As Singapore’s longest established bank, we have been dedicated to enabling individuals and businesses to achieve their aspirations since 1932. How? By taking the time to truly understand people. From there, we provide support, services, solutions, and career paths that meet their individual needs and desires.
Today, we’re on a journey of transformation. Leveraging technology and creativity to become a future-ready learning organisation. But for all that change, our strategic ambition is consistently clear and bold, which is to be Asia’s leading financial services partner for a sustainable future.
We invite you to build the bank of the future. Innovate the way we deliver financial services. Work in friendly, supportive teams. Build lasting value in your community. Help people grow their assets, business, and investments. Take your learning as far as you can. Or simply enjoy a vibrant, future-ready career.
Your Opportunity Starts Here.
Job Title: Incident, Threat & Vulnerability Management
Role Purpose
The role leads the Incident, Threat & Vulnerability Management pillar for Technology Information Security Office (TISO) Malaysia, with end‑to‑end accountability for cyber incident readiness and response governance, threat intelligence oversight, vulnerability management effectiveness, and regulatory incident obligations.
This position serves as the country authority and coordinator for cyber incidents, threats, and vulnerabilities, ensuring strong alignment with Group TISO, regulators (BNM, PayNet, SC), and local stakeholders. The role is responsible for strategy, governance, service oversight, crisis coordination, and executive reporting, rather than day‑to‑day technical execution.
Key Responsibilities:
Own and maintain Malaysia CSIRT procedures, playbooks, escalation models, and crisis communication frameworks.
Coordinate cyber incident response activities with Group DFIR, Group CSOC, and external DFIR retainers.
Oversee forensic investigations, impact assessments, and root‑cause analysis performed by Group teams or external providers.
Ensure timely, accurate, and regulatory‑compliant incident reporting to BNM and relevant authorities.
Represent TISO MY in major cyber incidents, war rooms, executive briefings, and regulatory engagements.
Provide country governance over Cyber Threat Intelligence (CTI) applicable to Malaysia.
Assess emerging threats, adversary campaigns, and geopolitical risks impacting OCBC MY.
Ensure timely dissemination of actionable threat advisories and threat‑led risk assessments.
Partner with Group CTI to translate global intelligence into local risk context and preparedness actions.
Support realistic threat‑based scenarios for cyber drills and simulations.
Provide end‑to‑end governance over vulnerability management effectiveness, including risk‑based prioritisation and remediation tracking.
Review and challenge remediation SLAs, risk acceptances, and prolonged exposures.
Oversee vulnerabilities across on‑prem, cloud, internet‑facing, and third‑party environments.
Escalate systemic or unmanaged vulnerability risks to senior management and risk committees.
Oversee external attack surface monitoring, cyber exposure trends, and posture indicators.
Monitor Malaysia’s cyber posture on BNM FinTIP and relevant external platforms.
Provide consolidated risk views on incidents, threats, and vulnerabilities for management and Board visibility.
Contribute to Cyber Defense Roadmap and remediation prioritisation discussions.
Own the Malaysia cyber incident readiness programme, including:
Annual cyber drills and crisis simulations
Tabletop exercises for senior management
Industry and regulator‑driven exercises (e.g. RE4CT)
Ensure outcomes are embedded into process improvements, controls uplift, and capability development.
Act as a key interface between MY TISO and Group TISO for:
Incident response alignment
Threat intelligence and vulnerability management matters
DFIR coordination and assurance activities
Interface with Group Operations & Technology on:
Cyber incidents impacting MY assets
Operational risk, resilience, and remediation matters
Cross‑border technology and security dependencies
Ensure MY‑specific concerns, risks, and regulatory obligations are clearly represented and escalated at Group forums.
Provide governance over outsourced cyber services (CSOC, CTI, Vulnerability Management, DFIR retainers, SMU).
Review service performance, KPIs, alerts quality, and improvement plans.
Chair or participate in Service Review meetings and assurance discussions.
Support internal audits, external audits, and regulatory examinations related to incident, threat, and vulnerability domains.
Key Qualifications & Experience:
Experience
10–15+ years in cybersecurity, including senior leadership roles. in cybersecurity, including senior leadership roles.
Proven experience at VP / ED level within a regulated financial institution.
Direct exposure to major cyber incidents, regulatory escalations, and executive communications.
Strong understanding of BNM RMiT, PayNet, and Malaysian regulatory expectations.
Experience working with regional or global Group security functions.
Technical & Leadership Competencies
Strong understanding of:
Incident response lifecycle and crisis management
Threat actor TTPs and intelligence‑led defense
Vulnerability risk management and remediation governance
Ability to challenge technical outcomes and risk decisions without being hands‑on.
Strong executive presence, calm under pressure, and capable of Board‑level engagement.
Certifications (Preferred)
CISSP, CISM, GIAC (GCIH, GCFA, GREM) or equivalent senior‑level certifications.
Competitive base salary. A suite of holistic, flexible benefits to suit every lifestyle. Community initiatives. Industry-leading learning and professional development opportunities. Your wellbeing, growth and aspirations are every bit as cared for as the needs of our customers.