Third-Party Cybersecurity Specialist
at OCBC Bank
Singapore, Southeast, Singapore -
Start Date | Expiry Date | Salary | Posted On | Experience | Skills | Telecommute | Sponsor Visa |
---|---|---|---|---|---|---|---|
Immediate | 06 Oct, 2024 | Not Specified | 06 Jul, 2024 | 5 year(s) or above | Computing,Owasp,Technology,Cyber Security,Cissp,Nist,Security Policy,Key Management,Interpersonal Skills,Working Experience,Application Security,Cisa,Regulations,Ccsp,Security Operations,English,It Security,Iso,It,Analytical Skills | No | No |
Required Visa Status:
Citizen | GC |
US Citizen | Student Visa |
H1B | CPT |
OPT | H4 Spouse of H1B |
GC Green Card |
Employment Type:
Full Time | Part Time |
Permanent | Independent - 1099 |
Contract – W2 | C2H Independent |
C2H W2 | Contract – Corp 2 Corp |
Contract to Hire – Corp 2 Corp |
Description:
- As a subject matter expert, perform assessment of third-party service providers’ cybersecurity posture and identify potential security risks from third-party engagements, in accordance with the Bank’s security standards.
- As a subject matter expert, assess the security and identify potential security risks arising from new product offerings, in accordance with the Bank’s NPAP requirements.
- Collaborate closely with businesses and the Bank’s Third-Party Risk Management (TPRM) team to ensure security risks are identified and communicated so that business can make an informed decision.
- Review and enforce information security policy, standards and guidelines for IT business application and infrastructure projects
- Identify IT security risks and conduct security assessment for IT business application and infrastructure projects.
- Undertake new security projects to improve the security controls, efficiency and ease of use.
- Review and document assessment and remediation activities following established processes and procedures.
- Continuously formulate, maintain, and enhance assessment approach, questionnaire and procedure.
- Continuously focus, strategies and provide recommendations to improve the effectiveness of processes and programs.
- Perform reporting and tracking of work deliverables.
- Keep abreast of emerging third-party security threats and technologies to understand the evolving risk and better safeguard the organization.
Qualifications
JOB QUALIFICATIONS
- Degree in IT, Computing, Cyber Security or Computer studies, or the equivalent in related experience (IT Security, Controls and Risk Management).
- Minimum 5-10 years relevant working experience in Cybersecurity/ IT Security Audit. IT Security/ Project Security Assessment experience preferred.
- Experience in industry standards and regulations such as MAS TRM, OSPAR, ISO 27001, SOC2 Type 2, PCI-DSS, NIST, etc.
- Knowledgeable in compliance with MAS TRM, ABS, BNM, HKMA, CBRC, etc, guidelines and regulatory notices.
- Strong understanding of the Banking industry information security policy and standards, regulatory and industry trends, good practices in providing practical and appropriate recommendation, resolution and remediation options to the businesses.
- Ability to multi-task and work independently with minimum supervision as well as part of an assessment team.
- Ability to leverage attention to detail and analytical skills
- Excellent written and verbal communication and interpersonal skills with good command on English
- Certified in CISSP, CCSP, CISA or CRISC would be preferred
- Knowledgeable in IT controls, application security and risk management methodology
- Knowledgeable with cryptographic algorithm/functions and key management.
- Knowledgeable in application penetration testing methodologies, such as OWASP will be an advantage.
- Familiarity in Digital Banking and FinTech solutions will be an advantage.
Primary Location: Singapore
Job: Security Operations
Organization: Group Operations & Technology Division
Schedule: Permanent
Job Posting: 05-Jul-2024, 4:53:31 A
Responsibilities:
Please refer the Job description for details
REQUIREMENT SUMMARY
Min:5.0Max:10.0 year(s)
Information Technology/IT
IT Software - Network Administration / Security
Information Technology
Graduate
Related experience (it security controls and risk management
Proficient
1
Singapore, Singapore