Overview
Technology Information Security Office (TISO)
Description
Why Join
How you succeed
To excel in this role, you’ll need to stay ahead of the ever-evolving threat landscape, leveraging your expertise to assess and mitigate security risks associated with new product offerings, third-party service providers, and internal systems. You’ll collaborate with team members, business units, and stakeholders to ensure the bank’s cybersecurity posture remains robust and effective.
What you do
- Your day-to-day responsibilities will include:
- Conducting cybersecurity assessments of third-party service providers and internal systems
- Evaluating technology security implications and risks associated with new product offerings
- Collaborating with business units and the Third-Party Risk Management (TPRM) team to identify and mitigate security risks
- Developing and maintaining assessment questionnaires and procedures
- Providing recommendations to improve the effectiveness of cybersecurity processes and programs
- Reviewing and enforcing technology security standards for IT business applications and infrastructure projects
- Conducting security assessments for business applications, infrastructure projects, and third-party service providers
- Undertaking new security projects aimed at enhancing security controls, improving efficiency, and ensuring user-friendliness
- Implement process re-engineering initiatives to improve team efficiency.
- Participate in review committees and agile squads as a cybersecurity subject matter expert.
Group Technology & Operations (T&O) co-creates products and solutions, building the underlying technology applications and services, and managing the Group’s IT operations & cyber defence. You’ll be part of a dynamic team that drives innovation and pushes boundaries, with a focus on delivering exceptional customer experiences.
Qualifications
Who you are
- A degree holder in IT, Computing, Cyber Security, or Computer Studies, or equivalent experience in IT Security, Controls, and Risk Management
- At least 5 years of experience in Security, IT Audit, or IT Risk, with prior experience in information technology/security audit/assessment preferred
- Strong cybersecurity knowledge and understanding of banking industry’s technology security policies and standards, as well as regulatory and industry trends
- Familiarity with industry standards and regulations such as MAS Notice 658, MAS Cyber Hygiene, MAS TRM, OSPAR, ISO 27001, SOC 2 Type II, PCI-DSS, NIST, etc.
- Excellent written and verbal communication and interpersonal skills, with the ability to effectively communicate security risks with non-technical stakeholders
- Strong presentation skills to develop and deliver training content for Service Owners
- Ability to leverage attention to detail and analytical skills to identify risks and provide recommendations and remediation options to the business
- Ability to multi-task and work independently with minimal supervision, as well as collaboratively as part of an assessment team
- Certifications such as CISSP, CCSP, CISA, or CRISC are preferred, with knowledge of application penetration testing methodologies, such as OWASP, and familiarity with Digital Banking and FinTech solutions being advantageous
Who we are
Singapore’s longest established bank, we’ve been helping people and businesses get what they want from life since 1932. How? By taking the time to truly understand people. From there, we provide support, services, solutions, and career paths that meet their individual needs and desires. Today, we’re on a journey of transformation. Embracing technology and creativity to become a future-ready learning organisation. But for all that change, our purpose remains: to enable people and communities to realise their aspirations.
What we offer
Competitive base salary. A suite of holistic, flexible benefits to suit every lifestyle. Community initiatives. Industry-leading learning and professional development opportunities. Equal opportunity. Fair employment. Selection based on ability and fit with our culture and values. Your wellbeing, growth, and aspirations are every bit as cared for as the needs of our customers.
Primary Location
: Singapore
Job
: Information Technology
Organization
: Technology Information Security Office (TISO)
Schedule
: Permanent
Job Posting
: 11-Mar-2025, 7:01:15 AM
About OCBC Bank
OCBC is the longest established Singapore bank, formed in 1932 from the merger of three local banks, the oldest of which was founded in 1912. It is now the second largest financial services group in Southeast Asia by assets and one of the world’s most highly-rated banks, with an Aa1 rating from Moody’s. Recognised for its financial strength and stability, OCBC is consistently ranked among the World’s Top 50 Safest Banks by Global Finance and has been named Best Managed Bank in Singapore by The Asian Banker.
OCBC and its subsidiaries offer a broad array of commercial banking, specialist financial and wealth management services, ranging from consumer, corporate, investment, private and transaction banking to treasury, insurance, asset management and stockbroking services.
OCBC’s key markets are Singapore, Malaysia, Indonesia and Greater China. It has more than 570 branches and representative offices in 19 countries and regions. These include about 300 branches and offices in Indonesia under subsidiary Bank OCBC NISP, and over 90 branches and offices in Mainland China, Hong Kong SAR and Macau SAR under OCBC Wing Hang.
OCBC’s private banking services are provided by its wholly-owned subsidiary Bank of Singapore, which operates on a unique open-architecture product platform to source for the best-in-class products to meet its clients’ goals.
OCBC's insurance subsidiary, Great Eastern Holdings, is the oldest and most established life insurance group in Singapore and Malaysia. Its asset management subsidiary, Lion Global Investors, is one of the largest private sector asset management companies in Southeast Asia.
