WHO WE ARE:
As Singapore's longest established bank, we have been dedicated to enabling individuals and businesses to achieve their aspirations since 1932. How By taking the time to truly understand people. From there, we provide support, services, solutions, and career paths that meet their individual needs and desires.
Today, we're on a journey of transformation. Leveraging technology and creativity to become a future-ready learning organisation. But for all that change, our strategic ambition is consistently clear and bold, which is to be Asia's leading financial services partner for a sustainable future.
We invite you to build the bank of the future. Innovate the way we deliver financial services. Work in friendly, supportive teams. Build lasting value in your community. Help people grow their assets, business, and investments. Take your learning as far as you can. Or simply enjoy a vibrant, future-ready career.
Your Opportunity Starts Here.
Why Join
Cybersecurity is core to OCBC's mission, and strong governance is the backbone of our defence. As a PAM Governance Analyst, you will help protect our systems and data by ensuring privileged access is properly governed, monitored, and compliant with regulatory expectations. You'll join a highperforming team driving the bank's PAM transformationusing analytics, automation, and modern cybersecurity tools to uplift control effectiveness and reduce risk across critical technology platforms. This is your opportunity to shape the future of privileged access governance while growing in a fastevolving cybersecurity landscape.
If you're passionate about access security, automation, enterprise technology, or building a strong foundation in cybersecurity, this is the place to grow
How you succeed.
We are looking for several skilled PAM Governance Analysts to strengthen the governance and compliance framework for privileged access across OCBC Group. You will ensure privileged access is governed consistently, securely, and in alignment with regulatory requirements, the Group policies and processes.
Your responsibilities will span policy governance, analyticsbased reporting, risk management, control assurance, and enforcement of PAM standards. You will work closely with various stakeholders to ensure strong oversight and endtoend compliance.
What You Do
- Policy, Standards & Enforcement
- Develop, maintain, and enforce PAM policies, standards, and procedures.
- Run exception management (risk acceptance/dispensation), track expiry, and drive timely closure.
- Escalate persistent noncompliance and significant control breaches to the appropriate governance forums.
- Reporting & Analytics (DataDriven Compliance)
- Build and maintain compliance dashboards and KPI/KRI metrics for privilege accounts hygiene, excessive/unauthorised access, onboarding/offboarding timeliness, and review completion.
- Use data analytics to identify outliers, trends, and control breakdowns, drive remediation with accountable owners.
- Publish periodic management reports (e.g., monthly/quarterly) and present insights to stakeholders.
- Risk Management (RA/RCSA)
- Lead Risk Assessments (RA) and Risk & Control SelfAssessments (RCSA) for privileged access across domains and environments.
- Define risk treatment actions, track residual risk, and verify control effectiveness postremediation.
- Continuous Control Assurance (CCA & CSA)
- Plan and execute Continuous Control Audits (CCA) and Control SelfAssessments (CSA) against PAM controls.
- Validate endtoend lifecycle controls: creation, vaulting/onboarding, usage monitoring, periodic review, revocation/deregistration.
- Coordinate audit evidence, findings, remediation owners, due dates, and verify closure.
- Privileged Access Reviews
- Run periodic privileged access recertifications and entitlement cleanups.
- Conduct PAM tools user access reviews to ensure users are properly designated, trained, and that attestations are complete, accurate, and timely.
- Compliance Monitoring & NonCompliance Reduction
- Continuously monitor policy deviations, stale/unused privilege accounts, excessive entitlements, dualcontrol exceptions, and onboarding gaps.
- Work with privilege accounts owners to reduce noncompliance through targeted remediation and sustainable fixes; verify effectiveness via metrics.
- Regulatory & Framework Alignment
- Align PAM governance with regulatory and internal policies and requirements.
- Map controls to frameworks (e.g., ISO 27001, NIST, COBIT) and keep control documentation current.
- Continuous Improvement
- Recommend process, control, and automation enhancements based on analytics, audit learnings, and incidents.
- Champion standardisation across regions/entities; promote measurable control maturity uplift.
Who You Are
- Bachelor's degree in IT, Cyber security, Computer Science, or related field
Experience
- 35 years in cybersecurity governance, IT audit, IAM/PAM, or risk/compliance roles within regulated environments.
Technical & Governance Skills
- Experience with privilege access management in governance or policy contexts.
- Strong understanding of privileged access governance, risk frameworks, and IT control models (e.g., ISO 27001, NIST, COBIT).
- Familiarity with regulatory standards such as MAS TRM, BNM RMiT.
Analytical Skills
- Ability to analyse logs, risk indicators, and compliance metrics to derive actionable insights.
Soft Skills
- Clear communication with both technical and nontechnical stakeholders.
- Strong ownership mindset with focus on reducing noncompliance and improving control maturity.
- Ability to work independently in a fastpaced, highrisk, regulated environment.
Certifications (Preferred)
- CyberArk Defender.
- CISSP, CISA, CISM, CRISC, or equivalent.
Who We Are
As Singapore's longest established bank, we have been dedicated to enabling individuals and businesses to achieve their aspirations since 1932. How By taking the time to truly understand people. From there, we provide support, services, solutions, and career paths that meet their individual needs and desires.
Today, we're on a journey of transformation. Leveraging technology and creativity to become a future-ready learning organisation.
But for all that change, our strategic ambition is consistently clear and bold, which is to be Asia's leading financial services partner for a sustainable future.
We invite you to build the bank of the future. Innovate the way we deliver financial services. Work in friendly, supportive teams. Build lasting value in your community. Help people grow their assets, business, and investments. Take your learning as far as you can. Or simply enjoy a vibrant, future-ready career. Your Opportunity Starts Here.
What We Offer
Competitive base salary. A suite of holistic, flexible benefits to suit every lifestyle. Community initiatives. Industry-leading learning and professional development opportunities. Equal opportunity. Fair employment. Selection based on ability and fit with our culture and values. Your wellbeing, growth and aspirations are every bit as cared for as the needs of our customers.
What We Offer:
Competitive base salary. A suite of holistic, flexible benefits to suit every lifestyle. Community initiatives. Industry-leading learning and professional development opportunities. Your wellbeing, growth and aspirations are every bit as cared for as the needs of our customers.
