Job Description

Who we are:We are a team within Group Audit, dedicated to driving our mission of providing independent and objective assessments to enhance the quality and effectiveness of governance, risk management, and internal control processes. Our goal is to support OCBC Banking Group in achieving its strategic objectives.Responsibilities:

• Cyber & Information Security - Oversee the technology audit portfolio over cybersecurity, technology (including network security), and information security risk management framework, policies, standards, and related governance and processes.
• As a member of the DTA leadership team, establish the vision and strategic direction for the Cyber & Information Security Audit portfolio in alignment with the broader GA and DTA\'s strategic focus. Implement leading and innovative audit practices in executing Cyber and Information Security audits.

QualificationsRequirements

• Bachelor\'s or Master\'s degree in Computer Science, Information Technology or a related field
• Professional certifications such as CISA, CISM, CISSP, or similar.
• Extensive experience in cybersecurity or audit-related roles within the Financial Services industry.
• Strong knowledge of cybersecurity frameworks, standards, and best practices applicable to the banking sector.
• Familiarity with regulatory requirements related to cybersecurity and information security in the Financial Services industry.

Technical Skills:

• In-depth understanding of cybersecurity principles, technologies, and controls specific to financial services industry.
• Proficiency in conducting/reviewing vulnerability assessments, penetration testing, and security audits.
• Knowledge of network security, cloud security, application security, and data protection.
• Familiarity with security tools and technologies such as firewalls, intrusion detection systems, SIEM, etc.

Audit and Compliance:

• Knowledge of audit methodologies and frameworks specific to cybersecurity audits.
• Understanding of internal control frameworks (e.g., COSO) and risk management principles as applied to cybersecurity.
• Experience in developing and implementing cybersecurity audit plans and strategies.
• Familiarity with compliance requirements and ability to ensure adherence to relevant regulations across key OCBC markets.

Leadership and Communication:

• Strong leadership skills to manage a team of cybersecurity auditors.
• Excellent communication and interpersonal skills to collaborate with stakeholders at all levels within the bank.
• Ability to effectively communicate complex technical concepts related to cybersecurity to non-technical stakeholders in the bank.
• Strong analytical and problem-solving skills to identify and address cybersecurity risks.

Industry Knowledge:

• In-depth understanding of the banking industry, its operations, systems, and associated cybersecurity risks.
• Knowledge of emerging trends, threats, and technologies in the banking and cybersecurity domains.
• Familiarity with the specific challenges and regulatory landscape within the Financial Services industry.

Travel Requirements:

• Willingness to travel approximately 10%-20% of the time (MY/CN primarily, with occasional worldwide)

eFinancialCareers