Overview

Technology Information Security Office (TISO)

Project & Infrastructure Security Specialist  (240001VH)

Description

 

As a project & infrastructure security specialist, the candidate is responsible to conduct cybersecurity assessment on the Bank’s application or infrastructure according to the Bank’s established information security policy and standards. The candidate will also be involved in project engagements, working closely with project manager and users, offering guidance and clarification on the Bank’s information security policy and standards.

Description

  1. Review and enforce information security policy, standards and guidelines for IT business application and infrastructure projects.
  2. Identify IT security risks including IT business application and infrastructure projects.
  3. Conduct security assessments for business application, infrastructure projects and third-party service providers.
  4. Undertake new security projects to improve the security controls, efficiency and ease of use.
  5. Perform process re-engineering and efficiency improvement for the team.
  6. Participate in review committees and agile squads as a subject matter expert in cybersecurity.

 

Qualifications

 

  • Degree in Computer Science, Cyber Security or equivalent.
  • Certified Information Systems Security Professional, Certified Information Systems Auditor or Certified Risk and Information System Control, Certified Cloud Security Professional, will be desired.
  • Minimally 2-6 years working exposure in Security, IT Audit, or IT Risk exposures.
  • Independent and able to perform tasks with minimum supervision.
  • Excellent communication and interpersonal skills with good command of English.
  • Have a very strong commitment to personal development and drive to develop himself / herself technically and professionally.
  • Knowledgeable in IT controls, application security and risk management methodology.
  • Competent in conducting infrastructure, application, and third-party security risk assessment.
  • Familiarity in Digital Banking and FinTech solutions will be an advantage.
  • Has in-depth knowledge of information security risks, concepts of new technologies, such as blockchain, cloud, mobile payment, AI/ML, etc.
  • Knowledgeable with cryptographic algorithm/functions and key management.
  • Knowledgeable in compliance with MAS TRM, ABS, BNM, HKMA, CBIRC, etc guidelines and regulatory notices.
  • Knowledgeable in application penetration testing methodologies, such as OWASP will be an advantage.
  • Knowledgeable with application development experience and programming/coding will be an advantage.

 

Primary Location

: Singapore

Job

: Information Technology

Organization

: Technology Information Security Office (TISO)

Schedule

: Permanent

: Full-time

Job Posting

: 31-Dec-2024, 5:44:38 AM

Tagged as:

About OCBC Bank

OCBC is the longest established Singapore bank, formed in 1932 from the merger of three local banks, the oldest of which was founded in 1912. It is now the second largest financial services group in Southeast Asia by assets and one of the world’s most highly-rated banks, with an Aa1 rating from Moody’s. Recognised for its financial strength and stability, OCBC is consistently ranked among the World’s Top 50 Safest Banks by Global Finance and has been named Best Managed Bank in Singapore by The Asian Banker.

OCBC and its subsidiaries offer a broad array of commercial banking, specialist financial and wealth management services, ranging from consumer, corporate, investment, private and transaction banking to treasury, insurance, asset management and stockbroking services.

OCBC’s key markets are Singapore, Malaysia, Indonesia and Greater China. It has more than 570 branches and representative offices in 19 countries and regions. These include about 300 branches and offices in Indonesia under subsidiary Bank OCBC NISP, and over 90 branches and offices in Mainland China, Hong Kong SAR and Macau SAR under OCBC Wing Hang.

OCBC’s private banking services are provided by its wholly-owned subsidiary Bank of Singapore, which operates on a unique open-architecture product platform to source for the best-in-class products to meet its clients’ goals.

OCBC's insurance subsidiary, Great Eastern Holdings, is the oldest and most established life insurance group in Singapore and Malaysia. Its asset management subsidiary, Lion Global Investors, is one of the largest private sector asset management companies in Southeast Asia.