AVP, Cyber Security Engineer, Information Security Services, Group Technology - Singapore River

The bank has also been named “Safest Bank in Asia” by Global Finance for seven consecutive years from 2009 to 2015.

Business Function

Group Technology enables and empowers the bank with an efficient, nimble and resilient infrastructure through a strategic focus on productivity, quality & control, technology, people capability and innovation. In Group Technology, we manage the majority of the Bank's operational processes and inspire to delight our business partners through our multiple banking delivery channels.

• Develop and maintain a comprehensive cybersecurity risk governance framework aligned with international standards such as ISO, NIST, and COBIT. This framework should be periodically reviewed and updated to ensure adequacy.
• Conduct regular risk assessments to identify and analyze cybersecurity threats and vulnerabilities across all systems, applications, and business units.
• Develop and implement risk mitigation strategies, including security controls, to address identified risks.
• Monitor and analyze logs relating to potential cybersecurity threats or incidents.
• Oversee the implementation and effectiveness of cybersecurity training programs.
• Provide risk oversight and monitoring through independent reviews and objective assessments. This includes establishing monitoring processes.
• Collaborate with other departments and business units to ensure alignment on cybersecurity risk management practices.
• Stay abreast of emerging cybersecurity threats, vulnerabilities, and regulatory requirements.
• Assist in the interpretation of cybersecurity and technology-related legislation.
• Participate in cybersecurity exercises to ensure the continued relevance and efficacy of the organization’s response capabilities.
• Document and review the components of cybersecurity operations to ensure potential risks are considered.
• Ensure that all areas of cybersecurity are reviewed and covered comprehensively.

• Bachelor's degree in computer science, information security, or a related field. A relevant industry certification (e.g., CISSP, CISM, CRISC) is highly desirable.
• Minimum of 5-7 years of experience in cybersecurity risk management.
• Strong understanding of cybersecurity frameworks, standards, and best practices (e.g., ISO 27001, NIST Cybersecurity Framework, COBIT).
• Proven experience in conducting risk assessments, developing risk mitigation strategies, and implementing security controls.
• Experience with regulatory compliance requirements related to cybersecurity.
• Excellent communication, interpersonal, and presentation skills.

Apply Now

We offer a competitive salary and benefits package and the professional advantages of a dynamic environment that supports your development and recognises your achievements.