166 Digital Security jobs in Singapore

We are seeking a skilled Cybersecurity Penetration Tester to join our team. As a penetration tester, you will be responsible for simulating attacks on systems, networks, and applications to identify security vulnerabilities.

Key Responsibilities:

• Conduct thorough security assessments to identify potential entry points and weaknesses in our systems.
• Develop and execute customized penetration testing methodologies tailored to our specific environment.
• Compile detailed reports outlining findings and provide actionable recommendations for remediation.
• Collaborate with our IT and security teams to enhance defenses and address identified vulnerabilities.
• Stay current with emerging threats, tools, and techniques in cybersecurity.

Required Skills & Qualifications:

• Strong understanding of network protocols, operating systems (Linux, Windows), and web technologies.
• Proficiency with industry-standard tools like Metasploit, Burp Suite, Nmap, Nessus, and Wireshark.
• Experience with scripting languages (Python, Bash, PowerShell) for automation and efficient workflow.
• Familiarity with compliance standards (e.g., PCI-DSS, ISO 27001, HIPAA) is essential.
• Excellent analytical, problem-solving, and report-writing skills are required.
• Certifications such as CEH, OSCP, or CREST are highly valued in this field.
• Bachelor's degree in Computer Science, Cybersecurity, or related field (or equivalent experience).

Benefits:

We offer a dynamic work environment that fosters growth, innovation, and collaboration. Our team members enjoy opportunities for professional development, recognition, and rewards.

Ongoing Opportunities:

We encourage our employees to stay updated with the latest industry trends, participate in conferences, and contribute to research projects. Our goal is to create a culture that supports continuous learning and career advancement.

We are seeking a skilled Cyber Security Analyst to safeguard our digital infrastructure. This role involves monitoring, detecting and responding to security threats while optimizing our SIEM platform. The ideal candidate should have strong analytical skills, experience with cybersecurity tools and knowledge of threat detection and incident response processes.

Key Responsibilities:

• Monitoring systems and networks for suspicious activity and potential security breaches.
• Investigating alerts from SIEM and other security tools to identify and respond to incidents such as phishing, malware and unauthorized access.
• Conducting root cause analysis and developing incident response plans and playbooks.
• Maintaining detailed documentation of security incidents and response actions.
• Administering, fine-tuning and enhancing the organization's SIEM system to ensure effective threat detection.
• Creating and managing detection rules, correlation logic, alerts, dashboards and reports.
• Improving SIEM content to align with evolving threats and business needs.
• Ensuring accurate log collection and system performance monitoring.
• Performing regular vulnerability scans and assisting IT teams in prioritizing and addressing security issues.
• Supporting risk assessments and recommending appropriate security controls and mitigation strategies.
• Tracking and documenting vulnerabilities, risks and remediation efforts.
• Maintaining compliance with regulations such as ISO 27001, GDPR and internal security policies.
• Contributing to the development and documentation of security standards and procedures.
• Supporting audit processes and maintaining records for regulatory reviews.
• Helping design and deliver staff training on cybersecurity best practices, including phishing prevention and data handling.
• Contributing to internal awareness campaigns and materials to promote a security-first mindset.
• Assisting with the administration of other security tools (firewalls, antivirus, IDPS).
• Performing first-level troubleshooting for servers, logs and endpoint security tools.
• Generating regular reports on security posture, metrics and incident trends.

About our company

We are a global leader in digital engineering and Smart Industry. Our clients rely on us to advance in their digital transformation with services that cover Talent, Academy, Consulting, and Solutions.

We combine cutting-edge technologies, research and development, and deep sector expertise for innovative solutions.

Our team delivers cross-sector expertise across 30 countries in North America, EMEA and APAC.

