Job Summary

Responsibilities 

• Conduct Security Impact Assessment (SIA) for all project releases to ensure compliance with ICS standards
• Review and analyse security control exceptions, determine the residual risk, and define appropriate mitigating controls
• Negotiate and diligently track remediation timelines for identified security control deficiencies
• Support project business objectives by enabling project releases while ensuring a clear understanding and acceptance of any introduced risks
• Review and approve security exception renewals, including those escalated by the CIO, ensuring continued justification and risk acceptance
• Generate and present a comprehensive monthly exception report to CISO, detailing status, remediation progress, missed commitments and perpetual exceptions
• Collaborate with other CISO and OTCR process owners to drive continuous improvement in SIA and exception management processes
• Support the transition of SIA and exception management processes to Azure DevOps (ADO).
• Contribute to the evaluation and implementation of new security tooling and innovative approaches
• Actively participate in the design and enhancement of SIA and exception management workflows and reporting dashboard
• Manage adhoc responsibilities as required in the CISO area to support overall WRB risk management.

Strategy
•    Support the development and implementation of strategies to mitigate security risks and ensure the confidentiality, integrity, and availability of our systems and data.
•    Collaborate with security leadership, engineering, and compliance to execute security strategies

Business
•    Support project business objectives by enabling project releases while ensuring a clear understanding and acceptance of any introduced risks.

Processes
•    Review and approve security exception renewals, including those escalated by the CIO, ensuring continued justification and risk acceptance.
•    Collaborate with other CISO and OTCR process owners to drive continuous improvement in SIA and exception management processes.
•    Support the transition of SIA and exception management processes to Azure DevOps (ADO)

People & Talent
•    Lead through example and build the appropriate culture and values. Work in collaboration with risk and control partners

Risk Management
•    Review and analyse security control exceptions, determine the residual risk, and define appropriate mitigating controls.
•    Negotiate and diligently track remediation timelines for identified security control deficiencies. 
•    Contribute to the evaluation and implementation of new security tooling and innovative approaches.
•    Actively participate in the design and enhancement of SIA and exception management workflows and reporting dashboard.

Governance
•    Conduct Security Impact Assessment (SIA) for all project releases to ensure compliance with ICS standards.
•    Generate and present a comprehensive monthly exception report to CISO, detailing status, remediation progress, missed commitments and perpetual exceptions.

Regulatory & Business Conduct
•    Display exemplary conduct and live by the Group's Values, Valued Behaviours, and Code of Conduct
•    Take personal responsibility for embedding the highest standards of ethics, including regulatory and business conduct, across the Bank. 
•    Effectively and collaboratively identify, escalate, mitigate, and resolve risk, conduct and compliance matters.

Key stakeholders
•    CISO, WRB & Markets
•    Head of ICS Controls and Sustainability, WRB & Markets
•    CIO Teams in WRB & Markets
•    Cluster and Market CISOs

Skills and Experience

Understanding of the Cyber landscape and ICS Controls within the banking environment
Excellent organisation skills with ability to manage multiple deadlines and effectively prioritise
Ability to foster positive relationships with internal and external stakeholders at appropriate level ensuring open cooperative environment. Be a Team player.
Experienced in the production of executive reporting; good communication skills (written and oral).
Excellent analytical and problem-solving skills, with the ability to prioritize and manage multiple tasks in a fast-paced environment
Strong communication and interpersonal skills, with the ability to effectively communicate complex security concepts to non-technical stakeholders

Qualifications

• Bachelor’s Degree in engineering, Computer Science/ Information Security or Technology, or its equivalent.
• Experience in the identification and assessment of Cyber Risks.
• Experience working across multiple security frameworks (e.g. NIST, ISO 27001, PCI-DSS) and understanding of various regulatory requirements globally
• Experience within security or risk function, ideally gained in the financial industry.
• Good organisation and stakeholder management skills with ability to manage multiple deadlines and effectively prioritise.
• Ability to work collaboratively with stakeholders and execute independently to effect change across the business lines and manage multiple deliverables simultaneously.
• Proven ability to deliver complex, global, pan-bank initiatives by driving collaboration and participation across diverse set of stakeholders.
• Stakeholder management, Negotiation skills, Conflict management, Decision-making and Team work
• Possess one or more security certifications such as CISSP, CISA, CISM, CRISC, PCI-QSA, CSX etc.
  
  

About Standard Chartered

We're an international bank, nimble enough to act, big enough for impact. For more than 170 years, we've worked to make a positive difference for our clients, communities, and each other. We question the status quo, love a challenge and enjoy finding new opportunities to grow and do better than before. If you're looking for a career with purpose and you want to work for a bank making a difference, we want to hear from you. You can count on us to celebrate your unique talents and we can't wait to see the talents you can bring us.

Our purpose, to drive commerce and prosperity through our unique diversity, together with our brand promise, to be here for good are achieved by how we each live our valued behaviours. When you work with us, you'll see how we value difference and advocate inclusion.

Together we:

• Do the right thing and are assertive, challenge one another, and live with integrity, while putting the client at the heart of what we do
• Never settle, continuously striving to improve and innovate, keeping things simple and learning from doing well, and not so well
• Are better together, we can be ourselves, be inclusive, see more good in others, and work collectively to build for the long term

What we offer

In line with our Fair Pay Charter, we offer a competitive salary and benefits to support your mental, physical, financial and social wellbeing.

• Core bank funding for retirement savings, medical and life insurance, with flexible and voluntary benefits available in some locations.
• Time-off including annual leave, parental/maternity (20 weeks), sabbatical (12 months maximum) and volunteering leave (3 days), along with minimum global standards for annual and public holiday, which is combined to 30 days minimum.
• Flexible working options based around home and office locations, with flexible working patterns.
• Proactive wellbeing support through Unmind, a market-leading digital wellbeing platform, development courses for resilience and other human skills, global Employee Assistance Programme, sick leave, mental health first-aiders and all sorts of self-help toolkits
• A continuous learning culture to support your growth, with opportunities to reskill and upskill and access to physical, virtual and digital learning.
• Being part of an inclusive and values driven organisation, one that embraces and celebrates our unique diversity, across our teams, business functions and geographies - everyone feels respected and can realise their full potential.

Recruitment Assessments

Some of our roles use assessments to help us understand how suitable you are for the role you've applied to. If you are invited to take an assessment, this is great news. It means your application has progressed to an important stage of our recruitment process.

Visit our careers website www.sc.com/careers