Senior Information Security Manager
About Standard Chartered
We are a leading international bank focused on helping people and companies prosper across Asia, Africa and the Middle East.
To us, good performance is about much more than turning a profit. It's about showing how you embody our valued behaviours - do the right thing, better together and never settle - as well as our brand promise, Here for good.
We're committed to promoting equality in the workplace and creating an inclusive and flexible culture - one where everyone can realise their full potential and make a positive contribution to our organisation. This in turn helps us to provide better support to our broad client base.
The Role Responsibilities
Behaviour and Conduct
- Review STS domain Risk Acceptance and Risk Assessment papers with focus on mitigation actions and closure evidence criteria.
- Review and validate operational and information cyber security related issues and actions across STS domains captured in Enterprise risk platform.
- Review risk metrics and trending to identify controls weakness and improvement required
- Ensure RACI in place on various risk related processes
- Facilitate change management for the amalgamation of Operational Risk Framework/Information Cyber Security Framework metrics
- Review of STS processes for risk identification and control measurements
- Display exemplary conduct and live by the Group's Values and Code of Conduct.
- Take personal responsibility for embedding the highest standards of ethics, including regulatory and business conduct, across Standard Chartered Bank. This includes understanding and ensuring compliance with, in letter and spirit, all applicable laws, regulations, guidelines and the Group Code of Conduct.
- Effectively and collaboratively identify, escalate, mitigate and resolve risk, conduct and compliance matters
Our Ideal Candidate
- STS Domain Risk Teams
- STS Domain SMEs
- STS Central Risk & Control Team
- TS Risk & Control
- T&I Risk and Control team
The successful candidate should have at least 12 years of experience in work related to Technology Risk Management, Information Security, Technology Compliance or related roles, ideally in the Financial Services industry. The preferred candidate will have an in-depth understanding of controls, metrics and controls sample testing required to manage Technology Operational risk and Information & Cyber Security risk. Experience on risk management tools that have been used in the industry . Clear, Concise and Articulate communication of work results is required for success. Engage and collaborate with senior management. Analytical skill to support technology services to identify root issues and track mitigation. Able to improve and drive new technology risk framework and operational execution. Candidate to have continuous improvement mindset in driving strong risk culture among technology service lines.
In addition, the following qualifications are preferred:
- Relevant industry certifications (e.g. CISSP, CRISC, CISA, etc.)
- Knowledge of technology risk mitigation actions.
- Familiarization with Risk metrics and analysis.
- Experience with independent control effectiveness testing.
- Performed technology related system implementation or operation support
Apply now to join the Bank for those with big career ambitions.