Main Responsibilities:

• Understand security requirements and provide support for IT Security work packages in bids and projects
• Provide security consultancy to internal teams on their project's/business opportunity's security needs
• Perform security risk assessment for projects and systems and recommend appropriate mitigation measures
• Act as the technical point of contact on security matters for customers, responding to their queries and providing appropriate solutions
• Work with internal and external teams to successfully implement proposed security solutions such as host-based endpoint protection, network firewalls, SIEM, 2FA
• Perform security audit or review of a system to highlight gaps in security compliance
• Support projects' service teams in daily operations for security such as firewall administration, OS patching, and managing security incidents

Requirements:

• Degree in Information Technology / Computer Science or equivalent
• Minimum five years' experience in the IT Security domain
• Minimum 5 years of working experience in at least 2 of the following domains: Application security, Network security, System security, Data security, Cloud security
• Experience in securing large and critical systems is an added advantage
• Ability to work alone and in a team
• Good communicator and able to build mutually beneficial relationships with customers, partners and internal teams
• Used to working in international teams (fluent English, intercultural skills)
• Readiness to work under time pressure and be able to adapt quickly to project demands

Technical Skills:

• Firewalls, IDS/IPS, AV, IAM, or PIM preferred
• Strong knowledge of TCP/IP and network protocols, mobile technologies or virtualization will be advantageous
• Able to write simple shell scripts or Python/Perl scripts for security administration tasks
• Experience in secure system will be advantageous
• Good knowledge/experience in major Security Standards and Guidelines: ISO 27001, NIST, Common Criteria, IEC 62443

You are about to enter websites controlled or offered by third parties. OCBC hereby disclaims liability for any information, materials, products or services posted or offered at any of these third party web-sites. By creating a link to these third party web-sites, OCBC does not endorse or recommend any products or services offered or information contained on those web-sites or information fed by these third parties nor is OCBC liable for any failure of products or services offered or advertised at any of these third party web-sites. OCBC Group shall in no event be liable for any damages, loss or expense including without limitation, direct, indirect, special, or consequential damage, or economic loss arising from or in connection with any use of or access to any other website linked to this website, any system, server or connection failure, error, omission, interruption, delay in transmission, or computer virus and any services, products, information, data, software or other material obtained from this website or from any other website linked to this website. Any hyperlinks to any other websites are not an endorsement or verification of such websites and such websites should only be accessed at the user’s own risks. This exclusion clause shall take effect to the fullest extent permitted by law.

You further consent to Oversea-Chinese Banking Corporation Limited, its related corporations (collectively, the "OCBC Group"), and their respective business partners and agents (collectively, the “OCBC Representatives”) collecting, using and disclosing your personal data for purposes reasonably required by the OCBC Group and the OCBC Representatives to enable them to process your employment application and assess your suitability for the position which you are applying for. Such purposes are set out in a Data Protection Policy, which is accessible at or available on request and which you confirm you have read and understood.

MGR, Group Information Security & Digital Risk Management page is loadedMGR, Group Information Security & Digital Risk Management Apply remote type Hybrid locations OCBC Singapore time type Full time posted on Posted 7 Days Ago job requisition id JR0002047WHO WE ARE:

As Singapore’s longest established bank, we have been dedicated to enabling individuals and businesses to achieve their aspirations since 1932. How? By taking the time to truly understand people. From there, we provide support, services, solutions, and career paths that meet their individual needs and desires.

Today, we’re on a journey of transformation. Leveraging technology and creativity to become a future-ready learning organisation. But for all that change, our strategic ambition is consistently clear and bold, which is to be Asia’s leading financial services partner for a sustainable future.

We invite you to build the bank of the future. Innovate the way we deliver financial services. Work in friendly, supportive teams. Build lasting value in your community. Help people grow their assets, business, and investments. Take your learning as far as you can. Or simply enjoy a vibrant, future-ready career.

Your Opportunity Starts Here.

Protecting our customers' assets and information is at the heart of what we do at OCBC. As a Manager in the Information Security and Digital Risk Management function, you'll play a critical role in safeguarding our digital landscape and ensuring the integrity of our systems. You'll be part of a team that's passionate about staying ahead of emerging threats and risks.

To succeed in this role, you'll need to stay up to date with the latest security threats and trends. You'll work closely with our technology teams to identify and mitigate risks and develop strategies to protect our digital assets. You'll also need to collaborate with stakeholders across the bank to ensure that our security policies and procedures are effective and aligned with our business goals.

