AVP, Group Information Security & Digital Risk Management
Job Description - AVP, Group Information Security & Digital Risk Management (25000009)
Why Join
The Group Information Security & Digital Risk Management team undertakes a wide range of responsibilities, including risk governance and oversight, risk reporting to senior management and Board, policy formulation, risk assessments, vulnerability management, incident response, security awareness training, and compliance-driven initiatives. This variety of responsibilities offers a diverse and engaging work experience.
You will be responsible for the 2nd line governance and oversight of information security and digital (i.e., technology, cyber and information risks) within the OCBC Group. The primary role would be to drive key project/initiatives leveraging big data platforms to analyse large datasets to derive risk insights.
How you succeed
Regularly update your knowledge on the latest cybersecurity threats, trends, and emerging technologies. This includes understanding emerging technologies like artificial intelligence (AI), machine learning, and blockchain and associated risks.
Familiarize yourself with relevant regulations and standards that impact the organization’s overall control environment and risk profile.
Develop a strong understanding of risk assessment methodologies and frameworks to evaluate and mitigate risks effectively.
What you do
- Data-Driven Risk Management: Drive projects or initiatives that leverage big data platforms, including data analytics tools and visualization techniques, to analyse large datasets and derive risk insights. This includes partnering with key stakeholders, tracking project status, and providing recommendations to senior management.
- Risk Governance and Oversight: Drive or support risk governance activities; provide independent and effective challenge (e.g., on risk mitigation programs) to strengthen the effectiveness of technology, information or cyber risk management across Group.
- Risk Monitoring and Reporting: Perform regular risk monitoring and management reporting on risk posture to senior management and the Board.
- Control Review and Enhancement: Support the review and enhancement of controls to better mitigate against emerging technology, information and cyber risks.
- Regulatory Compliance: Lead or support bank-wide initiatives to work towards compliance with applicable legal & regulatory requirements (e.g., Cybersecurity Act, MAS Technology Risk Management Guidelines).
Who you work with
Group Risk Management works independently to protect, build, and drive our businesses. The team supports good decision-making with strong risk analysis and plays a crucial role in sharpening our competitive edge. It’s about seeking and adopting best-in-class practices, protecting the group from unforeseen losses, keeping risk within appetite, and embracing change while managing growth in one of the world’s strongest banks.
Qualifications
Who you are
- Degree in Computer Science or equivalent technical degree.
- Relevant professional certifications (e.g., CISA, CISM, CRISC or PMP) would be advantageous.
- More than 7 years of relevant experience in technology, information or cyber risk management, information security or IT audit within the financial services industry. Candidates with strong data analytics skills and experience working with big data platforms, machine learning, and AI applications in risk management are encouraged to apply, even if their risk management experience is less extensive.
- Proficient in data analytics tools and visualisation techniques (e.g., SQL, Python, PowerBI); experience with big data platforms (e.g., Hadoop) would be advantageous.
- Familiar with machine learning and AI applications in risk management.
- Proficient knowledge of technology risk management guidelines from MAS or any regional regulators.
- Good written and communication skills, as well as solution-oriented.
- Ability to contribute through others, collaborate well across seniority, cultures, and locations.
- Proactive and able to work well under pressure or tight deadlines.
Who we are
Singapore’s longest established bank, we’ve been helping people and businesses get what they want from life since 1932. How? By taking the time to truly understand people. From there, we provide support, services, solutions, and career paths that meet their individual needs and desires.
Today, we’re on a journey of transformation, embracing technology and creativity to become a future-ready learning organisation. But for all that change, the entire focus of our organisation remains to be Simply Spot On in everything we do.
What we offer
Competitive base salary, a suite of holistic, flexible benefits to suit every lifestyle, community initiatives, and industry-leading learning and professional development opportunities. Your wellbeing, growth, and aspirations are every bit as cared for as the needs of our customers.
Primary Location
Job
Job
: Information Risk Management and SecurityOrganization
Organization
: Group Information Security & Digital Risk Management
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
job faster
