Job Summary
The Group Chief Information Security Officer (CISO) organisation is instrumental in protecting and ensuring the resilience of Standard Chartered Bank’s data and IT systems by managing Information and Cyber Security (ICS) risk across the enterprise.
Group ICS Risk & Governance Function is central to ensuring the Bank’s ability to meet its ICS commitment to internal and external stakeholders, including regulators, as well as maintaining an acceptable ICS risk profile that is regularly reported to the Board.
The Lead, ICS Strategy, Service Management & People will report into Head, ICS Strategy, Financials & Service Mgmt. within the ICS Risk & Governance function.
The role will be responsible for ICS operational strategy definition and tracking for execution, ICS Service Management as delegated ownership for Group CISO ensuring compliance to Bank’s standards and key dates and leading People Agenda and related initiatives across ICS.
The role will also be responsible for defining the Risk & Governance and ICS operational strategies and implementing the frameworks to govern and track the required sign-offs & deliverables to completion and managing and coordinating all Risk and Governance Management priorities and pan Risk & Governance initiatives.
Key Responsibilities
Strategy (ICS & RnG)
The strategy sets out the overall direction and delivery principles for ICS & RnG organisation by providing a desired future state, roadmap, high-level steps, funding requirements, measurable benefits to achieve the organisational objectives.
• ICS Strategy: The role will own the ICS Strategy and responsible for defining and implementing the framework to effectively manage and govern the definition, approval and implementation of the ICS Strategy.
• Creating short, medium and long-term ICS Strategy and track progress to ensure that we are delivering what was promised.
• Building a strategy at an operational level to drive ICS towards its future state and aligning all budget and headcount and vendor activities to the achievement of this strategy.
• Driving continuous evolution and deployment of various capabilities, identifying, designing, and delivering capabilities that will contribute to the execution of the CISO strategy & organisational design.
• Presenting the Strategy to various key stakeholders.
• Proactively engaging with stakeholders, being a trusted partner, to ensure their current and future requirements are catered for, providing support, especially within resourcing and people related areas, across various ICS domains to ensure mobilisation of their plans.
• Enabling ongoing efficient delivery of services and processes through consolidation of technologies and implementation of self-service and/or automated, capabilities that support domain strategies.
ICS Service Management
• Oversight and coordination of, with delegated ownership from Global Head, Information & Cybersecurity, the Master Service Agreement, Master Service Level Agreements and Outsourcing initiatives across ICS ensuring adherence to Bank and regulatory standards, supporting Country level service reviews, Periodic Risk Reviews and related service, risk and control commitments. Including related Group outsourcing Inventory applicable to Singapore Third Party Risk Management Committee (TPRMC) and outlined governance requirement from Monetary Authority of Singapore (MAS).
• Define; agree and Implement framework to define service management roles & responsibilities across ICS, manage in-scope Service Management activities to closure ensuring timely completion of all required activities, obtain Management sign-offs in alignment to Bank’s requirements and standards.
• Lead initiatives to streamline Service Management processes centrally across ICS services lines (i.e. combined BIA plans for locations)
• Provide support, training and mentorship for junior staff (Matrix reportees) in upskilling their capabilities to provide support for ICS Service Management.
• Centrally coordinate ICS incoming and outgoing organisation transition & changes across ICS across key stakeholders including ICS BPM, Vendor Management, Finance, HR, Risk & Governance ensuring all changes documented, signed off and managed in alignment to Bank Standards,
People Agenda & Initiatives
• Develop and drive people agenda and related initiatives across ICS supported by a robust communication strategy to ensure full awareness and progress across ICS population.
• Define and agree a plan to holistically manage and track the people initiatives being delivered across the ICS People Pillars and ensure linkage with people initiatives across wider Bank and HR teams.
• Manage quarterly external training process ensuring external training requirements are gathered and approved with agreed stakeholders in line with agreed ICS and Bank principles. Continue refining and streamlining the external training process to ensure continued enhancement and leverage training requirement trends to drive uplift of internal training content.
• ICS Conduct champion, ICS conduct is a mandatory compliance component requiring and requires continued ICS adherence. Conduct Champion will provide full visibility & transparency on ICS Conduct metrics and compliance across ICS MT, highlighting areas to be addressed, and centrally tracking all actions to address non-adherence.
• Highlight thematic findings impacting Conduct and propose areas to address and plans to address and prevent future occurrences.
• Partner with the ICS MT, HR Partners to design and implement initiatives addressing areas of improvement and enhance the workplace based on My Voice feedback
Business Prioritisation
• Risk & Governance Priorities and Objectives: Define, communicate & track ICS R&G annual objectives and metrics ensuring alignment to wider ICS, TTO and Group objectives. Establish and manage the framework for measuring performance, aligning and prioritizing all BAU & Project work against agreed objectives. Provide accurate status reporting in R&G MT Meetings and coordinate any corrective action required to meet objectives that are lagging.
• Responsible for the definition, documentation and continuous improvement of the ICS R&G operating model to ensure roles and responsibilities are clearly defined and the function is optimally structured, organised and is within the approved annual budget. Partner with ICS Strategy, Finances & Service Management and other stakeholders to manage any change to ICS R&G Target Operating Model in alignment with organisational standards & targets.
• Communications and Engagement: Partner with TTO Comms team & ICS R&G MT to define and implement annual comms strategy across ICS R&G, ensuring the team and our key stakeholders are informed, updated and engaged on a consistent and regular basis (Examples include all Town Halls, Stakeholder Briefings, People Leader and MT Connect sessions, newsletters, function wide training and development).
People & Talent
• Work with HR & ICS R&G MT to define and execute the ICS R&G people strategy, including TOM, location strategy, spans & layers and skill requirements.
• Provide leadership, management and coaching to matrix reports to ensure they are highly engaged and performing to their potential.