• Data-Driven Risk Management : Drive projects and initiatives that leverage big data platforms to analyse large datasets and derive risk insights, using data analytics tools and visualization techniques. This includes partnering with key stakeholders to ensure timelines are met, with regular tracking and update of project status, as well as providing actionable recommendations to achieve planned outcome.

• Risk Governance and Oversight : Drive or support risk governance activities and provide effective challenge to strengthen the effectiveness of technology, information or cyber risk in Group, such as risk mitigation programs.

• Risk Monitoring and Reporting : Perform or support regular risk monitoring and management reporting on risk posture to senior management. This includes deriving insights from analysing and interpreting large datasets to identify patterns and trends.

• Control Review and Enhancement : Support the review and enhancement of controls for existing banking services against emerging technology, information and cyber risks.

• Regulatory Compliance : Support bank-wide initiatives to facilitate management of applicable legal & regulatory requirements (e.g., Cybersecurity Act, MAS Technology Risk Management Guidelines).

• Degree in Computer Science or equivalent technical degree.

• Junior level role: 3-5 years of relevant experience in technology, information or cyber risk management, information security or IT audit within the financial services industry.

• Strong data engineering skills as well as proficient in data analytics tools and visualisation techniques (e.g., SQL, Python, PowerBI), with experience in big data platforms (e.g., Hadoop) would be highly advantageous.

• Familiar with machine learning and AI applications in risk management.

• Proficient knowledge of technology risk management guidelines from MAS or any regional regulators.

• Good written and communication skills, as well as solution oriented.

• Ability to contribute through others, collaborate well across seniority, cultures, and locations.

• Proactive and able to work well under pressure or tight deadlines.

Competitive base salary. A suite of holistic, flexible benefits to suit every lifestyle. Community initiatives. Industry-leading learning and professional development opportunities. Your wellbeing, growth and aspirations are every bit as cared for as the needs of our customers.

You are about to enter websites controlled or offered by third parties. OCBC hereby disclaims liability for any information, materials, products or services posted or offered at any of these third party web-sites. By creating a link to these third party web-sites, OCBC does not endorse or recommend any products or services offered or information contained on those web-sites or information fed by these third parties nor is OCBC liable for any failure of products or services offered or advertised at any of these third party web-sites. OCBC Group shall in no event be liable for any damages, loss or expense including without limitation, direct, indirect, special, or consequential damage, or economic loss arising from or in connection with any use of or access to any other website linked to this website, any system, server or connection failure, error, omission, interruption, delay in transmission, or computer virus and any services, products, information, data, software or other material obtained from this website or from any other website linked to this website. Any hyperlinks to any other websites are not an endorsement or verification of such websites and such websites should only be accessed at the user’s own risks. This exclusion clause shall take effect to the fullest extent permitted by law.

You further consent to Oversea-Chinese Banking Corporation Limited, its related corporations (collectively, the "OCBC Group"), and their respective business partners and agents (collectively, the “OCBC Representatives”) collecting, using and disclosing your personal data for purposes reasonably required by the OCBC Group and the OCBC Representatives to enable them to process your employment application and assess your suitability for the position which you are applying for. Such purposes are set out in a Data Protection Policy, which is accessible at or available on request and which you confirm you have read and understood.

AVP, Group Information Security & Digital Risk Management page is loadedAVP, Group Information Security & Digital Risk Management Apply remote type Hybrid locations OCBC Singapore time type Full time posted on Posted Yesterday job requisition id JR0002158WHO WE ARE:

As Singapore’s longest established bank, we have been dedicated to enabling individuals and businesses to achieve their aspirations since 1932. How? By taking the time to truly understand people. From there, we provide support, services, solutions, and career paths that meet their individual needs and desires.

Today, we’re on a journey of transformation. Leveraging technology and creativity to become a future-ready learning organisation. But for all that change, our strategic ambition is consistently clear and bold, which is to be Asia’s leading financial services partner for a sustainable future.

