Job Description
Align Solution Design with Enterprise Strategy
Ensure security architecture aligns with enterprise risk appetite, regulatory obligations, and zero-trust strategy across infrastructure and cloud.
Deliver Comprehensive Solutions Design Artefacts
Deliver HLD/MLD, deployment architectures, and executable blueprints for network security, endpoint/EDR, SIEM/SOAR, data protection/DLP, key management/HSM, and PAM/IGA.
Define and Evolve Architecture Design Patterns
Define security reference architectures and control standards mapped to frameworks (e.g., NIST, ISO 27001); codify guardrails, detection-as-code, and hardening baselines.
Deep Domain Expertise with Agility
Deep expertise in identity-centric security, zero trust, micro-segmentation, encryption, secrets management, vulnerability/threat management, and application of DevSecOps.
Collaborate and Govern Effectively
Lead architecture risk assessments and threat modeling; govern exceptions and technical debt remediation with clear risk narratives.
Hands-On Engagement with Delivery Teams
Embed with delivery and operations to ensure secure-by-default implementations, blue/green controls, and effective runbooks/IR playbooks.
Provide Expert Guidance and Support
Advise on compliance (e.g., MAS TRM/PCI-DSS/PDPA/GDPR), pen-test remediation, and security posture management; mentor teams on secure design.
Qualifications
10+ years in security architecture or engineering covering on-prem and cloud.
Practical experience with SIEM/SOAR, EDR/NDR, WAF, DDoS protection, data security (DLP, tokenization), KMS/HSM, and certificate/PKI.
Identity and access controls across workforce and workload identities; zero-trust patterns, micro-segmentation, and ZTNA.
DevSecOps, threat modeling, and security testing integration into CI/CD.
Familiarity with risk and control frameworks (NIST CSF, ISO 27001) and regional regulations (e.g., MAS TRM) as applicable.
Ability to produce reference architectures, standards, and executable guardrails/policies-as-code.
Certifications such as CISSP, CCSP, SABSA, or CISM are advantageous.
OVERSEA-CHINESE BANKING CORPORATION LIMITED
The OCBC Bank group of businesses comprises a family of companies owned by Singapore’s longest-established local bank. OCBC Bank is the longest established Singapore bank, formed in 1932 from the merger of three local banks, the oldest of which was founded in 1912. Since the time of our fou...
Read more about the companyCopyright © 2026 Grabjobs Pte.Ltd. All Rights Reserved.