Privileged Access Management Governance Analyst (AVP/VP)

As Singapore’s longest established bank, we have been dedicated to enabling individuals and businesses to achieve their aspirations since 1932. How? By taking the time to truly understand people. From there, we provide support, services, solutions, and career paths that meet their individual needs and desires.

 Today, we’re on a journey of transformation. Leveraging technology and creativity to become a future-ready learning organisation. But for all that change, our strategic ambition is consistently clear and bold, which is to be Asia’s leading financial services partner for a sustainable future.

 We invite you to build the bank of the future. Innovate the way we deliver financial services. Work in friendly, supportive teams. Build lasting value in your community. Help people grow their assets, business, and investments. Take your learning as far as you can. Or simply enjoy a vibrant, future-ready career.

Your Opportunity Starts Here.

Why Join

Cybersecurity is core to OCBC’s mission, and strong governance is the backbone of our defence. As a PAM Governance Analyst, you will help protect our systems and data by ensuring privileged access is properly governed, monitored, and compliant with regulatory expectations. You’ll join a high‑performing team driving the bank’s PAM transformation—using analytics, automation, and modern cybersecurity tools to uplift control effectiveness and reduce risk across critical technology platforms. This is your opportunity to shape the future of privileged access governance while growing in a fast‑evolving cybersecurity landscape.

If you’re passionate about access security, automation, enterprise technology, or building a strong foundation in cybersecurity, this is the place to grow

How you succeed.

We are looking for several skilled PAM Governance Analysts to strengthen the governance and compliance framework for privileged access across OCBC Group. You will ensure privileged access is governed consistently, securely, and in alignment with regulatory requirements, the Group policies and processes.

Your responsibilities will span policy governance, analytics‑based reporting, risk management, control assurance, and enforcement of PAM standards. You will work closely with various stakeholders to ensure strong oversight and end‑to‑end compliance.

What you do

1. Policy, Standards & Enforcement

• Develop, maintain, and enforce PAM policies, standards, and procedures.

• Run exception management (risk acceptance/dispensation), track expiry, and drive timely closure.

• Escalate persistent non‑compliance and significant control breaches to the appropriate governance forums.

2. Reporting & Analytics (Data‑Driven Compliance)

• Build and maintain compliance dashboards and KPI/KRI metrics for privilege accounts hygiene, excessive/unauthorised access, onboarding/off‑boarding timeliness, and review completion.

• Use data analytics to identify outliers, trends, and control breakdowns, drive remediation with accountable owners.

• Publish periodic management reports (e.g., monthly/quarterly) and present insights to stakeholders.

3. Risk Management (RA/RCSA)

• Lead Risk Assessments (RA) and Risk & Control Self‑Assessments (RCSA) for privileged access across domains and environments.

• Define risk treatment actions, track residual risk, and verify control effectiveness post‑remediation.  

4. Continuous Control Assurance (CCA & CSA)

• Plan and execute Continuous Control Audits (CCA) and Control Self‑Assessments (CSA) against PAM controls.

• Validate end‑to‑end lifecycle controls: creation, vaulting/onboarding, usage monitoring, periodic review, revocation/de‑registration.

• Coordinate audit evidence, findings, remediation owners, due dates, and verify closure.

5. Privileged Access Reviews

• Run periodic privileged access recertifications and entitlement clean‑ups.

• Conduct PAM tools user access reviews to ensure users are properly designated, trained, and that attestations are complete, accurate, and timely.

6. Compliance Monitoring & Non‑Compliance Reduction

• Continuously monitor policy deviations, stale/unused privilege accounts, excessive entitlements, dual‑control exceptions, and onboarding gaps.

• Work with privilege accounts owners to reduce non‑compliance through targeted remediation and sustainable fixes; verify effectiveness via metrics.

7. Regulatory & Framework Alignment

• Align PAM governance with regulatory and internal policies and requirements.

• Map controls to frameworks (e.g., ISO 27001, NIST, COBIT) and keep control documentation current.

8. Continuous Improvement

• Recommend process, control, and automation enhancements based on analytics, audit learnings, and incidents.

• Champion standardisation across regions/entities; promote measurable control maturity uplift.

Who you are

• Bachelor’s degree in IT, Cyber security, Computer Science, or related field

Experience

• 3–5 years in cybersecurity governance, IT audit, IAM/PAM, or risk/compliance roles within regulated environments.

Technical & Governance Skills

• Experience with privilege access management in governance or policy contexts.

• Strong understanding of privileged access governance, risk frameworks, and IT control models (e.g., ISO 27001, NIST, COBIT).

• Familiarity with regulatory standards such as MAS TRM, BNM RMiT.

Analytical Skills

• Ability to analyse logs, risk indicators, and compliance metrics to derive actionable insights.

Soft Skills

• Clear communication with both technical and non‑technical stakeholders.

• Strong ownership mindset with focus on reducing non‑compliance and improving control maturity.

• Ability to work independently in a fast‑paced, high‑risk, regulated environment.

Certifications (Preferred)

• CyberArk Defender.

• CISSP, CISA, CISM, CRISC, or equivalent.

Who we are
As Singapore's longest established bank, we have been dedicated to enabling individuals and businesses to achieve their aspirations since 1932. How? By taking the time to truly understand people. From there, we provide support, services, solutions, and career paths that meet their individual needs and desires.
Today, we're on a journey of transformation. Leveraging technology and creativity to become a future-ready learning organisation.
But for all that change, our strategic ambition is consistently clear and bold, which is to be Asia's leading financial services partner for a sustainable future.
We invite you to build the bank of the future. Innovate the way we deliver financial services. Work in friendly, supportive teams. Build lasting value in your community. Help people grow their assets, business, and investments. Take your learning as far as you can. Or simply enjoy a vibrant, future-ready career. Your Opportunity Starts Here.
What we offer
Competitive base salary. A suite of holistic, flexible benefits to suit every lifestyle. Community initiatives. Industry-leading learning and professional development opportunities. Equal opportunity. Fair employment. Selection based on ability and fit with our culture and values. Your wellbeing, growth and aspirations are every bit as cared for as the needs of our customers.

Competitive base salary. A suite of holistic, flexible benefits to suit every lifestyle. Community initiatives. Industry-leading learning and professional development opportunities. Your wellbeing, growth and aspirations are every bit as cared for as the needs of our customers.