related arrangements, regulatory and legal guidelines.
• Support bank-wide initiatives to facilitate management of applicable legal & regulatory requirements (e.g., Cybersecurity Act, MAS Technology Risk Management Guidelines).
• Keep abreast of new technologies and related risks, industry trends, and regulatory requirements relating to technology, information & cyber security.

• Degree in Computer Science or equivalent technical degree.
• Relevant professional certifications (e.g., CISA, CISM or CRISC) would be advantageous.
• More than 7 years of relevant experience in technology, information or cyber risk management, information security or IT audit within the financial services industry.
• Proficient in risk management, IT governance, information & cyber security standards.
• Experienced in leading risk assessments and risk assurance testing.
• Good knowledge and experience in managing legal and regulatory requirements pertaining to technology, information or cyber risk domains (e.g., Singapore, Malaysia, Hong Kong, China).
• Good written and communication skills, as well as solution oriented.
• Ability to interact, engage and influence with stakeholders across all levels.
• Ability to contribute through others, collaborate well across seniority, cultures and locations.
• Proactive and able to work well under pressure or tight deadlines.

Competitive base salary. A suite of holistic, flexible benefits to suit every lifestyle. Community initiatives. Industry-leading learning and professional development opportunities. Your wellbeing, growth and aspirations are every bit as cared for as the needs of our customers.