x
Get our mobile app
Fast & easy access to Jobstore
Use App
Congratulations!
You just received a job recommendation!
check it out now
Browse Jobs
Companies
Campus Hiring
Download App
Jobs in Singapore   »   Jobs in Singapore   »   Director, OTCR, CIB
 banner picture 1  banner picture 2  banner picture 3

Director, OTCR, CIB

Standard Chartered Bank

Standard Chartered Bank company logo

JOB SUMMARY

  • The Operational, Technology and Cyber Risk (OTCR) organisation is instrumental in protecting and ensuring the resilience of Standard Chartered Bank’s operations, data, and IT systems by managing operational, technology and cyber risk across the enterprise.
  • As a critical function reporting into the Group Chief Risk Officer (CRO), the Group OTCR team serves as the second line of defence for assuring that controls are implemented effectively, in accordance with the OTCR Framework, and for instilling a risk culture within the Bank.

RESPONSIBILITIES

Strategy

  • The Director, OTCR, CIB (ICS and Technology) is a permanent role that requires strong business acumen and deep knowledge and experience in the ICS and Technology field. The candidate has a strong understanding of operating in a second line capacity within the ICS and Technology risk management organisation, and can respond flexibly and collaboratively to evolving business, regulatory and threat requirements.
  • The role reports directly to the Head, OTCR, CIB (ICS and Technology) to address ICS and Technology risk for CIB and support its integration into the Bank's overall ICS and Technology Risk Management strategy.
  • The role provides oversight and challenge of ICS and Technology risk management and control effectiveness as a risk partner to Transaction Banking, Client Coverage and Digital Channels Data Analytics (DCDA) as defined in the Bank’s Enterprise Risk Type Framework.

Business

  • The primary purpose of this position is to ensure that the management of ICS and technology risk is operating effectively and efficiently and to provide assurance that risk as appropriately managed within the Transaction Banking, Client Coverage and DCDA. The candidate works closely with Head of OTCR CIB ICS and Technology Risk, Global Head OTCR CIB, CISO, COOs, CIOs, and Operational Risk Officers, as well as other key stakeholders to drive requirements and help set priorities for ICS and Technology risk strategy and investment based on acceptable risk tolerance and considering the evolving threat and regulatory landscape, policies and standards, and technology infrastructure.

Processes

  • Promote a healthy ICS and Technology risk culture and good conduct within the Transaction Banking, Client Coverage and DCDA.
  • Establish strong relationships with identified stakeholders across the Transaction Banking, Client Coverage and DCDA, understand their strategic goals to ensure ICS and Technology alignment.
  • Articulate the value of ICS and Technology controls and their bottom-line impact to CIB business security and resiliency.
  • Monitor, assess and advise Transaction Banking, Client Coverage and DCDA on acceptable risk tolerances based on policy and control environment and the evolving regulatory and threat landscape.
  • Utilise appropriate risk management tool(s) to manage, track and monitor ICS and Technology risks across Transaction Banking, Client Coverage and DCDA.
  • Validate the accuracy of KRI’s, KCI’s, risk assessments and other risk ratings, as well as process designs to meet policy requirements.
  • Maintain relationships with key service and product owners within CISO and CIO to keep abreast of changes that may affect the risk landscape.
  • Oversee and challenge to ensure Transaction Banking, Client Coverage and DCDA projects with an ICS and Technology element are correctly managed via a formal secure development lifecycle.
  • Set appropriate tone and expectations from the OTCR team and work in collaboration with risk and control partners.
  • Prepare, present and challenge in a 2nd line capacity at relevant risk committees, steering groups and for cross-business opportunities.
  • Use the Enterprise Risk Management Framework (including supporting tools, processes, and procedures) to ensure ICS and Tech-related risks in CIB are flagged and treatment plans are in place.
  • Identify root causes for common risks and work with CISO and CIO to ensure sustainable improvements are proposed and actioned.
  • Ensure risks are accurately reported to various stakeholders using available MI.
  • Hold Process Owners accountable to ensure they are escalating risk, control, and process deficiencies appropriately in accordance with the relevant risk frameworks and governance frameworks.
  • Implement and maintain sufficient and appropriate processes to evidence work performed for review by GIA and others.

People & Talent

  • Lead through example and build the appropriate culture and values.
  • Act as a trusted advisor and risk control partner to the first lines.
  • Set appropriate tone and expectations from team and work in collaboration with risk and control partners.
  • Exemplify fundamental knowledge and skillset in ICS and Technology risk management to be effective including core understanding of the CIB, the Bank Strategy, the industry, priorities and objectives of the area supported.
  • Uphold and reinforce the independence of the second line OTCR CIB.

Risk Management

  • Deliver the defined aspects of this role to support the Group's Enterprise Risk Management approach and objectives.
  • Oversee and challenge 1st line ICS and Technology risk proposal and risk-taking activities.
  • Closely track deliverables and commitments, raising concerns at the appropriate Governance forums.
  • Support the CIB in their identification of ICS and Technology risk by being threat-led focused, prioritise high value activities and provide pragmatic and proportionate risk guidance.
  • Lead the monitoring, assessment and advise to the business on acceptable risk tolerances based on policy and control environment and the evolving regulatory and threat landscape.

