About UOB
United Overseas Bank Limited (UOB) is a leading bank in Asia with a global network of more than 500 branches and offices in 19 countries and territories in Asia Pacific, Europe and North America. In Asia, we operate through our head office in Singapore and banking subsidiaries in China, Indonesia, Malaysia and Thailand, as well as branches and offices. Our history spans more than 80 years. Over this time, we have been guided by our values – Honorable, Enterprising, United and Committed. This means we always strive to do what is right, build for the future, work as one team and pursue long-term success. It is how we work, consistently, be it towards the company, our colleagues or our customers.
Job Description
The
Group Infrastructure Patch Management Lead is the
single accountable owner for Infrastructure Patch Management.
The incumbent is responsible for end‑to‑end ownership of the Patch Deployment Process, ensuring that patching services are delivered consistently, effectively, and in alignment with the Bank's technology risk, regulatory, and resilience expectations.
Given patch management's direct linkage to
key operational risk indicators and regulatory outcomes, this role carries
enterprise‑level accountability for service delivery, vendor performance, process maturity, and risk transparency.
This Is a Strategic Leadership Role That Combines
- Contractual and operational ownership of outsourced patching services
- Group‑wide process ownership and standardisation for Infrastructure Patch Deployment
- Senior stakeholder engagement across GIPS, GIS, GBT, GMET, and GADT
Key Responsibilities
- Enterprise Patch Management Ownership
- Act as the end‑to‑end process owner for Infrastructure Patch Management across all in‑scope technologies.
- Define, maintain, and continuously improve common patch management process blueprints, controls, and governance standards across GIPS.
- Ensure consistent application of policies, timelines, controls, and reporting irrespective of delivery model (internal teams or vendors).
- Vendor & Contractual Accountability (HCL)
- Take full service ownership for patching services delivered by HCL across all infrastructure patching tracks.
- Drive expansion of active governance coverage from the current limited scope to full coverage across all patching tracks.
- Hold the vendor accountable for:
- Service quality and outcomes
- SLA delivery and remediation of breaches
- Continuous improvement, automation, and standardization
- Lead quarterly and ad‑hoc vendor performance reviews, escalation, and corrective action plans.
- Risk, Control & Regulatory Alignment
- Ensure patch management outcomes directly support the Bank's technology risk posture.
- Partner closely with Group Information Security (GIS) to align on CVE prioritisation, risk acceptance, and regulatory expectations.
- Ensure patch management controls, evidence, and reporting are inspection‑ready for internal audit and regulators.
- Provide clear senior‑management narratives on patch risk exposure, exceptions, and remediation progress.
- Cross‑Division Alignment & Stakeholder Management
- Act as the single coordination point across:
- GIPS infrastructure teams
- Multiple internal delivery teams
- External vendors
- Application Custodians within GBT, GMET, and GADT
- Drive alignment across teams that currently deliver patching under different operational models.
- Resolve cross‑boundary issues related to ownership, prioritization, sequencing, and risk acceptance.
- Governance, Metrics & Reporting
- Define and standardize KPIs, SLAs, and outcome‑based metrics for patch management services.
- Ensure consistent, accurate, and timely reporting of patch deployment outcomes across divisions.
- Provide senior‑management‑ready dashboards and insights highlighting:
- Coverage
- Timeliness
- Exceptions
- Risk exposure and trends
- Ensure reporting supports downstream risk, audit, and management forums.
- Process Maturity & Strategic Improvement
- Lead initiatives to uplift the maturity of the infrastructure patch management operating model, including:
- Service consolidation
- Reduction of fragmentation
- Improvement of automation and standardization
- Identify structural gaps and drive remediation through changes to processes, tooling, and accountability models.
- Set a clear target‑state operating model for Infrastructure Patch Management across the Group.
Requirements
Mandatory
- leadership experience in Infrastructure Operations, and/or Infrastructure Patch Management
- Strong experience managing large‑scale outsourced technology services
- Proven track record of process ownership across multiple teams and delivery models
- Deep understanding of technology risk, control frameworks, and regulatory expectations
Preferred
- Experience in financial services or a regulated banking environment
- Experience handling regulatory inspections related to infrastructure, security, or patch management
- Strong vendor governance and contract management background
Additional Requirements
Be a Part of the UOB Family
UOB is an equal opportunity employer. UOB does not discriminate on the basis of a candidate's age, race, gender, color, religion, sexual orientation, physical or mental disability, or other non-merit factors. All employment decisions at UOB are based on business needs, job requirements and qualifications. If you require any assistance or accommodations to be made for the recruitment process, please inform us when you submit your online application.
Apply now and make a Difference
