Job Summary

Information and Cybersecurity play a vital role in enabling the Bank to reliably fulfill its commitments to various internal and external stakeholders while maintaining an appropriate risk profile for its operations. This position is part of the Security Vulnerability Lifecycle Management team and is responsible for overseeing the governance of remediation efforts for security vulnerabilities that may affect the Bank's infrastructure, applications, or products.

Key Responsibilities

•    Oversee and prioritize vulnerability remediation efforts based on severity and potential impact on Bank’s operation and reputation, which includes management of tracking and remediation of vulnerabilities by leveraging agreed upon action plans and timelines (SLAs) with Technology/ Business stakeholders within the Bank
•    Provide remediation support as part of the Bank’s response to critical vulnerabilities and material security incidents
•    Validate remediation by reviewing vulnerability results and providing status updates
•    Analyse vulnerabilities and engage with the Technology teams and Business units to resolve identified vulnerabilities within SLAs.
•    Support organization through internal and external audits of the various processes and procedures in use
•    Leverage available data sets to deliver and enhance weekly/monthly recurring reports and present these in the relevant forums to stakeholders.
•    Stay abreast of emerging threats, vulnerabilities and mitigation techniques through ongoing research and professional development.
•    Communicate effectively orally and in writing and establish cooperative working relationships.
•    Manage and influence stakeholders in understanding risk exposure, remediation prioritisation and importance from vulnerabilities the Bank could be exposed to.
•    Consolidate remediation progress on application and infrastructure vulnerabilities into one risk focused view to help guide senior management risk and remediation decisions

Qualifications

• Bachelor's Degree in Engineering, Computer Science, Information Technology, or a related field 
• 8 to 12 years of comprehensive, practical experience with security technologies and operational expertise in a global setting, ideally within the Banking and Financial Services industry. 

Skills and Experience

• Extensive knowledge and subject matter knowledge across various domains within Information Security. 
• Comprehensive understanding of key security standards and regulations, including PCI DSS and the NIST Cybersecurity Framework. 
• In-depth awareness of the threat and vulnerability landscape, encompassing malware, emerging threats, and methods of vulnerability exploitation and attacks. 
• Proficiency in cloud security principles and DevSecOps practices. 
• Analytical and problem-solving skills to effectively identify and address multi-faceted vulnerability challenges. 
• Capability to thrive in a dynamic, fast-paced team environment. 
• Excellent verbal and written communication skills, enabling clear articulation of ideas to stakeholders ranging from engineers to senior business leadership. 
• Well-developed communication skills, with a proven ability to earn the trust and respect of senior executives. 
• Familiarity with industry-standard vulnerability management tools and technologies, including vulnerability scanners, threat intelligence platforms, and patch management systems. 
• Knowledge of SQL scripting and advanced Microsoft Excel, including VBA scripting.

About Standard Chartered

We're an international bank, nimble enough to act, big enough for impact. For more than 170 years, we've worked to make a positive difference for our clients, communities, and each other. We question the status quo, love a challenge and enjoy finding new opportunities to grow and do better than before. If you're looking for a career with purpose and you want to work for a bank making a difference, we want to hear from you. You can count on us to celebrate your unique talents and we can't wait to see the talents you can bring us.

Our purpose, to drive commerce and prosperity through our unique diversity, together with our brand promise, to be here for good are achieved by how we each live our valued behaviours. When you work with us, you'll see how we value difference and advocate inclusion.

Together we:

• Do the right thing and are assertive, challenge one another, and live with integrity, while putting the client at the heart of what we do
• Never settle, continuously striving to improve and innovate, keeping things simple and learning from doing well, and not so well
• Are better together, we can be ourselves, be inclusive, see more good in others, and work collectively to build for the long term

What we offer

In line with our Fair Pay Charter, we offer a competitive salary and benefits to support your mental, physical, financial and social wellbeing.

• Core bank funding for retirement savings, medical and life insurance, with flexible and voluntary benefits available in some locations.
• Time-off including annual leave, parental/maternity (20 weeks), sabbatical (12 months maximum) and volunteering leave (3 days), along with minimum global standards for annual and public holiday, which is combined to 30 days minimum.
• Flexible working options based around home and office locations, with flexible working patterns.
• Proactive wellbeing support through Unmind, a market-leading digital wellbeing platform, development courses for resilience and other human skills, global Employee Assistance Programme, sick leave, mental health first-aiders and all sorts of self-help toolkits
• A continuous learning culture to support your growth, with opportunities to reskill and upskill and access to physical, virtual and digital learning.
• Being part of an inclusive and values driven organisation, one that embraces and celebrates our unique diversity, across our teams, business functions and geographies - everyone feels respected and can realise their full potential.