Lead, Cyber Sec Risk

Job Summary

· The incumbent shall be responsible to achieve delivery of ICS Risk reduction targets and manage all aspects of ICS risk across Client Coverage. Some key areas are,

· Adoption of Information Security and Controls across client Coverage Applications in alignment to Risk Treatment Plans

· Lead Vulnerability Management, and drive adheres to consistently meet the KPIs.

· Identify and plan remediation of Cyber Hygiene gaps.

· Collaborate in defining the ICS Risk Treatment Plans for Client Coverage

· Accountable for delivery of MSBR for Client Coverage applications.

· Review ICS risks across key Client Coverage TC programs like CTA, CLMT etc.

· Governance to ensure compliance to ICS standards policies and procedures across client coverage initiatives.

· Provides clear and concise status updates to relevant forums like RF, MPR, QPR, NFRC etc, as applicable, on ICS Risks

· Identify and manage Risks, Assumptions, Issues, and Dependencies with relevant counterparts to ensure effective mitigating actions are put in place.

· Support technology teams in change management activities in managing ICS related risks

· Timely maintenance of artefacts upon completion of any ICS Remediation in designated bank’s repository

· Collaborate with a broad set of stakeholders including Global Risk Heads, Head ICS, Business Application Owners, Process Owners, CIO, Technology teams, ICS CISO, CISRO (2nd Line), ICS TRP, Cyber Security Services etc.

· Close collaboration with Head ICS, Business Leads / Product Owners, Cyber Security Service teams to ensure business needs are well understood across delivery teams.

· Lead and facilitate an effective engagement model between multiple technology counterparts ensuring transparency of progress across delivery lifecycle.

· Maintain communication channels and information flows between Business, Technology and second-line teams to achieve ICS Risk Reduction targets.

Strategy & Business

· Ensure the design and delivery of initiatives are consistent with the ICS RTF Framework, Strategy and Solution, considering Bank’s Policies and Standards, Regulatory Requirements, Threat Landscape etc.

· Support training and communications efforts where applicable – ensuring the right level of engagement to facilitate business readiness and hence adoption and business risk reduction is realized

Processes

· Apply a structured methodology to deliver change through creation/execution of a plan to support any change management activities to successfully land the changes

· To provide support on communications and engagement where applicable to smoothen adoption of changes

· Manage escalations, communications and updates to relevant stakeholders

Risk Management

· Ensure that initiatives are delivered consistent with the requirements of the ICS RTF, ORF, SCB Policies/Standards, Regulatory requirements and in a manner, that ideally improved our Information and Cyber Security risk posture and result in lowering of ICS risk for our businesses.

· Adequately address the findings from Internal Assurance, Audit findings, Stress Tests, Regulatory findings and other BAU asks to focus on quick wins.

Governance

· Ensure that outcomes delivered, including necessary controls are fit for purpose and meet regulatory requirements.

· Ensure adherence to the Project Management Standards, System Delivery Framework, and Committee Governance Standards

Regulatory & Business Conduct

· Display exemplary conduct and live by the Group’s Values and Code of Conduct.

· Take personal responsibility for embedding the highest standards of ethics, including regulatory and business conduct, across Standard Chartered Bank. This includes understanding and ensuring compliance with, in letter and spirit, all applicable laws, regulations, guidelines and the Group Code of Conduct.

· Effectively and collaboratively identify, escalate, mitigate and resolve risk, conduct and compliance matters.

Key stakeholders

· CIO Client Coverage,

· COO Client Coverage

· CISO And CISRO stakeholders for Client Coverage and CIB

· Technology and Operational Risk – Group and Client Coverage

· Client Coverage Technology Management Team

· Client Coverage Portfolio Team (COO)

· ICS Process Owners and Central Teams

Our Ideal Candidate

· 10 years’ experience in managing cyber security risk for a business function / entity

· Preferred experience in managing / roll out / implementation of any of the following in the Banking industry.

· A bachelor’s degree

· Security & Information Systems Control Certificates may be preferred

Role Specific Technical Competencies

· Cyber Security Controls

· Vulnerability Management

· ICS Risk Management

About Standard Chartered

We're an international bank, nimble enough to act, big enough for impact. For more than 170 years, we've worked to make a positive difference for our clients, communities, and each other. We question the status quo, love a challenge and enjoy finding new opportunities to grow and do better than before. If you're looking for a career with purpose and you want to work for a bank making a difference, we want to hear from you. You can count on us to celebrate your unique talents and we can't wait to see the talents you can bring us.

Our purpose, to drive commerce and prosperity through our unique diversity, together with our brand promise, to be here for good are achieved by how we each live our valued behaviours. When you work with us, you'll see how we value difference and advocate inclusion.

Together we:

· Do the right thing and are assertive, challenge one another, and live with integrity, while putting the client at the heart of what we do

· Never settle, continuously striving to improve and innovate, keeping things simple and learning from doing well, and not so well

· Are better together, we can be ourselves, be inclusive, see more good in others, and work collectively to build for the long term

What we offer

In line with our Fair Pay Charter, we offer a competitive salary and benefits to support your mental, physical, financial and social wellbeing.

· Core bank funding for retirement savings, medical and life insurance, with flexible and voluntary benefits available in some locations.

· Time-off including annual leave, parental/maternity (20 weeks), sabbatical (12 months maximum) and volunteering leave (3 days), along with minimum global standards for annual and public holiday, which is combined to 30 days minimum.

· Flexible working options based around home and office locations, with flexible working patterns.

· Proactive wellbeing support through Unmind, a market-leading digital wellbeing platform, development courses for resilience and other human skills, global Employee Assistance Programme, sick leave, mental health first-aiders and all sorts of self-help toolkits

· A continuous learning culture to support your growth, with opportunities to reskill and upskill and access to physical, virtual and digital learning.

· Being part of an inclusive and values driven organisation, one that embraces and celebrates our unique diversity, across our teams, business functions and geographies - everyone feels respected and can realise their full potential.

Recruitment Assessments

Some of our roles use assessments to help us understand how suitable you are for the role you've applied to. If you are invited to take an assessment, this is great news. It means your application has progressed to an important stage of our recruitment process.

Visit our careers website www.sc.com/careers