Role Responsibilities
Strategy
· Accountable for the Ventures Information and Cyber Security Strategy
· Responsible to socialize the strategy within the platform and the Ventures and liaise with the Ventures’ CTO/Tech Team and Technology Teams
· Responsible for the execution and implementation of the Strategy within SCV platform and Supporting the various Ventures in their deployment journey
· Governance during Venture Building lifecycle (controls assessment, risk ratings, initiate pen tests)
· Supporting the Ventures in their incubation and pre-release stages (till go-live) in their ICS delivery (including ad-hoc monitoring after go-live)
· Provide deep consulting expertise on complex projects, delivering workable and risk/threat-driven solutions;
· Define various threat modelling techniques at an application, system and enterprise level.
· Provide thought leadership on emerging technologies and how they can be secured;
Business
· Be the focal point for ICS across Ventures. Drive to a strong engagement both with Ventures CTO/Tech Team and Operating Members
· Identify and manage ICS risk within the Platform and Pre Go-Live Ventures including monitoring the full closure of such findings
· Educate Senior executives regarding ICS Risks to drive accountability across the business
· Work in an Agile environment to drive continuous improvement (efficiency and effectiveness) to align to System Readiness Assurances (SRA) and perform Security Impact Assessments (SIA);
· Conduct ICS Risk Assessments for PoCs and Special Projects for SC Group
· Address GIA queries for SCV infra and apps and address GIA RFIs for SCV ICS strategy, standards, controls and ICS tools
Processes
· Proven ability to lead highly complex, global, pan-bank, multi-year programmes by driving collaboration and participation by functions, Regions and countries.
People & Talent
· Excellent organisation and leadership skills with ability to manage multiple deadlines and effectively prioritise, including strong collaboration with peers
· In-Directly managing Ventures ICS team members allocating work as per key priorities
Risk Management
· Ensure Pre Go Live Ventures implement Risk and Threat Framework
· Responsible for ICS controls implementation across the Platform and Pre Go Live Ventures
· Responsible for monitoring and managing ICS Incidents for the Platform and Pre Go Live Ventures
· Responsible for Define, Maintain and Operate the process of the Third Party Security Assessment for the Platform and Pre Go Live ventures (including follow up of closure of any findings)
· Responsible for reviewing and monitoring the Pentest process for Pre Go Live Ventures
· Responsible for ICS Policies Standards across Ventures
· Drive the adoption of “lessons learnt” driving consistency and efficiency.
· Responsible to remediate Audit/Regulator ICS Issues for Pre Go Live Ventures
· Support the management of the programme professionally and efficiently, closely tracking timeline commitments for provision of information and action plans, and for validation of actions taken
· Provision / De-provision access and conduct UAR on SCV Platform infra and apps (e.g. EUC, SaaS)
· Demonstrate ICS compliance to regulatory guidelines for Pre Go Live Ventures
· Effectiveness review and assessment on quality of ICS implementation
· Review ICS approach, system architecture and control design
Governance
· Ensure key ICS risk and issues are monitored and appropriately addressed by key stakeholders
· Ensure and report adoption of the ICS controls across Ventures
· Ensure ICS Controls are being adopted in new technologies and projects
Regulatory & Business Conduct
· Display exemplary conduct and live by the Group's Values, Valued Behaviours, and Code of Conduct
· Take personal responsibility for embedding the highest standards of ethics, including regulatory and business conduct, across the Bank.
· Effectively and collaboratively identify, escalate, mitigate, and resolve risk, conduct and compliance matters.
Key stakeholders
· Global CISO and ICS MT
· SCV CTO
· Ventures CTOs and Operating Members
· Ventures 2nd Line Risk, CISRO and Audit
· ICS Control owners
Our Ideal Candidate
· 5+ years’ experience in banking industry is an advantage
· Experience in IT and ICS operations execution and management
· Experience in securing Cloud Infrastructure and Network Security
· Experience securing Software/Code
· Experience in ICS Risk Framework within banking industry
· Experience managing global Transformational Programs
· Education - Bachelor’s degree (Economics, Management, IT) - Advantage
Role Specific Competencies
· Understanding of the Cyber landscape and ICS Controls within the CPBB environment
· Excellent organisation and leadership skills with ability to manage multiple deadlines and effectively prioritise
· Proven ability to lead highly complex, global, pan-bank, multi-year programmes by driving collaboration and participation by functions, Regions and countries.
· Extensive change and programme management experience, ideally gained in the financial industry
· Ability to foster positive relationships with internal and external stakeholders at appropriate level ensuring open cooperative environment. Be a Team player.
About Standard Chartered
We're an international bank, nimble enough to act, big enough for impact. For more than 160 years, we've worked to make a positive difference for our clients, communities, and each other. We question the status quo, love a challenge and enjoy finding new opportunities to grow and do better than before. If you're looking for a career with purpose and you want to work for a bank making a difference, we want to hear from you. You can count on us to celebrate your unique talents. And we can't wait to see the talents you can bring us.
Our purpose, to drive commerce and prosperity through our unique diversity, together with our brand promise, to be here for good are achieved by how we each live our valued behaviours. When you work with us, you'll see how we value difference and advocate inclusion. Together we:
· Do the right thing and are assertive, challenge one another, and live with integrity, while putting the client at the heart of what we do
· Never settle, continuously striving to improve and innovate, keeping things simple and learning from doing well, and not so well
· Be better together, we can be ourselves, be inclusive, see more good in others, and work collectively to build for the long term
In line with our Fair Pay Charter, we offer a competitive salary and benefits to support your mental, physical, financial and social wellbeing.
· Core bank funding for retirement savings, medical and life insurance, with flexible and voluntary benefits available in some locations
· Time-off including annual, parental/maternity (20 weeks), sabbatical (12 weeks maximum) and volunteering leave (3 days), along with minimum global standards for annual and public holiday, which is combined to 30 days minimum
· Flexible working options based around home and office locations, with flexible working patterns
· Proactive wellbeing support through Unmind, a market-leading digital wellbeing platform, development courses for resilience and other human skills, global Employee Assistance Programme, sick leave, mental health first-aiders and all sorts of self-help toolkits
· A continuous learning culture to support your growth, with opportunities to reskill and upskill and access to physical, virtual and digital learning
· Being part of an inclusive and values driven organisation, one that embraces and celebrates our unique diversity, across our teams, business functions and geographies - everyone feels respected and can realise their full potential.
Recruitment assessments - some of our roles use assessments to help us understand how suitable you are for the role you've applied to. If you are invited to take an assessment, this is great news. It means your application has progressed to an important stage of our recruitment process.
Visit our careers website www.sc.com/careers