We invite you to build the bank of the future. Innovate the way we deliver financial services. Work in friendly, supportive teams. Build lasting value in your community. Help people grow their assets, business, and investments. Take your learning as far as you can. Or simply enjoy a vibrant, future-ready career.

Your Opportunity Starts Here.

Protecting our customers' assets and information is at the heart of what we do at OCBC. As an Information Security and Digital Risk Management Specialist, you'll play a critical role in safeguarding our digital landscape and ensuring the integrity of our systems. You'll be part of a team that's passionate about staying ahead of emerging threats and risks.

As the Assistant VP of Information Security and Digital Risk Management (ISDRM), you will be responsible for the 2nd line governance and oversight of information security and digital risks (technology, information, and cyber) within the OCBC Group. The primary role would be the ISDRM lead to support the Bank of Singapore (BOS) entity and its subsidiaries as well as group-wide responsibilities on thematic and risk assurance reviews.

What you do

• Drive or support risk governance and oversight activities and provide effective challenge to strengthen the effectiveness of technology, information or cyber risk in Group, such as risk mitigation programs.

• Plan and conduct 2nd line thematic reviews and risk assurance reviews in emerging risks arising from technology, information and cyber domains.

• Perform regular risk monitoring and management reporting on risk posture to management and Board of Directors.

• Drive or support the formulation and regular update of related Framework and supporting Policies to incorporate applicable industry leading practices and regulatory expectations.

• Drive or support the review and enhancement of controls for existing banking services against emerging technology, information and cyber risks.

• Provide risk advisory service, including recommendation of risk mitigation options, on technology, information and cyber risks associated with new banking services, fintech initiatives, outsourcing-related arrangements, regulatory and legal guidelines.

• Support bank-wide initiatives to facilitate management of applicable legal & regulatory requirements (e.g., Cybersecurity Act, MAS Technology Risk Management Guidelines).

• Keep abreast of new technologies and related risks, industry trends, and regulatory requirements relating to technology, information & cyber security.

• Degree in Computer Science or equivalent technical degree.

• Relevant professional certifications (e.g., CISA, CISM or CRISC) would be advantageous.

• More than 7 years of relevant experience in technology, information or cyber risk management, information security or IT audit within the financial services industry.

• Proficient in risk management, IT governance, information & cyber security standards.

• Experienced in leading risk assessments and risk assurance testing.

• Good knowledge and experience in managing legal and regulatory requirements pertaining to technology, information or cyber risk domains (e.g., Singapore, Malaysia, Hong Kong, China).

• Good written and communication skills, as well as solution oriented.

• Ability to interact, engage and influence with stakeholders across all levels.

• Ability to contribute through others, collaborate well across seniority, cultures and locations.

• Proactive and able to work well under pressure or tight deadlines.

Competitive base salary. A suite of holistic, flexible benefits to suit every lifestyle. Community initiatives. Industry-leading learning and professional development opportunities. Your wellbeing, growth and aspirations are every bit as cared for as the needs of our customers.

If you like wild growth and working with happy, enthusiastic over-achievers, you'll enjoy your career with us!

You are about to enter websites controlled or offered by third parties. OCBC hereby disclaims liability for any information, materials, products or services posted or offered at any of these third party web-sites. By creating a link to these third party web-sites, OCBC does not endorse or recommend any products or services offered or information contained on those web-sites or information fed by these third parties nor is OCBC liable for any failure of products or services offered or advertised at any of these third party web-sites. OCBC Group shall in no event be liable for any damages, loss or expense including without limitation, direct, indirect, special, or consequential damage, or economic loss arising from or in connection with any use of or access to any other website linked to this website, any system, server or connection failure, error, omission, interruption, delay in transmission, or computer virus and any services, products, information, data, software or other material obtained from this website or from any other website linked to this website. Any hyperlinks to any other websites are not an endorsement or verification of such websites and such websites should only be accessed at the user’s own risks. This exclusion clause shall take effect to the fullest extent permitted by law.

