Job Summary

•    The primary purpose of this position is to ensure that all Information and Cyber Security (ICS) , Technology Legal, Regulatory and Mandatory [LRM] requirements are understood and that applicable requirements are mapped to the Policy Framework, any gaps assessed and treated so that identified risks are appropriately managed. 
•    The successful candidate will report to the VP, ICS Regulatory Management as well as work with other key stakeholders across the bank including OTCR SMEs from Group and Country, AIC LRM Team, 1LoD Process Owners and others based on the responsibilities.

Regulatory & Business Conduct

•    Display exemplary conduct and live by the Group’s Values and Code of Conduct. 
•    Take personal responsibility for embedding the highest standards of ethics, including regulatory and business conduct, across Standard Chartered Bank. This includes understanding and ensuring compliance with, in letter and spirit, all applicable laws, regulations, guidelines and the Group Code of Conduct.
•    Lead to achieve the outcomes set out in the Bank’s Conduct Principles: [Fair Outcomes for Clients; Effective Financial Markets; Financial Crime Compliance; The Right Environment.]
•    Effectively and collaboratively identify, escalate, mitigate and resolve risk, conduct and compliance matters.
•    Serve as a Director of the Board
•    Exercise authorities delegated by the Board of Directors and act in accordance with Articles of Association (or equivalent)

Key stakeholders

•    ICS Standards
•    OTCR Group and Country SME
•    1LoD Process Owners
•    ICS AIC LRM Team

Key Responsibilities

•    The Manager, Information Cyber Security [ICS] Regulation is as a critical role that reports into the VP Information & Cyber Security Policy Regulation. This function sits within the Office of the “Frameworks, Reporting & Governance, T&O Risk” which maintains IS Policies and Standards effectively and in accordance with the ICS Risk Type Framework [RTF] and for instilling a culture of cyber security within the Bank. This function is responsible for ensuring that the ICS Standards is, at all times valid, relevant to applicable regulatory requirements. Responsibilities will include to:
•    Manage the identification, interpretation and recording of key market regulations with impact to the ICS Policy across 60 countries into the Group Obligation register. The role holder will be the Group process owner delegate for the ICS obligation register process.
•    Coordinate impact assessment for laws and regulations across first line and second line stakeholders for Group Compliance oversight.
•    Plan to adhere book of work comprising of industry standards and Regulatory Obligations and perform regulatory gap analysis 
•    Work with the team that ensures the ICS Framework is appropriately aligned to the legal and regulatory environment as required in the Group ICS Risk Type Framework. Provide detailed gap analysis against ICS Framework (ICS Risk Type Framework, ICS Policies and Standards) and metrics of potential changes in the Group ICS Policy.
•    Ensure that key Industry standards are incorporated and aligned to the ICS Policy Framework [i.e., NIST 800, ISO27001, FIPS-140-2, PCI-DSS, SWIFT] and promptly impact assess any changes.
•    As a delegate, coordinate large-scale regulatory change with the Central Compliance Regulatory Change Team.
•    Conduct regulatory attestations and provide high quality compliance responses on ICS Policy effectiveness prior to regulatory submissions from CISRO Policy Team.
•    Periodic maintenance of assigned ICS Standards based on change requests. Coordinate with Process owners and other stakeholders for feedback on improvements with ICS Standards and publish to GovPoint 
•    Understand to a good level of knowledge the ICS risk business alignment, risk framework, risk management process, compliance e.g., risk definition, risk tolerance, reporting metric, set up risk controls, risk monitoring, risk mitigation plan, etc.
•    Innovate solutions to bring efficiency to the ICS regulatory gap analysis and maintenance of the mapping to Group ICS Standards.

Skills and Experience

•    Information and Cyber Security, Technology  Frameworks
•    Industry Standards PCI DSS, ISO27001, NIST

Qualifications

•    ISACA or ISC2 Certifications Like CISA, CISM, CISSP

About Standard Chartered

We're an international bank, nimble enough to act, big enough for impact. For more than 170 years, we've worked to make a positive difference for our clients, communities, and each other. We question the status quo, love a challenge and enjoy finding new opportunities to grow and do better than before. If you're looking for a career with purpose and you want to work for a bank making a difference, we want to hear from you. You can count on us to celebrate your unique talents and we can't wait to see the talents you can bring us.

Our purpose, to drive commerce and prosperity through our unique diversity, together with our brand promise, to be here for good are achieved by how we each live our valued behaviours. When you work with us, you'll see how we value difference and advocate inclusion.

Together we:

• Do the right thing and are assertive, challenge one another, and live with integrity, while putting the client at the heart of what we do
• Never settle, continuously striving to improve and innovate, keeping things simple and learning from doing well, and not so well
• Are better together, we can be ourselves, be inclusive, see more good in others, and work collectively to build for the long term

What we offer

In line with our Fair Pay Charter, we offer a competitive salary and benefits to support your mental, physical, financial and social wellbeing.

• Core bank funding for retirement savings, medical and life insurance, with flexible and voluntary benefits available in some locations.
• Time-off including annual leave, parental/maternity (20 weeks), sabbatical (12 months maximum) and volunteering leave (3 days), along with minimum global standards for annual and public holiday, which is combined to 30 days minimum.
• Flexible working options based around home and office locations, with flexible working patterns.
• Proactive wellbeing support through Unmind, a market-leading digital wellbeing platform, development courses for resilience and other human skills, global Employee Assistance Programme, sick leave, mental health first-aiders and all sorts of self-help toolkits
• A continuous learning culture to support your growth, with opportunities to reskill and upskill and access to physical, virtual and digital learning.
• Being part of an inclusive and values driven organisation, one that embraces and celebrates our unique diversity, across our teams, business functions and geographies - everyone feels respected and can realise their full potential.