• Set job descriptions and objectives for matrix reports and regularly provide feedback on performance against those responsibilities and objectives.
• Lead through example and build the appropriate culture and values. Set appropriate tone and expectations across the portfolio and work in collaboration with risk and control partners.
Governance
• Oversee the definition of a set of key deliverables and KPIs which enable tracking of delivery.
• Support Global Head ICS Risk & Governance & ICS Risk & Governance Management team to ensure ICS R&G wide adherence to annual conduct & mandatory compliance standards.
Regulatory & Business Conduct
• Display exemplary conduct and live by the Group's Values, Valued Behaviours, and Code of Conduct
• Take personal responsibility for embedding the highest standards of ethics, including regulatory and business conduct, across the Bank.
• Lead the team to achieve the outcomes set out in the Bank's Conduct Principles.
• Effectively and collaboratively identify, escalate, mitigate, and resolve risk, conduct and compliance matters.
• Display exemplary conduct and live by the Group’s Values and Code of Conduct.
• Take personal responsibility for embedding the highest standards of ethics, including regulatory and business conduct, across Standard Chartered Bank. This includes understanding and ensuring compliance with, in letter and spirit, all applicable laws, regulations, guidelines and the Group Code of Conduct.
• Help the Group meet its commitment of being “Here for Good”
• Effectively and collaboratively identify, escalate, mitigate, and resolve risk, conduct and compliance matters.
Key stakeholders
• Head, ICS Strategy, Financials & Service Mgmt.
• Global Head, ICS Risk & Governance
• ICS Risk and Governance Management Team & members
• ICS Management Team (MT) Members
• Chief Information Security Officers (CISOs) across all businesses and functions
• Chief Information Security Risk Officers (CISRO/ISRO) across all businesses and functions
• COOs/CIOs of different businesses/functions
• Group Internal Audit (GIA)
• HR Business Partners
• Sourcing & Vendor Management
Our Ideal Candidate
• 10+ years experience in organisational skills and process discipline to drive multiple agendas, with flexibility and responsiveness to handle changing priorities and requirements from stakeholders.
• Creative problem-solver able to quickly prioritise, break down an issue and identify a path to resolution, able to work on broad strategic multi-year initiatives as well as day-to-day processes and tasks.
• Experienced in information technology management and approaches, able to understand and be comfortable with cyber security jargon, global and diverse working experience across matrixed organisations.
• Experience engaging and influencing at senior levels internally and externally, including directly engaging with or presenting to Board members, regulatory bodies, and senior stakeholders.
• Experience of developing a people strategy, operating models, and organisational design, influencing relevant stakeholders and decision makers, and executing decisions efficiently and consistently. Capabilities in driving people change/diversity/culture improvement programs required.
• Strong sense of personal ownership and responsibility in accomplishing the organisation’s goal. Is confident in capabilities, though resilient enough to handle mistakes as an opportunity to learn and improve, quick to learn, high energy levels and happy to roll-up his/her sleeves to drive success.
• Extensive experience working across business management, Service Office, risk and planning domains, management and oversight of budgeting and forecasting cycles, particularly around headcount and vendor spend, high level of discretion given restricted and confidential information handled.
• Excellent communication skills – oral, written and presentation, enables transparency and sharing of information and skills with an ability to break down complex concepts to an appropriate level for the audience.
• Able to make the challenging decisions, influence key parties and effect change.
• Project Management certification useful.
Role Specific Technical Competencies
- Customer and Stakeholder engagement
- Business & Process Management
- Communications, Materials Preparation & Presentation Skills
- Gives Clarity and Guidance
- Strategic Mindset
About Standard Chartered
We're an international bank, nimble enough to act, big enough for impact. For more than 170 years, we've worked to make a positive difference for our clients, communities, and each other. We question the status quo, love a challenge and enjoy finding new opportunities to grow and do better than before. If you're looking for a career with purpose and you want to work for a bank making a difference, we want to hear from you. You can count on us to celebrate your unique talents and we can't wait to see the talents you can bring us.
Our purpose, to drive commerce and prosperity through our unique diversity, together with our brand promise, to be here for good are achieved by how we each live our valued behaviours. When you work with us, you'll see how we value difference and advocate inclusion.
Together we:
- Do the right thing and are assertive, challenge one another, and live with integrity, while putting the client at the heart of what we do
- Never settle, continuously striving to improve and innovate, keeping things simple and learning from doing well, and not so well
- Are better together, we can be ourselves, be inclusive, see more good in others, and work collectively to build for the long term
What we offer
In line with our Fair Pay Charter, we offer a competitive salary and benefits to support your mental, physical, financial and social wellbeing.
- Core bank funding for retirement savings, medical and life insurance, with flexible and voluntary benefits available in some locations.
- Time-off including annual leave, parental/maternity (20 weeks), sabbatical (12 months maximum) and volunteering leave (3 days), along with minimum global standards for annual and public holiday, which is combined to 30 days minimum.
- Flexible working options based around home and office locations, with flexible working patterns.
- Proactive wellbeing support through Unmind, a market-leading digital wellbeing platform, development courses for resilience and other human skills, global Employee Assistance Programme, sick leave, mental health first-aiders and all sorts of self-help toolkits
- A continuous learning culture to support your growth, with opportunities to reskill and upskill and access to physical, virtual and digital learning.
- Being part of an inclusive and values driven organisation, one that embraces and celebrates our unique diversity, across our teams, business functions and geographies - everyone feels respected and can realise their full potential.
Recruitment Assessments
Some of our roles use assessments to help us understand how suitable you are for the role you've applied to. If you are invited to take an assessment, this is great news. It means your application has progressed to an important stage of our recruitment process.
Visit our careers website www.sc.com/careers
