Unit Head, IS Gov & Risk Assessment

About UOB

United Overseas Bank Limited (UOB) is a leading bank in Asia with a global network of more than 500 branches and offices in 19 countries and territories in Asia Pacific, Europe and North America. In Asia, we operate through our head office in Singapore and banking subsidiaries in China, Indonesia, Malaysia and Thailand, as well as branches and offices. Our history spans more than 80 years. Over this time, we have been guided by our values – Honorable, Enterprising, United and Committed. This means we always strive to do what is right, build for the future, work as one team and pursue long-term success. It is how we work, consistently, be it towards the company, our colleagues or our customers.

Job Description

Job Overview

We are seeking an experienced and strategic Information Security Governance & Risk Manager to lead a team responsible for ensuring that IT systems and applications comply with organizational security policies, architectural standards, and regulatory requirements. The role focuses on information security governance, risk assessment, compliance, secure architecture design, and regulatory engagement across the enterprise.

Key Responsibilities

• Lead and manage a team to oversee information security governance and technical risk assessments.
• Develop, manage, and continuously enhance the organization's security governance framework, including policies, standards, procedures, and guidelines.
• Conduct comprehensive reviews of compliance, risk, and control frameworks in alignment with regulatory requirements (e.g., BNM RMiT, MAS TRM) and industry best practices.
• Design and implement organization-wide information security awareness and education programs; monitor effectiveness and conduct targeted follow-ups.
• Engage with regulatory bodies and internal governance lines (L1, L2, L3) on security queries, audits, and findings; ensure timely resolution and tracking of all issues.
• Oversee and assess security control deviations and policy exceptions for approval, ensuring appropriate risk treatment plans.
• Perform IT security risk assessments for new and existing applications, systems, and infrastructure; develop risk acceptance documents for committee review and approval.
• Provide security consultancy and perform security risk reviews on solution designs and new technology adoption.
• Guide and review secure architecture and design implementations to ensure they align with the organization's risk appetite.
• Ensure appropriate security control measures are embedded in systems to address identified risks.
• Lead ad-hoc and annual information security due diligence assessments on key outsourced service providers.
• Support the Head of Information Security on strategic and tactical initiatives and planning.
  
  

Requirements

• Bachelor’s Degree in Computer Science, Information Systems, Engineering, or a related field.
• 10–15 years of relevant work experience, with at least 5 years in security governance, technical risk assessment, and IS due diligence within the financial services industry.
• Proven experience managing teams and delivering results across complex environments.
• Strong knowledge of IT domains including IT strategy, security controls, IT infrastructure, applications, vendor management, cyber security, IT governance, audit, risk, and business continuity.
• Familiarity with security frameworks and standards such as BNM RMiT, MAS TRM, PCI-DSS, PayNet requirements, and international best practices.
• Professional certifications such as CISSP, CISM, CRISC, CISA, PMP, ITIL, or CEH are highly desirable.
• Excellent analytical, critical thinking, and problem-solving skills.
• Strong communication, writing, and presentation capabilities.
• High level of integrity, discretion, and sound independent judgment.
• Demonstrated ability to manage change, handle multiple priorities, and work both independently and collaboratively.
• Proven ability to engage and build relationships with both technical and business stakeholders.
  
  

Additional Requirements

Be a Part of the UOB Family

UOB is an equal opportunity employer. UOB does not discriminate on the basis of a candidate's age, race, gender, color, religion, sexual orientation, physical or mental disability, or other non-merit factors. All employment decisions at UOB are based on business needs, job requirements and qualifications. If you require any assistance or accommodations to be made for the recruitment process, please inform us when you submit your online application.

Apply now and make a Difference