Skip to main content
Back to jobs

Red Team Analyst (AVP)

External
ocbc logoOcbc · Ocbc, Singapore
Full-timeOn-siteToday
AWSAzureComplianceGCPInformation SecurityNetwork Security
Cover LetterConnect

Prepare for this interview

Elite

AI-generated questions, company research, and talking points tailored to this role

About the role

As Singapore's longest established bank, we have been dedicated to enabling individuals and businesses to achieve their aspirations since 1932. How? By taking the time to truly understand people. From there, we provide support, services, solutions, and career paths that meet their individual needs and desires. Today, we're on a journey of transformation. Leveraging technology and creativity to become a future-ready learning organisation. But for all that change, our strategic ambition is consistently clear and bold, which is to be Asia's leading financial services partner for a sustainable future. We invite you to build the bank of the future. Innovate the way we deliver financial services. Work in friendly, supportive teams. Build lasting value in your community. Help people grow their assets, business, and investments. Take your learning as far as you can. Or simply enjoy a vibrant, future-ready career. Your Opportunity Starts Here. As Singapore's longest established bank, we have been dedicated to enabling individuals and businesses to achieve their aspirations since 1932. How? By taking the time to truly understand people. From there, we provide support, services, solutions, and career paths that meet their individual needs and desires. Today, we're on a journey of transformation. Leveraging technology and creativity to become a future-ready learning organisation. But for all that change, our strategic ambition is consistently clear and bold, which is to be Asia's leading financial services partner for a sustainable future. We invite you to build the bank of the future. Innovate the way we deliver financial services. Work in friendly, supportive teams. Build lasting value in your community. Help people grow their assets, business, and investments. Take your learning as far as you can. Or simply

Requirements

  • Bachelor's degree in Cybersecurity, Information Security, Computer Science, or related field
  • Minimum of 5 years of hands-on experience in red teaming, penetration testing, or offensive security, ideally within financial services or another regulated industry
  • Strong understanding of MITRE ATT&CK and adversary emulation methodologies
  • Practical experience with common red team tooling (e.g., C2 frameworks, exploitation frameworks, OSINT tooling) and scripting/automation (Python, PowerShell, or similar)
  • Solid grasp of enterprise architecture, Active Directory, cloud environments (AWS/Azure/GCP), and network security concepts
  • Experience designing or executing engagements with formal Rules of Engagement and stakeholder management
  • Strong written and verbal communication skills, with the ability to translate technical findings for non-technical stakeholders
  • Familiarity with relevant regulatory and compliance frameworks (MAS TRM, BNM RMiT, HKMA, CSA CCoP) is a strong plus
  • Relevant certifications preferred: OSCP, OSCE, CRTP, CRTE, CRTO, GXPN, or equivalent
  • Prior experience in banking, payments, or other critical financial infrastructure
  • Exposure to purple team exercises and detection engineering collaboration

Benefits

How you succeedWhat you doPlan and execute red team engagements, adversary emulation exercises against enterprise and banking-critical systemsDevelop attack scenarios and TTP chains mapped to MITRE ATT&CK, informed by current threat intelligence on actors relevant to financial servicesDraft and maintain Rules of Engagement (RoE), scoping documents, and exercise plans, ensuring proper White Team controls and data handling proceduresConduct reconnaissance, initial access, lateral movement, and post-exploitation activities in controlled engagements, documenting techniques and findingsCollaborate with Threat Hunting and Detection Engineering teams to validate detection coverage and support purple team exercisesProduce clear, actionable reporting for technical and management audiences, including risk ratings, root cause analysis, and remediation guidanceSupport regional engagements across multiple jurisdictions, coordinating with local stakeholders and managing engagement logisticsContribute to continuous improvement of red team methodology, tooling, and playbooksStay current on emerging TTPs, tooling, and threat actor behavior relevant to the banking and financial services sector

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at ocbc? Share your experience

Interested in this role?

Apply on the company's website.

Cover LetterConnect