As Singapore’s longest established bank, we have been dedicated to enabling individuals and businesses to achieve their aspirations since 1932. How? By taking the time to truly understand people. From there, we provide support, services, solutions, and career paths that meet their individual needs and desires.
Today, we’re on a journey of transformation. Leveraging technology and creativity to become a future-ready learning organisation. But for all that change, our strategic ambition is consistently clear and bold, which is to be Asia’s leading financial services partner for a sustainable future.
We invite you to build the bank of the future. Innovate the way we deliver financial services. Work in friendly, supportive teams. Build lasting value in your community. Help people grow their assets, business, and investments. Take your learning as far as you can. Or simply enjoy a vibrant, future-ready career.
Your Opportunity Starts Here.
Group Operations and Technology (O&T) provide IT and backroom support across the bank's business lines such as Group Consumer Financial Services, Group Corporate Banking, Global Treasury, Group Risk Management, Group Finance, and Group Human Resources.
In addition, Group O&T runs the bank’s regional processing centres, and technology operations, drive for productivity gains and lower unit costs by instilling a quality culture, and leverage on the synergy from cross border processing hubs in Singapore, Malaysia and across the region.
The objective of Group O&T Risk & Prevention (R&P) is to establish a risk awareness and compliance culture that helps Group O&T to manage risks. In supporting O&T departments, Group Risk and Regulatory Compliance Unit as the Division Compliance Officer, Business Continuity Management Coordinator and Ops Risk management Coordinator, R&P undertakes the following responsibilities:
- Coordinate and facilitate the implementation of Operational Risk & Compliance policies, methodologies, and initiatives for proactive risk management by Group O&T.
- Monitor and uplift the Division's risk and compliance management performance through tracking of audit issues, compliance breaches and loss events.
- Provide independent review of risk assessments performed by O&T for new/changed processes to ensure integration of risk management to internal processes.
- Manage the audit engagement process, track, and ensure timely closure of issues.
Promote awareness of risk among O&T staff and educate them on methodologies and processes for risk management and compliance.
Role Description:
The candidate is expected to take a leadership role in ensuring that technology-related risks are proactively identified, assessed, and effectively mitigated. This includes leading collaboration efforts with technology teams and regional Risk & Prevention (R&P) functions across the OCBC Group to address technology risk challenges and to drive a strong risk culture within Group Operations & Technology (O&T).
1. Support the Head, R&P in the overall effective and proactive management of technology risk and controls in Group O&T.
2. Work closely with stakeholders to:
a. perform infrastructure (operating systems, middleware, databases, network), applications, operations risk, and control assessments to ensure that systems’ configurations, processes, and operations, with the objective of:
i) Identify, assess, treat, mitigate and articulate the risk in both technical and business context to the stakeholders.
ii) Assessing compliance to the bank’s standards and policies, as well as statutory and regulatory requirements.
b. Challenge, drive and discuss controls or risk mitigation solutions, whilst building strong, respectful relationships.
c. Support stakeholders in audits (internal/external) and regulatory related reviews and inspections, as well as tracking, reporting and root causes are addressed.
3. Key representative for Technology team in risk-related committees and forums, including liaison with regulators, internal and externals auditors.
4. Drive development and implementation of automated risk assessment frameworks that identify and quantify potential risks.
5. Collaborate with O&T teams across entities locally and in the region to assess risk profiles, identify potential areas of lapses, or non-compliance and develop risk mitigation strategies for sustained controls.
6. Design and implement automated risk monitoring and reporting that provides alerts and dashboards to help management and stakeholders make informed decision.
7. Develop and deliver training programs to educate stakeholders emerging trends in risk automations.
8. Provide advice, objective review and challenge to risk issues/ process changes identified by stakeholders to ensure technology-related operational risk identified is assessed adequately, and appropriate controls are in place to mitigate the risks.
Who you are
1. Minimally, a university degree in technology (or technology-related discipline) with at least 15 years of experience in audit/ IT security/ risk management. Practitioner and holder of IT risk certification, such as CISSP, CISA, or CRISC or other IT/IT security related certifications would be advantageous.
2. Successful candidates should have a strong background in technology risk management, as well as hands-on experience in technology domains or audit/compliance.
3. Prior experience in statistical modelling, data analysis, data visualization tools would be an added advantage.
4. Open to change as the team continually adopts to strategy to meet evolving regulatory and controls landscape.
5. Good understanding of regulatory requirements, such as MAS Technology Risk Management, Outsourcing and Notice 644, 655, etc. Understanding of regional regulatory requirements is a plus.
6. Experience with performing IT risk and control assessments (including RCSA) and managing audits (internal and external) as well as regulatory inspections.
7. Experience in developing and implementing dashboards/ data visualization, heatmap presentation of metrices.
8. Good understanding and experience (preferred) of DevOps, SRE, Agile methodologies and experience with CI/CD approach and tools.
9. Hands-on experience in the following infrastructure technology, would be desirable:
I. Servers Platform
II. Middleware technologies
III. Microservices
IV. Virtualization
V. Network
VI. Security
VII. Database
Who we are
As Singapore's longest established bank, we have been dedicated to enabling individuals and businesses to achieve their aspirations since 1932. How? By taking the time to truly understand people. From there, we provide support, services, solutions, and career paths that meet their individual needs and desires.
Today, we're on a journey of transformation. Leveraging technology and creativity to become a future-ready learning organisation.
But for all that change, our strategic ambition is consistently clear and bold, which is to be Asia's leading financial services partner for a sustainable future.
We invite you to build the bank of the future. Innovate the way we deliver financial services. Work in friendly, supportive teams. Build lasting value in your community. Help people grow their assets, business, and investments. Take your learning as far as you can. Or simply enjoy a vibrant, future-ready career. Your Opportunity Starts Here.
What we offer
Competitive base salary. A suite of holistic, flexible benefits to suit every lifestyle. Community initiatives. Industry-leading learning and professional development opportunities. Equal opportunity. Fair employment. Selection based on ability and fit with our culture and values. Your wellbeing, growth and aspirations are every bit as cared for as the needs of our customers.
Competitive base salary. A suite of holistic, flexible benefits to suit every lifestyle. Community initiatives. Industry-leading learning and professional development opportunities. Your wellbeing, growth and aspirations are every bit as cared for as the needs of our customers.
Top Skills
OCBC Bank Singapore Office
65 Chulia St, Singapore, 049513
