Singapore banks face a new and worsening talent crunch
Demand for cyber security professionals in Singapore is set to get a new boost from a law under consideration that would make financial institutions liable for additional fines if they get hacked too easily. But the law is also likely to make current skill shortages even worse.
The final form of the bill is not yet known, yet financial companies that suffer a security breach owing to oversight could be slapped with fines of up to SG$1m, not to mention the brand damage that comes with a loss of trust.
Hiring for cyber security professionals turned sharply higher six months ago, suggesting there are few easy ways that banks can hire skilled workers that will be needed when the bill becomes law, recruitment experts say. “Banks are the first movers in terms of hiring, but as of now we don’t see much talk about it [the new law] until there is a timeline given by the government,” says Gavin Teo, associate director, Michael Page Singapore.
The proposed Financial Services and Markets Bill, aside from setting the guidance on security controls and other standards, will allow the government to increase financial penalties, should a security incident point to lack of oversight in risk management. Teo says cyber security talent along with data science analysts are highly sought after in the current environment, especially as fund managers and crypto firms flock to Singapore.
Attacks on financial services companies ignited the recruitment drive for security experts among financial institutions, triggering an “overspill” of demand for the same skilled workers among cryptocurrency, online shopping and even fast-moving consumer goods that need to beef up their online platform, says Teo. “Demand is outstripping the supply,” he adds.
Among banks seeking to beef up their cyber defenses, Deutsche Bank, OCBC, and BNY Mellon, among others, all had active position postings for senior specialists in the cybersecurity field.
In order to meet their recruitment goals, some companies are relying upon a hybrid approach where they seek to recruit workers with typically three to five years of work experience, while also sending their existing IT staff for additional training and certification, according to Will Tan, managing director Principle Partners in Singapore.
“There’s not enough talent to go around here,” says Tan, adding that he is currently representing three companies that are looking to recruit experienced technologists with project management experience in cyber security.
In order to lure staff away from rival companies, it's common to see inducements in the form of a 20% to 30% increase in pay, in addition to packages that include work-from-home benefits and other perks.
Tan says the staff shortfall means the talent search has gone global, with companies looking to recruit in regions as far away as Eastern Europe.
Aside from technical skills and familiarity with software tools available to technology risk professionals, companies are looking for candidates with experience in the entire life cycle of delivering a successful project, as well as the ability to manage a team.
“Only with such people at the senior level will you be able to attract the more junior ones to come and work for you,” says Tan. “They [younger staff] will see it as an opportunity to learn from someone they respect.”
Have a confidential story, tip, or comment you’d like to share? Contact: email@example.com in the first instance. Whatsapp/Signal/Telegram also available (Telegram: @SarahButcher)
Bear with us if you leave a comment at the bottom of this article: all our comments are moderated by human beings. Sometimes these humans might be asleep, or away from their desks, so it may take a while for your comment to appear. Eventually it will – unless it’s offensive or libelous (in which case it won’t.)