You further consent to Oversea-Chinese Banking Corporation Limited, its related corporations (collectively, the "OCBC Group"), and their respective business partners and agents (collectively, the “OCBC Representatives”) collecting, using and disclosing your personal data for purposes reasonably required by the OCBC Group and the OCBC Representatives to enable them to process your employment application and assess your suitability for the position which you are applying for. Such purposes are set out in a Data Protection Policy, which is accessible at or available on request and which you confirm you have read and understood.

AVP, Group Information Security & Digital Risk Management page is loaded

AVP, Group Information Security & Digital Risk Management

WHO WE ARE:

As Singapore’s longest established bank, we have been dedicated to enabling individuals and businesses to achieve their aspirations since 1932. How? By taking the time to truly understand people. From there, we provide support, services, solutions, and career paths that meet their individual needs and desires.

Today, we’re on a journey of transformation. Leveraging technology and creativity to become a future-ready learning organisation. But for all that change, our strategic ambition is consistently clear and bold, which is to be Asia’s leading financial services partner for a sustainable future.

We invite you to build the bank of the future. Innovate the way we deliver financial services. Work in friendly, supportive teams. Build lasting value in your community. Help people grow their assets, business, and investments. Take your learning as far as you can. Or simply enjoy a vibrant, future-ready career.

Your Opportunity Starts Here.

Why Join

Protecting our customers' assets and information is at the heart of what we do at OCBC. As an Information Security and Digital Risk Management Specialist, you'll play a critical role in safeguarding our digital landscape and ensuring the integrity of our systems. You'll be part of a team that's passionate about staying ahead of emerging threats and risks.

How you succeed

As the Assistant VP of Information Security and Digital Risk Management (ISDRM), you will be responsible for the 2nd line governance and oversight of information security and digital risks (technology, information, and cyber) within the OCBC Group. The primary role would be the ISDRM lead to support the Bank of Singapore (BOS) entity and its subsidiaries as well as group-wide responsibilities on thematic and risk assurance reviews.

What you do

• Drive or support risk governance and oversight activities and provide effective challenge to strengthen the effectiveness of technology, information or cyber risk in Group, such as risk mitigation programs.

• Plan and conduct 2nd line thematic reviews and risk assurance reviews in emerging risks arising from technology, information and cyber domains.

• Perform regular risk monitoring and management reporting on risk posture to management and Board of Directors.

• Drive or support the formulation and regular update of related Framework and supporting Policies to incorporate applicable industry leading practices and regulatory expectations.

• Drive or support the review and enhancement of controls for existing banking services against emerging technology, information and cyber risks.

• Provide risk advisory service, including recommendation of risk mitigation options, on technology, information and cyber risks associated with new banking services, fintech initiatives, outsourcing-related arrangements, regulatory and legal guidelines.

• Support bank-wide initiatives to facilitate management of applicable legal & regulatory requirements (e.g., Cybersecurity Act, MAS Technology Risk Management Guidelines).

• Keep abreast of new technologies and related risks, industry trends, and regulatory requirements relating to technology, information & cyber security.

Who you are

• Degree in Computer Science or equivalent technical degree.

• Relevant professional certifications (e.g., CISA, CISM or CRISC) would be advantageous.

• More than 7 years of relevant experience in technology, information or cyber risk management, information security or IT audit within the financial services industry.

• Proficient in risk management, IT governance, information & cyber security standards.

• Experienced in leading risk assessments and risk assurance testing.

• Good knowledge and experience in managing legal and regulatory requirements pertaining to technology, information or cyber risk domains (e.g., Singapore, Malaysia, Hong Kong, China).

• Good written and communication skills, as well as solution oriented.

• Ability to interact, engage and influence with stakeholders across all levels.

• Ability to contribute through others, collaborate well across seniority, cultures and locations.

• Proactive and able to work well under pressure or tight deadlines.

What we offer:

Competitive base salary. A suite of holistic, flexible benefits to suit every lifestyle. Community initiatives. Industry-leading learning and professional development opportunities. Your wellbeing, growth and aspirations are every bit as cared for as the needs of our customers.

If you like wild growth and working with happy, enthusiastic over-achievers, you'll enjoy your career with us!

