Job Summary

•    This role could be based in Malaysia. When you start the application process you will be presented with a drop down menu showing all countries, Please ensure that you select a country where the role is based.

•    Standard Chartered’s diverse footprint across 63 of the fastest growing markets in Asia, Africa and the Middle East creates unique opportunities for passionate, motivated, and highly skilled people who want to make a difference. We are changing the way people think about banking. We are changing the way we do business – becoming the digital bank with a human touch. This is your opportunity to be part of a growth story in an industry that is reimagining how customers are getting better, faster experiences and convenience through digital technology.

•    Our Information & Cyber Security (ICS) team sits within the Transformation, Technology & Operations (TTO) function and is responsible for all mission-critical and enterprise-wide areas of cybersecurity, including identity and access management, global threat intelligence, data protection, malware protection, and application and infrastructure security. These are challenges that impact our clients globally.

•    Our ICS Portfolio team develops the platforms, drives the processes and builds partnerships on behalf of ICS. We thrive on providing solutions to complex issues, devoting time and energy to designing and delivering new and innovative solutions, and all in an environment that demands being risk-aware, not risk-averse. ICS chooses progress over perfection and aims to always participate with a constructive purpose. The team makes an impact wherever they are based, be it in our offices around the world, our Global Business Solution centres in China, India, Malaysia and Poland, or even from our home.

Key Responsibilities

•    If tackling complex challenges excites you, then join our ICS Identity & Access Management team where you will get to collaborate and work on solutions across business and functions to drive the transformation and deliver better experiences to our customers. We constantly strive to reduce time-to-market and streamline our processes. We follow agile methodology and work to embed an improvement habit across the bank.

•    Now you have an opportunity to make a meaningful impact with a diverse and passionate team of creators, innovators, and achievers. With us, you’ll learn, be inspired, and make an impact every day. The success of our work hinges on how we use the unique diversity of our people to realise the effects we seek to achieve: Always on. Always safe. Always Simple.

•    We are seeking an accomplished and highly delivery-driven Product Owner (PO) with a strategic mindset to join our Authentication Security Hive within the Identity & Access Management organization. This exciting role involves innovating and differentiating with our Authentication NextGen capabilities.

•    As a Product Owner, you will be responsible for identifying, designing, and proving future identity and access management (IAM) capabilities that enhance security, accelerate developer productivity, and enable digital growth. This role is all about innovation, proof-of-value, and readiness for scale, working closely with architecture, security, engineering, and product leadership.

•    PO core focus will be to lead the strategy and delivery of NextGen authentication and identity platforms, enabling secure, scalable access across the enterprise. We are looking for someone who can drive modernization and consolidation of IDP, API security, and cloud identity capabilities to improve resilience and reduce costs. They should champion passwordless and zero trust models to strengthen security and enhance the user experience.

In this role, you will own the product roadmap, ensuring alignment with business and value objectives. Additionally, you will partner with stakeholders to translate emerging identity trends into measurable outcomes

Innovate & Differentiate
•    Identify future IAM capabilities required to support business growth, developer velocity, and security outcomes.
•    Design and validate next-generation IAM patterns including API security, IdP consolidation, Azure full-join, and emerging identity models.
•    Run pilots and proofs of value to assess feasibility, risk reduction, and business impact ahead of large-scale investment.
•    Ensure new capabilities are secure, practical, and production ready.

Scale, Sustain & Value Realization
•    Define success measures focused on outcomes such as faster delivery, reduced operational risk, and improved security posture.
•    Partner with Transformation teams to transition validated capabilities for enterprise-wide scale-up.
•    Ensure innovation aligns with long-term IAM strategy, platform sustainability, and operating models.

Principal Product Specialist Responsibilities
•    Advise Product Owners (Core, NextGen, Secrets) on technical feasibility, capability maturity, and roadmap readiness.
•    Validate CPO vision and PO backlogs against real-world technical constraints and delivery realities.
•    Bridge strategic priorities and technical insight without assuming an architect or engineer role.
•    Partner with Product Owners to embed process excellence and consistency across sub-hives.
•    Act as a trusted subject-matter expert for IAM capabilities and roadmap decisions.

