VP/AVP, Cybersecurity Governance & Compliance Lead, Group Technology at DBS Bank
Singapore, Singapore, Singapore -
Full Time


Start Date

Immediate

Expiry Date

11 Oct, 26

Salary

0.0

Posted On

13 Jul, 26

Experience

5 year(s) or above

Remote Job

Yes

Telecommute

Yes

Sponsor Visa

No

Skills

Cybersecurity Governance, Compliance Management, Risk Assessment, ISO27000, Regulatory Reporting, Security Metrics, Vulnerability Management, Penetration Testing, IDS/IPS, Log Analysis, VPN, Forensics, Policy Development, Audit Coordination, Information Security Frameworks, Risk Remediation

Industry

Banking

Description
Business Function Group Technology enables and empowers the bank with an efficient, nimble and resilient infrastructure through a strategic focus on productivity, quality & control, technology, people capability and innovation. In Group Technology, we manage the majority of the Bank's operational processes and inspire to delight our business partners through our multiple banking delivery channels. About the role The candidate will be responsible for supporting the delivery and implementation of the Bank’s cybersecurity risk management and compliance programmes, helping to ensure that the Bank’s technology and information assets comply with relevant cybersecurity regulations. The candidate will work with key stakeholders to monitor and implement practices aligned with the Bank’s cybersecurity risk management policies and standards, and to ensure that identified cybersecurity risks are evaluated, addressed and remediated appropriately. The candidate will also assist in the updating and reporting of metrics on the Bank’s cybersecurity compliance posture to the Management. This includes: Working with key stakeholders and counterparts within the Bank to ensure compliance against key cyber and information security legislations and regulations Identifying, analyzing, evaluating and treating cybersecurity risks posed to the Bank’s technology and information assets to an acceptable level Responsibilities Legislation, regulations and policies Assist in the Bank’s cybersecurity program, including cybersecuity policies, regulatory audits, compliance management, metrics, risk and performance indicators, and reporting to senior management; Track and monitor new security regulatory guidelines, and assess the compliance of and impact to the Bank’s security policy architecture Work with regional information security services teams in the core markets to monitor new cybersecurity legislation and/ or regulation and assess the impact against the Bank’s security policy architecture Develop, review and update information security policies and standards to comply against regulatory requirements Cybersecurity risk and compliance Conduct cybersecurity risk assessments by identifying, analyzing, evaluating and treating cybersecurity risks to an acceptable level within the Bank Timely coordination and completion of the Bank’s Risk and Compliance program in the identification and assessment of risk Monitor cybersecurity risks, map risk profiles and manage the risk register, as well as enhance Key Risk Indicators for reporting to second line of defense and risk management committees Continuously evaluate cybersecurity controls to ensure their effectiveness, compliance and adherence to policies and standards, while driving remediation efforts Engage Line of Business Technology units to conduct annual cybersecurity risk assessment for key bank systems against regulatory requirements Ensure timely implementation of corporate operational risk policies and standards within the Unit and assist operations teams to identify, report and address any gaps Assess the security deviations and risk acceptances raised by Business Units / Support Units Engage and liaise with auditors and the information security services teams for cybersecurity related audits. Requirements Information security professional with five (5) or more years of experience, with a background in a financial or technology environment would be preferred. Experience in collation, management and reporting of security metrics such as open security vulnerabilities, penetration testing findings, security alerts and incidents, etc. Experience in information security framework such as ISO27000 framework. Experience and knowledge in regulations such as Cybersecurity Act, Cybersecurity Code of Practice, Technology Risk Management Guidelines and Personal Data Protection Act. Experience in the management of Critical Information Infrastructure systems for compliance against the Cybersecurity Act will be beneficial. Good working knowledge of enterprise security risk management methods and techniques to successfully deliver the security risk management and assessment outcome. Strong background on security technology solutions including IDS, IPS, anti-virus, content filtering, secure email solutions, network sniffing, log analysis, forensics, and VPN. Good verbal and written communication for the generation of security awareness content. Proactive, analytical, performance-oriented, and independent worker with strong organization skills, and effectiveness to track and follow up on the assigned projects. Location: DBS Asia Hub Job: Technology Schedule: Regular Employee Status: Full time DBS is more than a bank — we're shaping the future of finance and communities. With innovation at our core and impact in our DNA, we go beyond banking to build careers, relationships, and a better world. DBS is a leading financial services group in Asia with a presence in 19 markets. Headquartered and listed in Singapore, DBS is in the three key Asian axes of growth: Greater China, Southeast Asia and South Asia. Recognised for its global leadership, DBS has been named “World’s Best Bank” by Global Finance, “World’s Best Bank” by Euromoney and “Global Bank of the Year” by The Banker. The bank is at the forefront of leveraging digital technology to shape the future of banking, having been named “World’s Best Digital Bank” by Euromoney and the world’s “Most Innovative in Digital Banking” by The Banker. In addition, DBS has been accorded the “Safest Bank in Asia” award by Global Finance for 15 consecutive years from 2009 to 2023. DBS provides a full range of services in consumer, SME and corporate banking. As a bank born and bred in Asia, DBS understands the intricacies of doing business in the region’s most dynamic markets and is committed to building lasting relationships with customers. With its extensive network of operations in Asia and emphasis on engaging and empowering its staff, DBS presents exciting career opportunities.
Responsibilities
Lead the delivery and implementation of cybersecurity risk management and compliance programs to ensure technology assets meet regulatory standards. Monitor cybersecurity risks, manage the risk register, and coordinate with stakeholders to remediate identified gaps.
Loading...