Job Summary

We are currently looking for an Information and Communication Technology Risk Officer (“ICT-Risk Officer”) to join our office in Frankfurt. This position acts as part of the Information & Communication Technology (“ICT”) Risk control function required under DORA Article 6 (4). It is a permanent role that requires strong business acumen, deep knowledge and experience in the field of Information and Cyber Security (“ICS”).

As a critical function and the second line of defence for assuring ICS controls are implemented effectively and in accordance with the ICS Risk Framework and for instilling a culture of cyber security within the Bank. The ISRO function is responsible for ICS governance, ICS risk strategy, ICS policy, ICS awareness and training initiatives, ICS risk assessments, third party security risk, ICS advisory and assurance, industry partnerships, and regulatory engagement. 

Key Responsibilities

•    Monitor local authorities concerning regulatory change and ensure timely addressing required changes to relevant parties to stay compliant with regulatory requirements.  
•    Report to the Standard Chartered Bank AG Management Board on the status of information security on a regular, at least quarterly basis as well as on an ad hoc basis, if required. 
•    Represent ICT Risk on local risk committees, ensuring that relevant ICT Risk reporting materials are produced and presented.
•    Ensure delivery of regular risk assessment activities, with the support of the 1st Line of Defense (1st LOD) Information Security Risk Manager. 
•    Oversee and challenge the proposals and assessments on ICS risk from 1st LOD regarding (including product approvals, Outsourcing Advisory reviews, operational changes and risk assessments, as well as risk-taking activities, including but not limited to participation in Project governance and oversight.  
•    Ensure that the 1st LOD control implementation complies with applicable laws and regulation
•    Participate in business continuity planning and testing activities of Standard Chartered Bank AG
•    Maintain 2nd Line of Defense requirements (ICS Risk framework, ICT risk framework) for relevant SCB AG country subsidiaries and branches.
•    Represent Standard Chartered Bank AG on a wider Group ICS risk management meetings, forums and committees. 
•    Monitor of ICS risks and associated remediation plans across Standard Chartered Bank AG and its Branches, focusing tracking of remediation and treatment plans. 
•    Oversee the design and planning of ICT training to Standard Chartered Bank AG and relevant third parties.
•    Promote a healthy risk culture and good conduct within Standard Chartered Bank AG

Skills and Experience

•    Vast experience in the Information Security Risk area gained in the banking, audit or consulting environment
•    Relevant higher education – Bachelor or Masters degree in Economics, Technology or Finance 
•    Industry accepted certifications for managing Information and Cyber Security Risk e.g. CRISC, CISA, CISM, CISSP, C-CISO or equivalent is preferrable
•    Significant experience dealing with German and European regulators
•    Comprehensive knowledge of risk governance frameworks & quality frameworks and processes
•    Project and Program Management skills to monitor specific projects and take ownership of the outstanding tasks
•    Ability to create effective work relationships across functions and borders 
•    Excellent interpersonal and communication skills 
•    Good presentation, time management, negotiation and influencing skills
•    Focused, organised and results-oriented; Can work independently to strict timeframes
•    Experience of working with senior stakeholders. Ability to influence senior staff and offshore shared services teams and drive change agenda
•    Fluency in English and in German

About Standard Chartered

We're an international bank, nimble enough to act, big enough for impact. For more than 170 years, we've worked to make a positive difference for our clients, communities, and each other. We question the status quo, love a challenge and enjoy finding new opportunities to grow and do better than before. If you're looking for a career with purpose and you want to work for a bank making a difference, we want to hear from you. You can count on us to celebrate your unique talents and we can't wait to see the talents you can bring us.

Our purpose, to drive commerce and prosperity through our unique diversity, together with our brand promise, to be here for good are achieved by how we each live our valued behaviours. When you work with us, you'll see how we value difference and advocate inclusion.

Together we:

• Do the right thing and are assertive, challenge one another, and live with integrity, while putting the client at the heart of what we do
• Never settle, continuously striving to improve and innovate, keeping things simple and learning from doing well, and not so well
• Are better together, we can be ourselves, be inclusive, see more good in others, and work collectively to build for the long term

What we offer

In line with our Fair Pay Charter, we offer a competitive salary and benefits to support your mental, physical, financial and social wellbeing.

• Core bank funding for retirement savings, medical and life insurance, with flexible and voluntary benefits available in some locations.
• Time-off including annual leave, parental/maternity (20 weeks), sabbatical (12 months maximum) and volunteering leave (3 days), along with minimum global standards for annual and public holiday, which is combined to 30 days minimum.
• Flexible working options based around home and office locations, with flexible working patterns.
• Proactive wellbeing support through Unmind, a market-leading digital wellbeing platform, development courses for resilience and other human skills, global Employee Assistance Programme, sick leave, mental health first-aiders and all sorts of self-help toolkits
• A continuous learning culture to support your growth, with opportunities to reskill and upskill and access to physical, virtual and digital learning.
• Being part of an inclusive and values driven organisation, one that embraces and celebrates our unique diversity, across our teams, business functions and geographies - everyone feels respected and can realise their full potential.