• Opportunity to work in a Renowned Financial Institution
• Bring business impact via enterprise-scale cloud and cybersecurity initiatives
About Our Client
Our client is a leading financial institution offering a full suite of banking, investment, and wealth management services. Renowned for its strong regional presence and commitment to innovation, the organisation drives digital transformation to deliver secure, efficient, and customer-centric financial solutions. With a focus on sustainability and technology, it continues to empower individuals, businesses, and institutions across Asia to achieve long-term growth.
Job Description
Key Responsibilities:
• Lead end-to-end IT security risk assessments across on-premise and cloud environments (including GCP), evaluating controls and residual risks.
• Manage third-party information security due diligence, including on-site supplier assessments.
• Identify and mitigate security risks arising from technology obsolescence initiatives.
• Partner with technology and business stakeholders to communicate risks and support informed decision-making.
• Act as a trusted security SME, providing advisory support and guiding subsidiary IS teams for consistent risk management.
• Support security governance through risk committees, policies, checklists, and guidelines.
• Drive continuous improvement via automation, reporting, and staying ahead of emerging security threats and trends.
The Successful Applicant
A successful candidate should have:
• Bachelor's degree in Computer Science, Information Technology, or a related discipline.
• At least 7 years' experience in information security and risk management, ideally within large or banking environments.
• Strong expertise in threat modeling and risk management, with the ability to explain concepts clearly and practically.
• Solid understanding of banking security policies, regulations, and industry best practices, with a focus on actionable remediation.
• Proven stakeholder management, communication, and influencing skills across technical and non-technical audiences, including senior leaders.
• Proactive self-starter with strong leadership, change-driving capability, and ability to work independently or as part of a team.
• Excellent analytical and problem-solving skills, with experience in security standards (e.g. ISO 27001, MAS TRM, NIST, CCM) and relevant industry certifications.
What's on Offer
Why this role?
• Opportunity to work closely with senior business and technology stakeholders as a trusted security advisor
• Strong focus on governance, regulatory alignment, and industry best practices
• Supportive and collaborative culture with opportunities for professional growth and certifications
• Competitive remuneration and benefits aligned with market standards
• Chance to build regional or global exposure through oversight and collaboration across subsidiaries
