Group Information Security & Digital Risk Management

Protecting our customers' assets and information is at the heart of what we do at OCBC. As a Manager in the Information Security and Digital Risk Management function, you'll play a critical role in safeguarding our digital landscape and ensuring the integrity of our systems. You'll be part of a team that's passionate about staying ahead of emerging threats and risks.

To succeed in this role, you'll need to stay up to date with the latest security threats and trends. You'll work closely with our technology teams to identify and mitigate risks and develop strategies to protect our digital assets. You'll also need to collaborate with stakeholders across the bank to ensure that our security policies and procedures are effective and aligned with our business goals.

• Data-Driven Risk Management: Drive projects and initiatives that leverage big data platforms to analyse large datasets and derive risk insights, using data analytics tools and visualization techniques. This includes partnering with key stakeholders to ensure timelines are met, with regular tracking and update of project status, as well as providing actionable recommendations to achieve planned outcome.
• Risk Governance and Oversight: Drive or support risk governance activities and provide effective challenge to strengthen the effectiveness of technology, information or cyber risk in Group, such as risk mitigation programs.
• Risk Monitoring and Reporting: Perform or support regular risk monitoring and management reporting on risk posture to senior management. This includes deriving insights from analysing and interpreting large datasets to identify patterns and trends.
• Control Review and Enhancement: Support the review and enhancement of controls for existing banking services against emerging technology, information and cyber risks.
• Regulatory Compliance: Support bank-wide initiatives to facilitate management of applicable legal & regulatory requirements (e.g., Cybersecurity Act, MAS Technology Risk Management Guidelines).

• Degree in Computer Science or equivalent technical degree.
• Junior level role: 3-5 years of relevant experience in technology, information or cyber risk management, information security or IT audit within the financial services industry.
• Strong data engineering skills as well as proficient in data analytics tools and visualisation techniques (e.g., SQL, Python, PowerBI), with experience in big data platforms (e.g., Hadoop) would be highly advantageous.
• Familiar with machine learning and AI applications in risk management.
• Proficient knowledge of technology risk management guidelines from MAS or any regional regulators.
• Good written and communication skills, as well as solution oriented.
• Ability to contribute through others, collaborate well across seniority, cultures, and locations.
• Proactive and able to work well under pressure or tight deadlines.