The successful candidate will provide strong technical security direction for Authentication and Secrets Security and lead and partner with engineers, architects, compliance teams, and business stakeholders to deliver against the service roadmap, enhance user experience, and align with regulatory and cybersecurity standards. The role demands a strong understanding of IAM technologies governing authentication of human and non-human identities (Entra, Oauth, HashiCorp Vault, Azure Key Vault, CyberArk, etc.) and agile product delivery practices. This individual will drive delivery health, ensure achievement of OKRs, and shape the future of IAM solutions, reporting directly to the Head of Authentication & Secrets Security Hive.

Strategy
•    Own and drive Enterprise Secrets & Authentication Governance by defining unified policies, lifecycle standards, and operating models across all IAM platforms, ensuring consistency, security, and scalability.
•    Define the IAM Next-Gen product vision and roadmap, aligning authentication, secrets management, and identity controls with enterprise digital transformation goals (e.g., API security, Zero Trust, passwordless).
•    Lead platform modernization initiatives by managing and prioritizing the backlog for authentication and secrets platforms (e.g., HashiCorp Vault, Azure Key Vault), reducing legacy dependencies and improving platform resilience.
•    Develop and execute a multi-year IAM roadmap focused on authentication modernization, secrets rotation, least privilege enforcement, and secure key handling across cloud and on-prem environments.
•    Partner with Security Architecture, Risk, and Compliance teams to ensure IAM capabilities align with Zero Trust principles, regulatory standards, and evolving threat models.
•    Evaluate and incubate emerging IAM technologies (e.g., passkeys, adaptive authentication, behavioural biometrics, AI-driven security, bot defence, digital asset protection), driving adoption feasibility and value realization.
•    Translate strategy into execution by working closely with engineering, analytics, and delivery teams to convert insights into actionable roadmaps, measurable outcomes, and scalable solutions.

•    Proactively manage delivery health and risk, identifying dependencies, impediments, and security gaps early to protect delivery commitments and enterprise risk posture.
•    Define and track IAM product KPIs, including authentication reliability, latency, adoption rates, secrets hygiene, credential exposure reduction, and customer experience metrics.
•    Enable compliance and audit readiness by design, ensuring centralized audit trails, automated controls, and continuous compliance for authentication and secrets access.
•    Drive cost and platform optimization, consolidating redundant vaults and IAM tooling, reducing infrastructure complexity, and improving license and operational efficiency.

Business
•    Facilitate integration of business priorities and strategic objectives into delivery roadmaps.
•    Translate technical requirements into business value statements for leadership stakeholders.
•    Ensure that processes are optimized for transparency, accountability, user experience and continuous improvement.
•    Partner with business owners to validate outcomes and benefits realization.
•    Work closely with ICS and Stakeholders to ensure that requirements are in line with the bank’s strategy
•    Responsible to evolve the craft towards improving automation, simplification and innovative use of latest market trends
•    Engage with third-party vendors as appropriate for the project

Processes
•    Map, analyse, and optimize end-to-end business processes to improve efficiency, accuracy, and user experience.
•    Identify automation and digital enablement opportunities (e.g., workflow, integration, self-service).
•    Partner with process owners, operations, and compliance teams to ensure business alignment.
•    Successful grooming of delivery backlog facilitating planning ceremonies with clear, aligned outcomes.
•    Stakeholder alignment score (measured via feedback from Product Owners & leadership).

People & Talent
•    Act as the primary liaison between business, cybersecurity, and platform teams.
•    Communicate product performance, risks, and roadmap to executive stakeholders and governance forums.
•    Drive stakeholder alignment on adoption plans, investment needs, and decommissioning of legacy platforms.
•    Create an environment of trust, open communication, and cross-functional alignment across business, technology, and control functions.
•    Collaborate closely with business units, Scrum Masters, and development teams to ensure successful sprint outcomes.
•    Provide technical security direction for Secrets security to a team of developers and engineers, in partnership with architects

Risk Management
•    Establish and maintain a strong governance framework, covering delivery tracking, escalation management, and executive reporting.
•    Proactively identify and manage program-level risks, dependencies, and interlocks.
•    Ensure adherence to ICS governance standards and contribute to shaping internal audit and risk processes.
•    Ensures the project follows the standards with respect to risk management as applicable to their domain.
•    Adheres to common practices to mitigate risk in their respective domain.

