Job Description

WHO WE ARE:

As Singapore’s longest established bank, we have been dedicated to enabling individuals and businesses to achieve their aspirations since 1932. How? By taking the time to truly understand people. From there, we provide support, services, solutions, and career paths that meet their individual needs and desires.

Today, we’re on a journey of transformation. Leveraging technology and creativity to become a future-ready learning organisation. But for all that change, our strategic ambition is consistently clear and bold, which is to be Asia’s leading financial services partner for a sustainable future.

We invite you to build the bank of the future. Innovate the way we deliver financial services. Work in friendly, supportive teams. Build lasting value in your community. Help people grow their assets, business, and investments. Take your learning as far as you can. Or simply enjoy a vibrant, future-ready career.

Your Opportunity Starts Here.

Why Join
Protecting our customers' assets and data is at the heart of everything we do at OCBC. As part of our Cybersecurity team, you'll play a critical role in safeguarding our systems and networks from cyber threats. You'll be part of a team that's shaping the future of cybersecurity in the financial industry.

How you succeed
We are looking for an experienced Red Team Analyst to join our Cyber Security function. You will plan and execute adversary simulation exercises and purple team engagements across our banking infrastructure, working closely with Threat Intelligence, Threat Hunting and SOC to deliver intelligence-led offensive security assessments aligned to regulatory expectations.

What you do

• Plan and execute red team engagements, adversary emulation exercises against enterprise and banking-critical systems

• Develop attack scenarios and TTP chains mapped to MITRE ATT&CK, informed by current threat intelligence on actors relevant to financial services

• Draft and maintain Rules of Engagement (RoE), scoping documents, and exercise plans, ensuring proper White Team controls and data handling procedures

• Conduct reconnaissance, initial access, lateral movement, and post-exploitation activities in controlled engagements, documenting techniques and findings

• Collaborate with Threat Hunting and Detection Engineering teams to validate detection coverage and support purple team exercises

• Produce clear, actionable reporting for technical and management audiences, including risk ratings, root cause analysis, and remediation guidance

• Support regional engagements across multiple jurisdictions, coordinating with local stakeholders and managing engagement logistics

• Contribute to continuous improvement of red team methodology, tooling, and playbooks

• Stay current on emerging TTPs, tooling, and threat actor behavior relevant to the banking and financial services sector

Who you are

• Bachelor’s degree in Cybersecurity, Information Security, Computer Science, or related field

• Minimum of 5 years of hands-on experience in red teaming, penetration testing, or offensive security, ideally within financial services or another regulated industry

• Strong understanding of MITRE ATT&CK and adversary emulation methodologies

• Practical experience with common red team tooling (e.g., C2 frameworks, exploitation frameworks, OSINT tooling) and scripting/automation (Python, PowerShell, or similar)

• Solid grasp of enterprise architecture, Active Directory, cloud environments (AWS/Azure/GCP), and network security concepts

• Experience designing or executing engagements with formal Rules of Engagement and stakeholder management

• Strong written and verbal communication skills, with the ability to translate technical findings for non-technical stakeholders

• Familiarity with relevant regulatory and compliance frameworks (MAS TRM, BNM RMiT, HKMA, CSA CCoP) is a strong plus

• Relevant certifications preferred: OSCP, OSCE, CRTP, CRTE, CRTO, GXPN, or equivalent

• Prior experience in banking, payments, or other critical financial infrastructure

• Exposure to purple team exercises and detection engineering collaboration

Who we are
As Singapore's longest established bank, we have been dedicated to enabling individuals and businesses to achieve their aspirations since 1932. How? By taking the time to truly understand people. From there, we provide support, services, solutions, and career paths that meet their individual needs and desires.

Today, we're on a journey of transformation. Leveraging technology and creativity to become a future-ready learning organisation.
But for all that change, our strategic ambition is consistently clear and bold, which is to be Asia's leading financial services partner for a sustainable future.

We invite you to build the bank of the future. Innovate the way we deliver financial services. Work in friendly, supportive teams. Build lasting value in your community. Help people grow their assets, business, and investments. Take your learning as far as you can. Or simply enjoy a vibrant, future-ready career. Your Opportunity Starts Here.

What we offer:

Competitive base salary. A suite of holistic, flexible benefits to suit every lifestyle. Community initiatives. Industry-leading learning and professional development opportunities. Your wellbeing, growth and aspirations are every bit as cared for as the needs of our customers.