Job Summary

This role will be part of the Vulnerability Advisory & Governance team within the Security Vulnerability Lifecycle Management function and is responsible for the vulnerability assessment, vulnerability risk rating classification and driving remediation governance of vulnerabilities identified that could potentially impacting the Bank's infrastructure or products.

The ideal candidate will have a deep understanding of vulnerability management, threat assessment and remediation processes. 

Key Responsibilities

•    Oversee and prioritize vulnerability remediation efforts based on severity and potential impact on Bank’s operation and reputation, which includes management of tracking and remediation of vulnerabilities by leveraging agreed upon action plans and timelines (SLAs) with Technology/ Business stakeholders within the Bank 
•    Assess impact, threat and exploitation scenarios for potential vulnerabilities impacting the Bank’s infrastructure or products, research on security vulnerabilities and latest advancements in the vulnerability management lifecycle and tools. 
•    Aggregate vulnerability assessment results from security partner teams, utilizing a combination of automated tools and manual reviews to identify potential attack surface to drive remediation prioritization of high-profile vulnerability.
•    Collaborate with threat intelligence and cyber defence team to drive remediation prioritization or mitigation strategies by leveraging information on threat or exploitation context. 
•    Coordinate and lead vulnerability management forums with operation and engineering teams as required to govern outstanding vulnerability remediation findings and providing status updates.
•    Initiating and managing vulnerability critical incident call by providing expertise and situational awareness in vulnerability assessment, advisory on mitigation strategies, attack surface reduction and remediation activities
•    Develop and maintain documentation related to vulnerability management, threat assessment and remediation process.
•    Support organization through internal and external audits of the various processes and procedures in use
•    Leverage available data sets to deliver and enhance weekly/monthly recurring reports and present these in the relevant forums to stakeholders.
•    Stay abreast of emerging threats, vulnerabilities and mitigation techniques through ongoing research and professional development.
•    Communicate effectively orally and in writing and establish cooperative working relationships.

Skills and Experience

•    Between 8 - 12 years of in-depth, hands-on working knowledge in security technologies and operational experience in a global environment, preferably in Banking and Financial services sector.
•    You’ll have strong understanding of network security principles and basic threat detection techniques, with skills in monitoring security systems and identifying potential cyber security risks within a banking environment.
•    Solid knowledge of banking security compliance requirements and ability to support implementation of security protocols and data protection measures.
•    Proficiency in fundamental cyber security tools and technologies.
•    Network security architecture concepts including topology, protocols, components, and principles (e.g., application of defence-in-depth).
•    Knowledge of information technology (IT) supply chain security and supply chain risk management policies, requirements, and procedures.  

Competencies

About Standard Chartered

We're an international bank, nimble enough to act, big enough for impact. For more than 170 years, we've worked to make a positive difference for our clients, communities, and each other. We question the status quo, love a challenge and enjoy finding new opportunities to grow and do better than before. If you're looking for a career with purpose and you want to work for a bank making a difference, we want to hear from you. You can count on us to celebrate your unique talents and we can't wait to see the talents you can bring us.

Our purpose, to drive commerce and prosperity through our unique diversity, together with our brand promise, to be here for good are achieved by how we each live our valued behaviours. When you work with us, you'll see how we value difference and advocate inclusion.

Together we:

• Do the right thing and are assertive, challenge one another, and live with integrity, while putting the client at the heart of what we do
• Never settle, continuously striving to improve and innovate, keeping things simple and learning from doing well, and not so well
• Are better together, we can be ourselves, be inclusive, see more good in others, and work collectively to build for the long term

What we offer

In line with our Fair Pay Charter, we offer a competitive salary and benefits to support your mental, physical, financial and social wellbeing.

• Core bank funding for retirement savings, medical and life insurance, with flexible and voluntary benefits available in some locations.
• Time-off including annual leave, parental/maternity (20 weeks), sabbatical (12 months maximum) and volunteering leave (3 days), along with minimum global standards for annual and public holiday, which is combined to 30 days minimum.
• Flexible working options based around home and office locations, with flexible working patterns.
• Proactive wellbeing support through Unmind, a market-leading digital wellbeing platform, development courses for resilience and other human skills, global Employee Assistance Programme, sick leave, mental health first-aiders and all sorts of self-help toolkits
• A continuous learning culture to support your growth, with opportunities to reskill and upskill and access to physical, virtual and digital learning.
• Being part of an inclusive and values driven organisation, one that embraces and celebrates our unique diversity, across our teams, business functions and geographies - everyone feels respected and can realise their full potential.

Recruitment Assessments

Some of our roles use assessments to help us understand how suitable you are for the role you've applied to. If you are invited to take an assessment, this is great news. It means your application has progressed to an important stage of our recruitment process.

Visit our careers website www.sc.com/careers