Job Summary

As a AVP Cyber security, you will play a critical role in ensuring the security of our systems and networks. Your primary responsibility will be to evaluate security architectures and designs, validating their adequacy in response to requirements outlined in Requirements. You'll work closely with cross-functional teams to determine protection needs (security controls) for information systems and networks, documenting them appropriately. And also play a critical role in helping teams on vulnerability remediation

•    Security Architecture Evaluation:
-    Evaluate proposed security designs and architectures to ensure compliance with Non-Functional Requirements.
-    Identify vulnerabilities, risks, and potential gaps in security.
-    Collaborate with stakeholders to address security concerns proactively.

•    Threat Modelling:
-    Conduct threat modelling exercises to identify potential threats and attack vectors.
-    Analyse system components, data flows, and interactions to assess security risks.
-    Propose mitigation strategies based on threat modelling findings.

•    External-Facing Application Threat Modelling:
-    Specifically focus on threat modelling for applications exposed to external users.
-    Consider risks related to authentication, authorization, input validation, and data exposure.
-    Collaborate with Product and development teams to enhance security posture leveraging the backlog and priorotisation.

•    Incident Response:
-    Develop and maintain incident response plans.
-    Participate in incident handling, including detection, analysis, containment, eradication, and recovery.
-    Coordinate with incident response teams and external partners as needed.

•    Security Controls Documentation:
-    Document comprehensive security controls required for information systems and networks.
-    Ensure alignment with industry best practices and standards.
-    Maintain accurate records of security decisions and the rationale behind them.

•    Security Testing and Validation:
-    Develop and implement test scripts to validate the effectiveness of security systems.
-    Participate in security testing activities, including vulnerability assessments and penetration testing.
-    Verify the efficiency of security controls.
 

Key Responsibilities

•    Continuous Learning and Collaboration:
-    Stay updated on emerging security practices, standards, and technologies.
-    Participate in educational opportunities and professional organisations.
-    Share knowledge and insights with the broader community.
-    
•    Middle-Level Mastery:
-    Lead, mentor, and influence Hives/Squads with Security first
-    Provide guidance, set objectives, and oversee the security symphony in project execution.
-    Collaborate with senior management to align security initiatives with organizational objectives.

•    . Stakeholder Enchantment:
-    Engage with internal and external stakeholders, including business units, legal, compliance, and executive leadership.
-    Communicate security risks, strategies, and recommendations clearly and concisely.
-    Foster strong relationships to ensure security alignment across the organization.

Regulatory & Business Conduct

•    Display exemplary conduct and live by the Group’s Values and Code of Conduct. 
•    Take personal responsibility for embedding the highest standards of ethics, including regulatory and business conduct, across Standard Chartered Bank. This includes understanding and ensuring compliance with, in letter and spirit, all applicable laws, regulations, guidelines and the Group Code of Conduct.
•    Effectively and collaboratively identify, escalate, mitigate and resolve risk, conduct and compliance matters.
•    Lead the [country / business unit / function/[team] to achieve the outcomes set out in the Bank’s Conduct Principles: [Fair Outcomes for Clients; Effective Financial Markets; Financial Crime Compliance; The Right Environment.] *

Skills and Experience

• Security Controls Documentation    
• Vulnerability Management    
• Security Architecture Evaluation    
• Threat Modeling    
• Security Testing and Validation    

Qualifications

• EDUCATION     Bachelor's degree in Computer Science, Information Security, or related field.
• Experience in threat modelling, security architecture, and risk assessment.
• Proficiency in security tools and technologies.
• Strong analytical and problem-solving skills.
• Excellent communication and collaboration abilities.
• CERTIFICATIONS     Certifications such as CISSP, CISM, or CEH are highly desirable

About Standard Chartered

We're an international bank, nimble enough to act, big enough for impact. For more than 170 years, we've worked to make a positive difference for our clients, communities, and each other. We question the status quo, love a challenge and enjoy finding new opportunities to grow and do better than before. If you're looking for a career with purpose and you want to work for a bank making a difference, we want to hear from you. You can count on us to celebrate your unique talents and we can't wait to see the talents you can bring us.

Our purpose, to drive commerce and prosperity through our unique diversity, together with our brand promise, to be here for good are achieved by how we each live our valued behaviours. When you work with us, you'll see how we value difference and advocate inclusion.

Together we:

• Do the right thing and are assertive, challenge one another, and live with integrity, while putting the client at the heart of what we do
• Never settle, continuously striving to improve and innovate, keeping things simple and learning from doing well, and not so well
• Are better together, we can be ourselves, be inclusive, see more good in others, and work collectively to build for the long term

What we offer

In line with our Fair Pay Charter, we offer a competitive salary and benefits to support your mental, physical, financial and social wellbeing.

• Core bank funding for retirement savings, medical and life insurance, with flexible and voluntary benefits available in some locations.
• Time-off including annual leave, parental/maternity (20 weeks), sabbatical (12 months maximum) and volunteering leave (3 days), along with minimum global standards for annual and public holiday, which is combined to 30 days minimum.
• Flexible working options based around home and office locations, with flexible working patterns.
• Proactive wellbeing support through Unmind, a market-leading digital wellbeing platform, development courses for resilience and other human skills, global Employee Assistance Programme, sick leave, mental health first-aiders and all sorts of self-help toolkits
• A continuous learning culture to support your growth, with opportunities to reskill and upskill and access to physical, virtual and digital learning.
• Being part of an inclusive and values driven organisation, one that embraces and celebrates our unique diversity, across our teams, business functions and geographies - everyone feels respected and can realise their full potential.