Governance
•    Embed a strong compliance and regulatory-first mindset into program delivery for IAM initiatives.
•    Ensure that program decisions and outcomes align with legal, regulatory, and business conduct requirements.
•    Act as a role model for integrity, ethics, and responsible delivery practices.
•    Ensure all artefacts and assurance deliverables are as per the required standards and policies (e.g., SCB Governance Standards, ESDLC etc.).

Regulatory & Business Conduct
•    Display exemplary conduct and live by the Group’s Values and Code of Conduct. 
•    Take personal responsibility for embedding the highest standards of ethics, including regulatory and business conduct, across Standard Chartered Bank. This includes understanding and ensuring compliance with, in letter and spirit, all applicable laws, regulations, guidelines and the Group Code of Conduct.
•    Effectively and collaboratively identify, escalate, mitigate and resolve risk, conduct and compliance matters.

Key stakeholders
See the consolidated list of responsibilities below
•    Peer Hive Product Owners, Hive Tech Leads, PMs and SMs ICS wide, Engineering Leads & IAM Security Architecture
•    ICS IAM Leadership Team, ICS CISOs, ICS Delivery Team partners, CPOs
•    Technology & Architecture & CIOs
•    Global Head, ICS Identity & Access Management
•    Global Head, Cyber Security Technology
•    Global Head, Cyber Security Operations
•    Global Technology Service Heads (Production Support, Infrastructure, Testing, SRE, Architecture)

Other Responsibilities
Embed Here for good and Group’s brand and values in ICS - Identity & Access Management domain. Perform other responsibilities assigned under Group, Country, Business or Functional policies and procedures; Multiple functions (double hats)
The ideal candidate will embody the following attributes:
•    Strategic Thinker - connects execution with long-term organizational goals.
•    Independent Driver - able to lead without heavy oversight.
•    Regulatory Mindset - embeds compliance and governance discipline in delivery.
•    Trusted Partner - strong communicator with ability to engage stakeholders up to CIO level.
•    Delivery-Oriented - relentless focus on achieving OKRs and outcomes.
•    Collaborative Leader - fosters alignment, removes silos, and builds trust across teams.

Skills and Experience

•    Agile Methodologies
•    Stakeholder Engagement/Management
•    Project and Programme Management
•    Agile Project Management
•    IT Standards, Procedures & Policies
•    Change Control
•    Information Technology (IT) Security Policies
•    Software Product Business Knowledge
•    MS Office Suite Skills including SharePoint and Confluence 

Qualifications

•    15+ years of total experience with at least 5 years as a Technical Security Manager or Product Owner responsible for both Projects delivery and BAU Operations. 
•    Familiarity in Agile Program/Portfolio Leadership, or Strategic Delivery roles in large enterprises.
•    Strong understanding of IAM concepts, authentication protocols, and secrets management tools, with experience in AI (including Agentic AI) and Digital Assets.
•    Strong expertise in Agile, Scrum, Waterfall or hybrid project delivery approaches 
•    Familiarity with Banking Technology and their integration within IAM frameworks such as Understanding of middleware, databases, and cloud platforms (Azure/AWS) from an IAM perspective
•    Core Identity & Authentication platforms
o    Knowledge in security products such as, Entra ID, HashiCorp, CyberArk, Open AM etc
o    Knowledge of enterprise directories and identity platforms such as Active Directory, and related IAM technologies
o    Azure AD / Entra ID deep expertise including full join & hybrid.
o    SAML, OAuth1, OpenID connect
o    Cross-domain federation
o    Legacy-to-modern IDP migration, tenant consolidation strategies and Identity lifecycle harmonization.
•    API & Application security
o    API Gateways, Token lifecycle management
o    Zero Trust API patterns
o    SSO integration patterns, Secure session management
o    App onboarding automation & DevSecOps IAM Integrations
o    Knowledge of CI/CD pipelines, DevSecOps integration, and API-based authentication.

