Overview

Technology Information Security Office (TISO)

AVP, Third-party & Internal Cyber Evaluation, TISO  (250000CS)

Description

 

Why Join

 As a seasoned cybersecurity expert, you’ll join our team at OCBC, one of the world’s most highly rated banks, known for strength and stability. In this role, you’ll have the opportunity to make a significant impact on the bank’s cybersecurity posture, working closely with business units and third-party service providers to identify and mitigate security risks.

How you succeed 

To excel in this role, you’ll need to stay ahead of the ever-evolving threat landscape, leveraging your expertise to assess and mitigate security risks associated with new product offerings, third-party service providers, and internal systems. You’ll collaborate with team members, business units, and stakeholders to ensure the bank’s cybersecurity posture remains robust and effective.

What you do 

  • Your day-to-day responsibilities will include:
  • Conducting cybersecurity assessments of third-party service providers and internal systems
  • Evaluating technology security implications and risks associated with new product offerings
  • Collaborating with business units and the Third-Party Risk Management (TPRM) team to identify and mitigate security risks
  • Developing and maintaining assessment questionnaires and procedures
  • Providing recommendations to improve the effectiveness of cybersecurity processes and programs
  • Reviewing and enforcing technology security standards for IT business applications and infrastructure projects
  • Conducting security assessments for business applications, infrastructure projects, and third-party service providers
  • Undertaking new security projects aimed at enhancing security controls, improving efficiency, and ensuring user-friendliness
  • Implement process re-engineering initiatives to improve team efficiency.
  • Participate in review committees and agile squads as a cybersecurity subject matter expert.

 Who you work with

Group Technology & Operations (T&O) co-creates products and solutions, building the underlying technology applications and services, and managing the Group’s IT operations & cyber defence. You’ll be part of a dynamic team that drives innovation and pushes boundaries, with a focus on delivering exceptional customer experiences.

 

Qualifications

 

Who you are

  • A degree holder in IT, Computing, Cyber Security, or Computer Studies, or equivalent experience in IT Security, Controls, and Risk Management 
  • At least 5 years of experience in Security, IT Audit, or IT Risk, with prior experience in information technology/security audit/assessment preferred
  • Strong cybersecurity knowledge and understanding of banking industry’s technology security policies and standards, as well as regulatory and industry trends
  • Familiarity with industry standards and regulations such as MAS Notice 658, MAS Cyber Hygiene, MAS TRM, OSPAR, ISO 27001, SOC 2 Type II, PCI-DSS, NIST, etc.
  • Excellent written and verbal communication and interpersonal skills, with the ability to effectively communicate security risks with non-technical stakeholders
  • Strong presentation skills to develop and deliver training content for Service Owners
  • Ability to leverage attention to detail and analytical skills to identify risks and provide recommendations and remediation options to the business
  • Ability to multi-task and work independently with minimal supervision, as well as collaboratively as part of an assessment team
  • Certifications such as CISSP, CCSP, CISA, or CRISC are preferred, with knowledge of application penetration testing methodologies, such as OWASP, and familiarity with Digital Banking and FinTech solutions being advantageous

Who we are 

Singapore’s longest established bank, we’ve been helping people and businesses get what they want from life since 1932. How? By taking the time to truly understand people. From there, we provide support, services, solutions, and career paths that meet their individual needs and desires. Today, we’re on a journey of transformation. Embracing technology and creativity to become a future-ready learning organisation. But for all that change, our purpose remains: to enable people and communities to realise their aspirations.

What we offer

Competitive base salary. A suite of holistic, flexible benefits to suit every lifestyle. Community initiatives. Industry-leading learning and professional development opportunities. Equal opportunity. Fair employment. Selection based on ability and fit with our culture and values. Your wellbeing, growth, and aspirations are every bit as cared for as the needs of our customers.

 

Primary Location

: Singapore

Job

: Information Technology

Organization

: Technology Information Security Office (TISO)

Schedule

: Permanent

: Full-time

Job Posting

: 11-Mar-2025, 7:01:15 AM

Tagged as:

About OCBC Bank

OCBC is the longest established Singapore bank, formed in 1932 from the merger of three local banks, the oldest of which was founded in 1912. It is now the second largest financial services group in Southeast Asia by assets and one of the world’s most highly-rated banks, with an Aa1 rating from Moody’s. Recognised for its financial strength and stability, OCBC is consistently ranked among the World’s Top 50 Safest Banks by Global Finance and has been named Best Managed Bank in Singapore by The Asian Banker.

OCBC and its subsidiaries offer a broad array of commercial banking, specialist financial and wealth management services, ranging from consumer, corporate, investment, private and transaction banking to treasury, insurance, asset management and stockbroking services.

OCBC’s key markets are Singapore, Malaysia, Indonesia and Greater China. It has more than 570 branches and representative offices in 19 countries and regions. These include about 300 branches and offices in Indonesia under subsidiary Bank OCBC NISP, and over 90 branches and offices in Mainland China, Hong Kong SAR and Macau SAR under OCBC Wing Hang.

OCBC’s private banking services are provided by its wholly-owned subsidiary Bank of Singapore, which operates on a unique open-architecture product platform to source for the best-in-class products to meet its clients’ goals.

OCBC's insurance subsidiary, Great Eastern Holdings, is the oldest and most established life insurance group in Singapore and Malaysia. Its asset management subsidiary, Lion Global Investors, is one of the largest private sector asset management companies in Southeast Asia.