You are about to enter websites controlled or offered by third parties. OCBC hereby disclaims liability for any information, materials, products or services posted or offered at any of these third party web-sites. By creating a link to these third party web-sites, OCBC does not endorse or recommend any products or services offered or information contained on those web-sites or information fed by these third parties nor is OCBC liable for any failure of products or services offered or advertised at any of these third party web-sites. OCBC Group shall in no event be liable for any damages, loss or expense including without limitation, direct, indirect, special, or consequential damage, or economic loss arising from or in connection with any use of or access to any other website linked to this website, any system, server or connection failure, error, omission, interruption, delay in transmission, or computer virus and any services, products, information, data, software or other material obtained from this website or from any other website linked to this website. Any hyperlinks to any other websites are not an endorsement or verification of such websites and such websites should only be accessed at the user’s own risks. This exclusion clause shall take effect to the fullest extent permitted by law.

You further consent to Oversea-Chinese Banking Corporation Limited, its related corporations (collectively, the "OCBC Group"), and their respective business partners and agents (collectively, the “OCBC Representatives”) collecting, using and disclosing your personal data for purposes reasonably required by the OCBC Group and the OCBC Representatives to enable them to process your employment application and assess your suitability for the position which you are applying for. Such purposes are set out in a Data Protection Policy, which is accessible at or available on request and which you confirm you have read and understood.

MGR, Group Information Security & Digital Risk Management page is loaded

MGR, Group Information Security & Digital Risk Management

WHO WE ARE:

As Singapore’s longest established bank, we have been dedicated to enabling individuals and businesses to achieve their aspirations since 1932. How? By taking the time to truly understand people. From there, we provide support, services, solutions, and career paths that meet their individual needs and desires.

Today, we’re on a journey of transformation. Leveraging technology and creativity to become a future-ready learning organisation. But for all that change, our strategic ambition is consistently clear and bold, which is to be Asia’s leading financial services partner for a sustainable future.

We invite you to build the bank of the future. Innovate the way we deliver financial services. Work in friendly, supportive teams. Build lasting value in your community. Help people grow their assets, business, and investments. Take your learning as far as you can. Or simply enjoy a vibrant, future-ready career.

Your Opportunity Starts Here.

Why join

Protecting our customers' assets and information is at the heart of what we do at OCBC. As a Manager in the Information Security and Digital Risk Management function, you'll play a critical role in safeguarding our digital landscape and ensuring the integrity of our systems. You'll be part of a team that's passionate about staying ahead of emerging threats and risks.

How you succeed

To succeed in this role, you'll need to stay up to date with the latest security threats and trends. You'll work closely with our technology teams to identify and mitigate risks and develop strategies to protect our digital assets. You'll also need to collaborate with stakeholders across the bank to ensure that our security policies and procedures are effective and aligned with our business goals.

What you do

• Data-Driven Risk Management : Drive projects and initiatives that leverage big data platforms to analyse large datasets and derive risk insights, using data analytics tools and visualization techniques. This includes partnering with key stakeholders to ensure timelines are met, with regular tracking and update of project status, as well as providing actionable recommendations to achieve planned outcome.

• Risk Governance and Oversight : Drive or support risk governance activities and provide effective challenge to strengthen the effectiveness of technology, information or cyber risk in Group, such as risk mitigation programs.

• Risk Monitoring and Reporting : Perform or support regular risk monitoring and management reporting on risk posture to senior management. This includes deriving insights from analysing and interpreting large datasets to identify patterns and trends.

• Control Review and Enhancement : Support the review and enhancement of controls for existing banking services against emerging technology, information and cyber risks.

• Regulatory Compliance : Support bank-wide initiatives to facilitate management of applicable legal & regulatory requirements (e.g., Cybersecurity Act, MAS Technology Risk Management Guidelines).

Who you are

• Degree in Computer Science or equivalent technical degree.

• Junior level role: 3-5 years of relevant experience in technology, information or cyber risk management, information security or IT audit within the financial services industry.

• Strong data engineering skills as well as proficient in data analytics tools and visualisation techniques (e.g., SQL, Python, PowerBI), with experience in big data platforms (e.g., Hadoop) would be highly advantageous.