•    Azure & Cloud Identity (Full Join Focus)
o    Entra ID join / Hybrid join
o    Conditional Access Policies
o    Identity protection, RBA, multi-cloud identity patterns
•    Modern Authentication & Passwordless
o    FIDO2/Passkeys, Biometrics, TOTP, Push MFA, Adaptive MFA
o    Risk-based authentication 
o    Emerging Identity platforms & patterns of Journey-based / continuous authentication
o    Zero-trust architecture
•    Ability to manage secure authentication, authorization, and integration across enterprise systems.
•    Ability to interface with senior executives and CIO stakeholders while maintaining alignment with ground-level teams.
•    Strong knowledge of regulatory frameworks, business conduct, and governance disciplines.
•    Analytical, delivery-oriented mindset with the ability to balance strategy and execution.
•    Exceptional communication, collaboration, and leadership skills with a focus on influencing without authority.
•    Skilled at identifying risks, driving remediation, and ensuring compliance with audit/regulatory expectations.
•    Understanding of Cyber security metrics, controls, standards and policies - min 3-5Y of experience (must)
•    Deep understanding of IAM (Authentication & Secrets) or security-related domains is strongly preferred (desired):
o    Awareness of IAM concepts: authentication, authorization, access control models, identity lifecycle management
o    Good Knowledge of Compliance standards relevant to IAM
o    Understanding of audit requirements and remediation

•    Familiar with using collaboration tools such as Confluence and ADO for backlog and workflow management
•    Excellent client-facing and internal communication skills
•    Experience in banking or large enterprise IAM modernization programs
•    Strong organizational skills including attention to detail and multitasking skills
•    Strong working knowledge of Microsoft Office
•    Master/bachelor’s degree in engineering, computer science, Banking, Business, or a related field
Qualifications
•    Cyber Security Certification – CISM, CISSP, or GIAC preferred
•    Certified Scrum Product Owner (CSPO) preferred

About Standard Chartered

We're an international bank, nimble enough to act, big enough for impact. For more than 170 years, we've worked to make a positive difference for our clients, communities, and each other. We question the status quo, love a challenge and enjoy finding new opportunities to grow and do better than before. If you're looking for a career with purpose and you want to work for a bank making a difference, we want to hear from you. You can count on us to celebrate your unique talents and we can't wait to see the talents you can bring us.

Our purpose, to drive commerce and prosperity through our unique diversity, together with our brand promise, to be here for good are achieved by how we each live our valued behaviours. When you work with us, you'll see how we value difference and advocate inclusion.

Together we:

• Do the right thing and are assertive, challenge one another, and live with integrity, while putting the client at the heart of what we do
• Never settle, continuously striving to improve and innovate, keeping things simple and learning from doing well, and not so well
• Are better together, we can be ourselves, be inclusive, see more good in others, and work collectively to build for the long term

What we offer

In line with our Fair Pay Charter, we offer a competitive salary and benefits to support your mental, physical, financial and social wellbeing.

• Core bank funding for retirement savings, medical and life insurance, with flexible and voluntary benefits available in some locations.
• Time-off including annual leave, parental/maternity (20 weeks), sabbatical (12 months maximum) and volunteering leave (3 days), along with minimum global standards for annual and public holiday, which is combined to 30 days minimum.
• Flexible working options based around home and office locations, with flexible working patterns.
• Proactive wellbeing support through Unmind, a market-leading digital wellbeing platform, development courses for resilience and other human skills, global Employee Assistance Programme, sick leave, mental health first-aiders and all sorts of self-help toolkits
• A continuous learning culture to support your growth, with opportunities to reskill and upskill and access to physical, virtual and digital learning.
• Being part of an inclusive and values driven organisation, one that embraces and celebrates our unique diversity, across our teams, business functions and geographies - everyone feels respected and can realise their full potential.