WHO WE ARE:

As Singapore’s longest established bank, we have been dedicated to enabling individuals and businesses to achieve their aspirations since 1932. How? By taking the time to truly understand people. From there, we provide support, services, solutions, and career paths that meet their individual needs and desires.

 Today, we’re on a journey of transformation. Leveraging technology and creativity to become a future-ready learning organisation. But for all that change, our strategic ambition is consistently clear and bold, which is to be Asia’s leading financial services partner for a sustainable future.

 We invite you to build the bank of the future. Innovate the way we deliver financial services. Work in friendly, supportive teams. Build lasting value in your community. Help people grow their assets, business, and investments. Take your learning as far as you can. Or simply enjoy a vibrant, future-ready career.

Your Opportunity Starts Here.

Why Join

Protecting our customers’ assets and information is fundamental to OCBC’s trust and reputation. As an AVP in the Information Security and Digital Risk Management function, you will play a key role in safeguarding the Group’s digital ecosystem and strengthening its resilience against evolving technology and cyber risks.

You will be part of a high‑impact Group Risk Management team that works closely with business and technology stakeholders to anticipate emerging threats, drive risk‑informed decisions, and ensure the integrity and stability of critical systems across the Group.

How you succeed

To succeed in this role, you will combine strong domain knowledge with sound judgement and stakeholder engagement skills. You are expected to stay abreast of emerging technology, information, and cyber risk trends, and translate these into practical risk insights and mitigation strategies.

You will work closely with technology, business, and control functions to identify material risks, challenge existing controls where necessary, and ensure that security policies, standards, and practices remain effective, proportionate, and aligned with business objectives.

What you do

• Data-Driven Risk Management: Drive initiatives that leverage enterprise data platforms to analyse large datasets and derive meaningful risk insights. This includes applying data analytics and visualisation techniques to identify trends, patterns, and emerging risks, as well as partnering with stakeholders to deliver outcomes within agreed timelines. Provide clear, actionable recommendations to support risk‑informed decision‑making.

• Risk Governance and Oversight: Drive or support risk governance activities across the Group, providing effective independent challenge to strengthen the management of technology, information, and cyber risks. This includes contributing to risk mitigation programmes, thematic reviews, and governance forums.

• Risk Monitoring and Reporting: Perform or support ongoing risk monitoring and management reporting on the Group’s technology and cyber risk posture. Analyse and interpret risk data to highlight key issues, trends, and areas of concern for senior management and relevant committees.

• Control Review and Enhancement: Lead and support reviews of controls for existing and emerging banking services, assessing their adequacy against evolving technology, information, and cyber risks. Identify gaps and recommend enhancements to strengthen the Bank’s control environment.

• Regulatory Compliance: Lead and support bank‑wide initiatives to facilitate compliance with applicable legal and regulatory requirements, including but not limited to the Cybersecurity Act and MAS Technology Risk Management Guidelines. Engage stakeholders to ensure regulatory expectations are understood and appropriately implemented.

Who you are

• Degree in Information Security or a related technical discipline.

• Relevant professional certifications (e.g. CISA, CISM, CRISC) are advantageous.

• More than 7 years of relevant experience in technology, information or cyber risk management, or information security, preferably within the financial services industry.

• Familiarity with machine learning and AI applications in risk management.

• Proficiency in data analytics tools and visualisation techniques (e.g., SQL, Python, PowerBI); experience with big data platforms (e.g., Hadoop) is advantageous.

• Strong working knowledge of MAS Technology Risk Management Guidelines or other regional regulatory frameworks.

• Strong written and verbal communication skills, with the ability to articulate risk issues clearly and constructively. 

• Ability to lead and drive initiatives, influence through others, and collaborate effectively across seniority levels, cultures, and locations.

• Proactive, resilient, and able to perform under pressure and tight timelines.

What we offer:

Competitive base salary. A suite of holistic, flexible benefits to suit every lifestyle. Community initiatives. Industry-leading learning and professional development opportunities. Your wellbeing, growth and aspirations are every bit as cared for as the needs of our customers.