Cyber Engineering - Risk - AM

As Singapore’s longest established bank, we have been dedicated to enabling individuals and businesses to achieve their aspirations since 1932. How? By taking the time to truly understand people. From there, we provide support, services, solutions, and career paths that meet their individual needs and desires.

Today, we’re on a journey of transformation. Leveraging technology and creativity to become a future-ready learning organisation. But for all that change, our strategic ambition is consistently clear and bold, which is to be Asia’s leading financial services partner for a sustainable future.

We invite you to build the bank of the future. Innovate the way we deliver financial services. Work in friendly, supportive teams. Build lasting value in your community. Help people grow their assets, business, and investments. Take your learning as far as you can. Or simply enjoy a vibrant, future-ready career. Your Opportunity Starts Here.

This is the broad job description of the job profile. Definitive job description should be reviewed and discussed between you and your manager.

Protecting our customers’ assets and data is at the heart of everything we do at OCBC. As a Cyber Engineering - Risk professional, you’ll play a critical role in safeguarding our systems and networks from cyber threats. You’ll be part of a team that’s shaping the future of cybersecurity in the financial industry.

To succeed in this role, you’ll need to stay one step ahead of emerging threats. You will work closely with our engineering teams to identify and mitigate risks and develop strategies to protect our systems and data. You need to be proactive, collaborative, and always looking for ways to improve our cybersecurity posture.

• Perform Cyber Threat Hunting on a daily basis.
• Identify, design and develop new cyber threat hunting rules and use cases.
• Identify weaknesses in cyber defence tools (e.g. testing of new exploit POC) and recommend mitigation measures.
• Perform breach investigation and digital forensics during an escalation / incident.
• Help determine the extent of the compromise, attributes of any malware involved and possible data exfiltrated. Accurately describe the details of an incident.
• Develop forensic and investigative reports.
• Develop and manage breach investigation and forensics programs.
• Develop and manage current knowledge of tools and best-practices in breach investigation and forensics.
• Manage external breach retainer service provider in delivering their services.
• Manage malware analysis lab environment.
• Support the team for other cyber defence related matters.

• At least 5-10 years of experience in cyber security fields.
• Knowledge of the various attack phases and the kill chain methodology.
• Knowledge of the latest cyber-attack tactics, techniques used by adversaries.
• Experience in host, network and mobile forensic and breach intrusion investigation.
• Experience in malware analysis.
• One or more of the following technical certificates: GIAC, GCIH, GCFA, GREM or equivalent
• Able to make decisions on remediation and propose countermeasures in support of breach intrusion remediation.
• Experience in performing live response on systems in support of breach intrusion investigation
• Experience in performing complete forensic duplication of the systems.
• Expertise in analysis of TCP/IP network communication protocols
• Experience conducting analysis of electronic media, packet capture, log data and network devices in support of breach intrusion analysis.
• Experience in computer exploitation tactics, techniques and procedures
• Experience in analysing malwares, identifying packers and compilers, reviewing PE file structure, carve and examine recovered data, researching interesting strings, dissembling and performing detailed reverse engineering on malware samples
• Experience in forensics and investigative report writing that can withstand legal scrutiny.
• Experience in live response and forensics tools and methodology.
• Experience in scripting language such as Python or other scripting languages.
• Experience in deploying forensics toolkit to support intrusion investigation
• Experience in chain of custody is followed for all electronic media acquired in accordance with existing regulations
• Experience in conducting breach investigation and forensics in a cloud environment.
• Experience in developing and maintaining cyber threat investigation toolset and lab.
• Hands‑on and a self‑starter, and comfortable dealing with multiple stakeholders in a fast‑paced environment, assist and manage Cyber Security Incident Response

As Singapore's longest established bank, we have been dedicated to enabling individuals and businesses to achieve their aspirations since 1932. How? By taking the time to truly understand people. From there, we provide support, services, solutions, and career paths that meet their individual needs and desires.

Today, we’re on a journey of transformation. Leveraging technology and creativity to become a future-ready learning organisation.

But for all that change, our strategic ambition is consistently clear and bold, which is to be Asia’s leading financial services partner for a sustainable future.

We invite you to build the bank of the future. Innovate the way we deliver financial services. Work in friendly, supportive teams. Build lasting value in your community. Help people grow their assets, business, and investments. Take your learning as far as you can. Or simply enjoy a vibrant, future-ready career. Your Opportunity Starts Here.

Competitive base salary. A suite of holistic, flexible benefits to suit every lifestyle. Community initiatives. Industry-leading learning and professional development opportunities. Equal opportunity. Fair employment. Selection based on ability and fit with our culture and values. Your wellbeing, growth and aspirations are every bit as cared for as the needs of our customers.

A degree in Computer Science, Cybersecurity, or a related field

Competitive base salary. A suite of holistic, flexible benefits to suit every lifestyle. Community initiatives. Industry-leading learning and professional development opportunities. Your wellbeing, growth and aspirations are every bit as cared for as the needs of our customers.