Incident, Threat & Vulnerability Management (Mid Senior | 10-15 Years of Exp)

As Singapore’s longest established bank, we have been dedicated to enabling individuals and businesses to achieve their aspirations since 1932. How? By taking the time to truly understand people. From there, we provide support, services, solutions, and career paths that meet their individual needs and desires.

 Today, we’re on a journey of transformation. Leveraging technology and creativity to become a future-ready learning organisation. But for all that change, our strategic ambition is consistently clear and bold, which is to be Asia’s leading financial services partner for a sustainable future.

 We invite you to build the bank of the future. Innovate the way we deliver financial services. Work in friendly, supportive teams. Build lasting value in your community. Help people grow their assets, business, and investments. Take your learning as far as you can. Or simply enjoy a vibrant, future-ready career.

Your Opportunity Starts Here.

Job Title: Incident, Threat & Vulnerability Management
 

Role Purpose

The role leads the Incident, Threat & Vulnerability Management pillar for Technology Information Security Office (TISO) Malaysia, with end‑to‑end accountability for cyber incident readiness and response governance, threat intelligence oversight, vulnerability management effectiveness, and regulatory incident obligations.

This position serves as the country authority and coordinator for cyber incidents, threats, and vulnerabilities, ensuring strong alignment with Group TISO, regulators (BNM, PayNet, SC), and local stakeholders. The role is responsible for strategy, governance, service oversight, crisis coordination, and executive reporting, rather than day‑to‑day technical execution.

Key Responsibilities:

1) Incident Response & DFIR Governance (Country Lead)

• Act as TISO Malaysia’s Incident Response Lead, accountable for readiness, escalation, coordination, and post‑incident assurance.

• Own and maintain Malaysia CSIRT procedures, playbooks, escalation models, and crisis communication frameworks.

• Coordinate cyber incident response activities with Group DFIR, Group CSOC, and external DFIR retainers.

• Oversee forensic investigations, impact assessments, and root‑cause analysis performed by Group teams or external providers.

• Ensure timely, accurate, and regulatory‑compliant incident reporting to BNM and relevant authorities.

• Represent TISO MY in major cyber incidents, war rooms, executive briefings, and regulatory engagements.

2) Threat Intelligence & Monitoring Oversight

• Provide country governance over Cyber Threat Intelligence (CTI) applicable to Malaysia.

• Assess emerging threats, adversary campaigns, and geopolitical risks impacting OCBC MY.

• Ensure timely dissemination of actionable threat advisories and threat‑led risk assessments.

• Partner with Group CTI to translate global intelligence into local risk context and preparedness actions.

• Support realistic threat‑based scenarios for cyber drills and simulations.

3) Vulnerability Management Governance

• Provide end‑to‑end governance over vulnerability management effectiveness, including risk‑based prioritisation and remediation tracking.

• Review and challenge remediation SLAs, risk acceptances, and prolonged exposures.

• Oversee vulnerabilities across on‑prem, cloud, internet‑facing, and third‑party environments.

• Escalate systemic or unmanaged vulnerability risks to senior management and risk committees.

4) Cyber Posture Monitoring & External Exposure

• Oversee external attack surface monitoring, cyber exposure trends, and posture indicators.

• Monitor Malaysia’s cyber posture on BNM FinTIP and relevant external platforms.

• Provide consolidated risk views on incidents, threats, and vulnerabilities for management and Board visibility.

• Contribute to Cyber Defense Roadmap and remediation prioritisation discussions.

5) Cyber Drills, Exercise & Readiness

• Own the Malaysia cyber incident readiness programme, including:

  • Annual cyber drills and crisis simulations

  • Tabletop exercises for senior management

  • Industry and regulator‑driven exercises (e.g. RE4CT)

• Ensure outcomes are embedded into process improvements, controls uplift, and capability development.

6) Group Interface & Cross-Functional Representation

• Act as a key interface between MY TISO and Group TISO for:

  • Incident response alignment

  • Threat intelligence and vulnerability management matters

  • DFIR coordination and assurance activities

• Interface with Group Operations & Technology on:

  • Cyber incidents impacting MY assets

  • Operational risk, resilience, and remediation matters

  • Cross‑border technology and security dependencies

• Ensure MY‑specific concerns, risks, and regulatory obligations are clearly represented and escalated at Group forums.

7) Governance, Service Oversight & Assurance

• Provide governance over outsourced cyber services (CSOC, CTI, Vulnerability Management, DFIR retainers, SMU).

• Review service performance, KPIs, alerts quality, and improvement plans.

• Chair or participate in Service Review meetings and assurance discussions.

• Support internal audits, external audits, and regulatory examinations related to incident, threat, and vulnerability domains.

Key Qualifications & Experience:

Experience

• 10–15+ years in cybersecurity, including senior leadership roles. in cybersecurity, including senior leadership roles.

• Proven experience at VP / ED level within a regulated financial institution.

• Direct exposure to major cyber incidents, regulatory escalations, and executive communications.

• Strong understanding of BNM RMiT, PayNet, and Malaysian regulatory expectations.

• Experience working with regional or global Group security functions.

Technical & Leadership Competencies

• Strong understanding of:

  • Incident response lifecycle and crisis management

  • Threat actor TTPs and intelligence‑led defense

  • Vulnerability risk management and remediation governance

• Ability to challenge technical outcomes and risk decisions without being hands‑on.

• Strong executive presence, calm under pressure, and capable of Board‑level engagement.

Certifications (Preferred)

• CISSP, CISM, GIAC (GCIH, GCFA, GREM) or equivalent senior‑level certifications.

Competitive base salary. A suite of holistic, flexible benefits to suit every lifestyle. Community initiatives. Industry-leading learning and professional development opportunities. Your wellbeing, growth and aspirations are every bit as cared for as the needs of our customers.