x
Get our mobile app
Fast & easy access to Jobstore
Use App
Congratulations!
You just received a job recommendation!
check it out now
Browse Jobs
Companies
Campus Hiring
Download App
Jobs in Singapore   »   Jobs in Singapore   »   Quality Assurance / Control Job   »   Lead, ICS Assurance
 banner picture 1  banner picture 2  banner picture 3

Lead, ICS Assurance

Standard Chartered Bank

Standard Chartered Bank company logo

The Role Responsibilities

Job Role

The Group Chief Information Security Risk Officer (CISRO) organization is instrumental in protecting and ensuring the resilience of Standard Chartered Bank’s data and IT systems by managing Information and Cyber Security (ICS) risk across the enterprise.

As a critical function reporting into the Group Chief Risk Officer (CRO), the Group CISRO team serves as the second line of defence for assuring ICS controls are implemented effectively, in accordance with the ICS Risk Framework, and for instilling a culture of cyber security within the Bank. Group CISRO is responsible for the development of ICS framework, which includes all aspects of end to end risk identification, assessment, management and mitigation to stay with approved risk appetite thresholds; ICS policy, assurance and red team activities, cyber resilience and stress testing, third party security risk, industry partnerships, and regulatory engagement.

The team of Information Security Risk Officers (ISRO) have delegated authority for risk approval from the Group CISRO and support the implementation of the ICS risk management strategy, providing oversight, governance and advisory across the Group’s Business, Regions and Functions.
Group CISRO is central to ensuring the Bank is able to meet its ICS commitments to internal and external stakeholders, as well as maintaining an acceptable ICS risk profile that is regularly reported to the Board.

Group CISRO is proud to have a diverse workforce with a global presence in over 10 countries. More than a third of our global workforce are women and almost half represent our senior leadership roles. We also have a great ethic and generational balance in our teams and are committed to promote a workplace environment that is consciously inclusive, respects and celebrates the variety of opinions and diverse views, and where every voice is heard and acknowledged.

We embrace our differences and know that our diverse and inclusive approach is a strength that drivers our success. We want all applicants to feel able to perform at their best throughout the hiring process and we’ll support you with any reasonable adjustments you need. No matter who you are, where you come from, you are welcome to CISRO.

#breakthebias - Check out the features from the females on our leadership team: Libby and Nina.

In line with our Fair Pay Charter, we offer a competitive salary and benefits to support your mental, physical, financial and social wellbeing. Some of the highlights:

  • New Ways of Working, with flexible working arrangement that helps you balance your personal life and create a positive employee experience.
  • Recognition and reward to show our appreciation in supporting you for achieving significant milestones and growth or aspirational goals.
  • We offer 18 types of leave benefits that covers annual and block leave, health and wellness, starting a family such as marriage leave, maternity, family care etc. and time off which provides great flexibility opportunities to our employees.
  • Exciting work-related benefits such as Loyalty Award to celebrate every 5 year milestone with you and Professional Associations related benefits.
  • We invest in our people with a continuous learning culture to support your growth, with opportunities to reskill and upskill with access to physical, virtual and digital learning.
  • We offer social and recreational events include dinner and dance, outings, talks and more.

The Lead, Information and Cyber Security (ICS) Assurance is a permanent role with the following responsibilities

  • Primarily responsible to effectively lead/perform ICS assurance reviews and issue validation activities
  • Execute and deliver insightful, quality and value-adding assurance reviews to drive proactive risk management
  • Drive and support internal growth initiatives to upskill staff competencies, optimize resources / capacity, enhance digital agility and identification of risk hotspots for assurance work
  • Drive, collaborate and support cross-functional initiatives to drive greater efficiency and effectiveness
  • Building and promote good external partnerships with stakeholders to collaborate effectively

Strategy

  • Manage risk dynamically
  • Digital Agility
  • Value creation
  • Building Internal and External Partnerships
  • Innovation and Growth

Business

  • Provide timely, regular communication and updates of deliverables (outcomes, recommendations) to key internal and external stakeholders.

Processes

  • Responsible and accountable for performing reviews and issue validations in line with the 2LA methodology and ensure that the ICS assurance deliverables meets the quality standards set out in the methodology.
  • Ensure timely deliverables, invocation of escalation and clearance of report in alignment with our CISRO Assurance operating model.

People and Talent

  • Establish constructive relationships with key stakeholders across 1LoD, 2LoD and 3LoD.
  • Actively participate in team’s lessons learned or experience sharing sessions.

Risk Management

  • Ensure that all activities are in line with and support of the ICS principal risk type under the Bank’s ERMF.
  • Proactive identification of risk hotspots to drive the prioritization of our assurance work.