Governance

  • Establish strong ties into the relevant business leadership, governance, risk and control committee to ensure adequate monitoring, tracking and governance of ICS and Technology risk.
  • Use the Governance forums to challenge constructively and effectively the first line in their responsibilities of ICS and Technology Risk Management.
  • Drive integration of ICS and Technology RTF into CIB and utilise for the ongoing governance of risk.

Regulatory & Business Conduct

  • Display exemplary conduct and live by the Group’s Values and Code of Conduct.
  • Take personal responsibility for embedding the highest standards of ethics, including regulatory and business conduct, across Standard Chartered Bank. This includes understanding and ensuring compliance with, in letter and spirit, all applicable laws, regulations, guidelines and the Group Code of Conduct.
  • Achieve the outcomes set out in the Bank’s Conduct Principles
  • Effectively and collaboratively identify, escalate, mitigate and resolve risk, conduct and compliance matters.

Key Stakeholders

  • Group OTCR LT
  • OTCR Senior Operational Risk Officers, ICS and Technology SMEs
  • OTCR Framework & Stress Testing
  • OTCR Assurance and Testing
  • OTCR Operations, Reporting and Analytics
  • CIB MTs and COOs
  • CISO
  • CIO
  • Group Internal Audit

Other Responsibilities

  • Embed Here for good and Group’s brand and values in Group OTCR, the role will provide strategic thinking and thought leadership across Group and Country OTCR CIB by connecting the dots and provide opinions in key focus areas such as operational, resilience and third-party risks.

Our Ideal Candidate

  • 7+ years of experience in Risk management, Cyber security , Technology risk
  • Significant proven experience in ICS and Technology risk, senior governance and policy, risk management, or audit role, preferably in the ICS and Technology field.
  • Bachelor’s Degree in Computer Science, Information Technology, Cybersecurity, Business Management, or other related discipline.
  • Strong knowledge of security frameworks (COBIT, ISF, COSO), standards (ISO, NIST, CIS), Cyber Attack Surface, Cyber Kill Chain, and information security principles and security architecture. This includes identity and access management, network security, information protection, secure logging and monitoring, security incident management, security awareness, secure configuration, system lifecycle security, and third security party management.
  • Strong risk knowledge on technology architecture, implementation, change management and risks associated with Cloud and emerging technologies.
  • Thorough understanding of IT security and Technology business processes, risks, threats and internal controls.
  • Experience working in or with the financial services industry with keen understanding of business and operational environments.
  • Strong leadership, negotiation and collaboration skills, and ability to work effectively in a complex multicultural and multi-time zone organization.
  • Strong analytical and program management skills.
  • Experience in leading a geographically dispersed organization.
  • Ability to collect and analyse data, establish facts, and make recommendations in written and oral form.
  • Ability to liaise with all parts of the Bank, including senior security, risk and business stakeholders.

Role Specific Technical Competencies

  • Risk Management
  • Information Security Policy and Strategy
  • Cyber Security
  • Information Assurance
  • Emerging Technologies
  • Risk & Control Self-Assessment (RCSA)
  • Information Technology

About Standard Chartered

We're an international bank, nimble enough to act, big enough for impact. For more than 170 years, we've worked to make a positive difference for our clients, communities, and each other. We question the status quo, love a challenge and enjoy finding new opportunities to grow and do better than before. If you're looking for a career with purpose and you want to work for a bank making a difference, we want to hear from you. You can count on us to celebrate your unique talents and we can't wait to see the talents you can bring us.

Our purpose, to drive commerce and prosperity through our unique diversity, together with our brand promise, to be here for good are achieved by how we each live our valued behaviours. When you work with us, you'll see how we value difference and advocate inclusion.

Together we:

  • Do the right thing and are assertive, challenge one another, and live with integrity, while putting the client at the heart of what we do
  • Never settle, continuously striving to improve and innovate, keeping things simple and learning from doing well, and not so well
  • Are better together, we can be ourselves, be inclusive, see more good in others, and work collectively to build for the long term

What we offer

In line with our Fair Pay Charter, we offer a competitive salary and benefits to support your mental, physical, financial and social wellbeing.

  • Core bank funding for retirement savings, medical and life insurance, with flexible and voluntary benefits available in some locations.
  • Time-off including annual leave, parental/maternity (20 weeks), sabbatical (12 months maximum) and volunteering leave (3 days), along with minimum global standards for annual and public holiday, which is combined to 30 days minimum.
  • Flexible working options based around home and office locations, with flexible working patterns.
  • Proactive wellbeing support through Unmind, a market-leading digital wellbeing platform, development courses for resilience and other human skills, global Employee Assistance Programme, sick leave, mental health first-aiders and all sorts of self-help toolkits
  • A continuous learning culture to support your growth, with opportunities to reskill and upskill and access to physical, virtual and digital learning.
  • Being part of an inclusive and values driven organisation, one that embraces and celebrates our unique diversity, across our teams, business functions and geographies - everyone feels respected and can realise their full potential.

Recruitment Assessments

Some of our roles use assessments to help us understand how suitable you are for the role you've applied to. If you are invited to take an assessment, this is great news. It means your application has progressed to an important stage of our recruitment process.

Visit our careers website www.sc.com/careers

Sharing is Caring

Know others who would be interested in this job?