AVP, Group Information Security & Digital Risk Management

Why Join

The Group Information Security & Digital Risk Management team undertakes a wide range of responsibilities, including risk governance and oversight, risk reporting to senior management and Board, policy formulation, risk assessments, vulnerability management, incident response, security awareness training, and compliance-driven initiatives. This variety of responsibilities offers a diverse and engaging work experience.

You will be responsible for the 2nd line governance and oversight of information security and digital (i.e., technology, cyber and information risks) within the OCBC Group. The primary role would be to drive key project/initiatives leveraging big data platforms to analyze large datasets to derive risk insights.

How you succeed

• Regularly update your knowledge on the latest cybersecurity threats, trends, and emerging technologies, including artificial intelligence (AI), machine learning, and blockchain and associated risks.
• Familiarize yourself with relevant regulations and standards that impact the organization’s overall control environment and risk profile.
• Develop a strong understanding of risk assessment methodologies and frameworks to evaluate and mitigate risks effectively.

What you do

• Data-Driven Risk Management: Drive projects or initiatives that leverage big data platforms, including data analytics tools and visualization techniques, to analyze large datasets and derive risk insights. This includes partnering with key stakeholders, tracking project status, and providing recommendations to senior management.
• Risk Governance and Oversight: Drive or support risk governance activities; provide independent and effective challenge (e.g., on risk mitigation programs) to strengthen the effectiveness of technology, information or cyber risk management across Group.
• Risk Monitoring and Reporting: Perform regular risk monitoring and management reporting on risk posture to senior management and the Board.
• Control Review and Enhancement: Support the review and enhancement of controls to better mitigate against emerging technology, information and cyber risks.
• Regulatory Compliance: Lead or support bank-wide initiatives to work towards compliance with applicable legal & regulatory requirements (e.g., Cybersecurity Act, MAS Technology Risk Management Guidelines).

Who you are

• Degree in Computer Science or equivalent technical degree.
• Relevant professional certifications (e.g., CISA, CISM, CRISC or PMP) would be advantageous.
• More than 7 years of relevant experience in technology, information or cyber risk management, information security or IT audit within the financial services industry. Candidates with strong data analytics skills and experience working with big data platforms, machine learning, and AI applications in risk management are encouraged to apply, even if their risk management experience is less extensive.
• Proficient in data analytics tools and visualization techniques (e.g., SQL, Python, PowerBI); experience with big data platforms (e.g., Hadoop) would be advantageous.
• Familiar with machine learning and AI applications in risk management.
• Proficient knowledge of technology risk management guidelines from MAS or any regional regulators.
• Good written and communication skills, as well as solution-oriented.
• Ability to contribute through others, collaborate well across seniority, cultures, and locations.
• Proactive and able to work well under pressure or tight deadlines.

What we offer

Competitive base salary. A suite of holistic, flexible benefits to suit every lifestyle. Community initiatives. Industry-leading learning and professional development opportunities. Your well-being, growth and aspirations are every bit as cared for as the needs of our customers.

Location: Singapore

Department: Information Risk Management and Security

Team: Group Information Security & Digital Risk Management

Type: Permanent

Employment: Full-time

Posted on: 02-Jan-2025, 8:58:11 AM