Governance

  • Awareness and understanding of the regulatory framework, in which the Group operates, and the regulatory requirements and expectations relevant to the role.
  • Support the Global Head of ICS Assurance and Testing to set up the annual plan and manage the execution of the plan to achieve the target on quality, timeline and budget.

Regulatory and Business Conduct

  • Display exemplary conduct and live by the Group’s Values and Code of Conduct.
  • Take personal responsibility for embedding the highest standards of ethics, including regulatory and business conduct, across Standard Chartered Bank. This includes understanding and ensuring compliance with, in letter and spirit, all applicable laws, regulations, guidelines and the Group Code of Conduct.
  • Effectively and collaboratively identify, escalate, mitigate and resolve risk, conduct and compliance matters.

Key Stakeholders

  • Group Risk
  • Group Transformation, Technology and Operations
  • Group Internal Audit - Enterprise Technology, Cyber Security Services

Other Responsibilities

  • Embed Here for good and Group’s brand and values in Group CISRO Assurance and Testing

Our Ideal Candidate

  • 10+ years of experience in cyber security testing/assessment, penetration testing, cyber security operations, cyber security audit or information security governance.
  • Thorough understanding of IT security business processes, risks, threats and internal controls.
  • Strong experience in Risk and control
  • Advanced experience in Auditing Skillset
  • Experience working in or with the financial services industry with keen understanding of business and operational environment.
  • Strong knowledge of the cyber security threat landscape, businesses, markets and risk framework.
  • Experienced in team management & engagement
  • Good understanding of global legal, regulatory and industry regulations, frameworks and standards and the ability to adapt to the changes accordingly.
  • Able to communicate complex ICS risks/issues precisely and effectively.
  • Able to construct recommendations in a factual and persuasive manner.
  • Technical skills: Experience in ICS domain and Tech Risk
  • Ability to empathise and collaborate with stakeholders across functions and at all levels of experience
  • Ability to look beyond individual issues to identify broader themes with wider-reach impact
  • Ability to both assess strategic priorities and to focus on detailed aspects of a function to drive effective delivery.
  • A big-picture thinker who is detail-oriented
  • Comfortable with “blank sheet of paper assignments”
  • Ability to perform testing by using data analytics

Certification

  • CISA, CRISC, CSX AUDIT, CISM, CISSP, CSX-P, CCSP, CEH

Role Specific Technical Competencies

  • Cybersecurity Risk Management
  • Analytical Thinking
  • Information Assurance
  • Information Security Audits
  • Communicating Complex Concepts
  • Data Analytics

­About Standard Chartered

We're an international bank, nimble enough to act, big enough for impact. For more than 160 years, we've worked to make a positive difference for our clients, communities, and each other. We question the status quo, love a challenge and enjoy finding new opportunities to grow and do better than before. If you're looking for a career with purpose and you want to work for a bank making a difference, we want to hear from you. You can count on us to celebrate your unique talents. And we can't wait to see the talents you can bring us.

Our purpose, to drive commerce and prosperity through our unique diversity, together with our brand promise, to be here for good are achieved by how we each live our valued behaviours. When you work with us, you'll see how we value difference and advocate inclusion. Together we:

  • Do the right thing and are assertive, challenge one another, and live with integrity, while putting the client at the heart of what we do
  • Never settle, continuously striving to improve and innovate, keeping things simple and learning from doing well, and not so well
  • Be better together, we can be ourselves, be inclusive, see more good in others, and work collectively to build for the long term

In line with our Fair Pay Charter, we offer a competitive salary and benefits to support your mental, physical, financial and social wellbeing.

  • Core bank funding for retirement savings, medical and life insurance, with flexible and voluntary benefits available in some locations
  • Time-off including annual, parental / maternity (20 weeks), sabbatical (12 weeks maximum) and volunteering leave (3 days), along with with minimum global standards for annual and public holiday, which is combined to 30 days minimum
  • Flexible working options based around home and office locations, with flexible working patterns
  • Proactive wellbeing support through Unmind, a market-leading digital wellbeing platform, development courses for resilience and other human skills, global Employee Assistance Programme, sick leave, mental health first-aiders and all sorts of self-help toolkits
  • A continuous learning culture to support your growth, with opportunities to reskill and upskill and access to physical, virtual and digital learning
  • Being part of an inclusive and values driven organisation, one that embraces and celebrates our unique diversity, across our teams, business functions and geographies - everyone feels respected and can realise their full potential.

Recruitment assessments - some of our roles use assessments to help us understand how suitable you are for the role you've applied to. If you are invited to take an assessment, this is great news. It means your application has progressed to an important stage of our recruitment process.

Visit our careers website www.sc.com/careers

✱   This job post has expired   ✱

Sharing is Caring

Know others who would be interested in this job?