VP/ED Information Security & Digital Risk Management, Group Risk Management

VP/ED Information Security & Digital Risk Management, Group Risk Management – (24000150)

Description

As the VP/ED of Group Information Security & Digital Risk Manager (ISDRM), you will be responsible for the 2nd line governance and oversight of information security and digital risks (technology, information, and cyber) within OCBC Group. The primary role would be to conduct independent reviews of digital risks associated with new banking products, online banking anti-fraud controls, and third-party service arrangements. This role is essential for ensuring the information security and digital risk integrity of OCBC Group’s digital offerings.

Key Responsibilities:

• Drive or support risk governance and oversight activities and provide effective challenge to strengthen the effectiveness of technology, information or cyber risk in Group, such as risk mitigation programs.
• Provide risk advisory service on technology, information and cyber risks associated with new banking services, fintech initiatives and outsourcing-related arrangements.
• Review digital risks from the functional design of new products and recommend mitigating controls.
• Assess and enhance anti-fraud measures for OCBC’s digital banking channels.
• Perform regular risk monitoring and management reporting on risk posture to management.
• Drive or support the formulation and regular update of related Framework and supporting Policies to incorporate applicable industry leading practices and regulatory expectations.
• Drive or support bank-wide initiatives to facilitate management of applicable legal & regulatory requirements (e.g., Cybersecurity Act, MAS Technology Risk Management Guidelines).
• Keep abreast of new technologies and related risks, industry trends, and regulatory requirements relating to technology, information & cyber security.

Qualifications

• Degree in Computer Science or equivalent technical degree.
• Relevant professional certifications (e.g., CISA, CISM or CRISC) would be advantageous.
• More than 10 years of relevant experience in technology, information or cyber risk management, information security within the financial services industry.
• Strong background in application security, application design, or development.
• Proficient in risk management, IT governance, information & cyber security standards.
• Excellent communication skills, with the ability to engage and influence stakeholders at all levels.
• Experienced in leading risk assessments and risk reduction initiatives.
• Good written and communication skills, as well as solution oriented.
• Proactive and able to work well under pressure or tight deadlines.

Primary Location

: Singapore

Job

: Information Risk Management and Security

Organization

: Group Information Security & Digital Risk Management

Schedule

: Permanent

: Full-time

Job Posting

: 15-Aug-2024, 3:28:47 AM

Read Full Description