• Familiar with machine learning and AI applications in risk management.

• Proficient knowledge of technology risk management guidelines from MAS or any regional regulators.

• Good written and communication skills, as well as solution oriented.

• Ability to contribute through others, collaborate well across seniority, cultures, and locations.

• Proactive and able to work well under pressure or tight deadlines.

What we offer:

Competitive base salary. A suite of holistic, flexible benefits to suit every lifestyle. Community initiatives. Industry-leading learning and professional development opportunities. Your wellbeing, growth and aspirations are every bit as cared for as the needs of our customers.

Similar Jobs (5)

AVP, Group Information Security & Digital Risk Management

Information Security and Digital Risk Management - MD

Governance & Conduct Risk Management - AVP

You are about to enter websites controlled or offered by third parties. OCBC hereby disclaims liability for any information, materials, products or services posted or offered at any of these third party web-sites. By creating a link to these third party web-sites, OCBC does not endorse or recommend any products or services offered or information contained on those web-sites or information fed by these third parties nor is OCBC liable for any failure of products or services offered or advertised at any of these third party web-sites. OCBC Group shall in no event be liable for any damages, loss or expense including without limitation, direct, indirect, special, or consequential damage, or economic loss arising from or in connection with any use of or access to any other website linked to this website, any system, server or connection failure, error, omission, interruption, delay in transmission, or computer virus and any services, products, information, data, software or other material obtained from this website or from any other website linked to this website. Any hyperlinks to any other websites are not an endorsement or verification of such websites and such websites should only be accessed at the user’s own risks. This exclusion clause shall take effect to the fullest extent permitted by law.
You further consent to Oversea-Chinese Banking Corporation Limited, its related corporations (collectively, the "OCBC Group"), and their respective business partners and agents (collectively, the “OCBC Representatives”) collecting, using and disclosing your personal data for purposes reasonably required by the OCBC Group and the OCBC Representatives to enable them to process your employment application and assess your suitability for the position which you are applying for. Such purposes are set out in a Data Protection Policy, which is accessible at or available on request and which you confirm you have read and understood.
AVP, Group Information Security & Digital Risk Management page is loaded
AVP, Group Information Security & Digital Risk Management Apply remote type Hybrid locations OCBC Singapore time type Full time posted on Posted Yesterday job requisition id JR0002158
WHO WE ARE:
As Singapore’s longest established bank, we have been dedicated to enabling individuals and businesses to achieve their aspirations since 1932. How? By taking the time to truly understand people. From there, we provide support, services, solutions, and career paths that meet their individual needs and desires.
Today, we’re on a journey of transformation. Leveraging technology and creativity to become a future-ready learning organisation. But for all that change, our strategic ambition is consistently clear and bold, which is to be Asia’s leading financial services partner for a sustainable future.
We invite you to build the bank of the future. Innovate the way we deliver financial services. Work in friendly, supportive teams. Build lasting value in your community. Help people grow their assets, business, and investments. Take your learning as far as you can. Or simply enjoy a vibrant, future-ready career.
Your Opportunity Starts Here.
Why Join
Protecting our customers' assets and information is at the heart of what we do at OCBC. As an Information Security and Digital Risk Management Specialist, you'll play a critical role in safeguarding our digital landscape and ensuring the integrity of our systems. You'll be part of a team that's passionate about staying ahead of emerging threats and risks.
How you succeed
As the Assistant VP of Information Security and Digital Risk Management (ISDRM), you will be responsible for the 2nd line governance and oversight of information security and digital risks (technology, information, and cyber) within the OCBC Group. The primary role would be the ISDRM lead to support the Bank of Singapore (BOS) entity and its subsidiaries as well as group-wide responsibilities on thematic and risk assurance reviews.
What you do
Drive or support risk governance and oversight activities and provide effective challenge to strengthen the effectiveness of technology, information or cyber risk in Group, such as risk mitigation programs.
Plan and conduct 2nd line thematic reviews and risk assurance reviews in emerging risks arising from technology, information and cyber domains.
Perform regular risk monitoring and management reporting on risk posture to management and Board of Directors.
Drive or support the formulation and regular update of related Framework and supporting Policies to incorporate applicable industry leading practices and regulatory expectations.
Drive or support the review and enhancement of controls for existing banking services against emerging technology, information and cyber risks.
Provide risk advisory service, including recommendation of risk mitigation options, on technology, information and cyber risks associated with new banking services, fintech initiatives, outsourcing-related arrangements, regulatory and legal guidelines.
Support bank-wide initiatives to facilitate management of applicable legal & regulatory requirements (e.g., Cybersecurity Act, MAS Technology Risk Management Guidelines).
Keep abreast of new technologies and related risks, industry trends, and regulatory requirements relating to technology, information & cyber security.
Who you are
Degree in Computer Science or equivalent technical degree.
Relevant professional certifications (e.g., CISA, CISM or CRISC) would be advantageous.
More than 7 years of relevant experience in technology, information or cyber risk management, information security or IT audit within the financial services industry.
Proficient in risk management, IT governance, information & cyber security standards.
Experienced in leading risk assessments and risk assurance testing.
Good knowledge and experience in managing legal and regulatory requirements pertaining to technology, information or cyber risk domains (e.g., Singapore, Malaysia, Hong Kong, China).
Good written and communication skills, as well as solution oriented.
Ability to interact, engage and influence with stakeholders across all levels.
Ability to contribute through others, collaborate well across seniority, cultures and locations.
Proactive and able to work well under pressure or tight deadlines.
What we offer:
Competitive base salary. A suite of holistic, flexible benefits to suit every lifestyle. Community initiatives. Industry-leading learning and professional development opportunities. Your wellbeing, growth and aspirations are every bit as cared for as the needs of our customers.
If you like wild growth and working with happy, enthusiastic over-achievers, you'll enjoy your career with us!
#J-18808-Ljbffr

Company: Bank

Employment Type: 12-Month Contract

Salary: Up to S$8,000/month

As an Information Security & BCM Specialist, you will support and oversee key information security and business continuity activities for the APAC region, ensuring alignment with both local regulatory requirements and Group-level policies.

Security Governance & Compliance

• Maintain and review Security Policies, Addendums, Standards, and Procedures for international locations, ensuring alignment with regulatory requirements
• Ensure compliance with regional regulatory bodies (e.g., MAS, HKMA, LFRA, NFRA) in matters related to information security, BCM, and IT governance
• Coordinate and support regulatory security audits across APAC branch locations

Technology & Risk Assessments

• Review BRDs, network/security designs, and other technical documentation to ensure alignment with security policies
• Perform Technology Risk Assessments, Third-Party Risk Assessments, and track RCSA remediation activities
• Monitor and follow up on risk items in collaboration with Group IT, local branch IT, and other stakeholders

Security Awareness & Risk Monitoring

• Conduct regular Security Awareness programs for regional branch staff
• Monitor and review management dashboards and MIS related to patching, vulnerability assessments (VA), penetration testing (PT), and endpoint security controls

Business Continuity Management (BCM)

• Assist in the development, implementation, and maintenance of Business Continuity Plans (BCPs) across APAC operations
• Coordinate Business Impact Analyses (BIAs), risk assessments, and periodic testing of BCPs
• Support disaster recovery and incident response coordination
• Maintain BCM documentation and track remediation from incidents, tests, or audits
• Monitor regulatory developments related to BCM across APAC

• Min Bachelor's Degree in Information Security, Computer Science, IT, or related field
• Minimum 5 years of experience in Information Security and/or BCM, preferably with exposure across the APAC region
• Strong understanding of regional regulatory frameworks (e.g., MAS, HKMA)
• Hands-on experience with risk assessments, security governance, and incident response
• Strong communication and stakeholder management skills, including cross-functional collaboration with IT, Facilities, and Business teams

Interested candidates, do submit your resume to:

Jocelyn Chan| Consultant | Recruit Express Pte Ltd (Healthcare & Lifescience)

Company EA Licence number : 99C4599

Personnel EA License: R1331820