Job Summary

This role could be based in Malaysia and India. When you start the application process you will be presented with a drop down menu showing all countries, Please ensure that you select a country where the role is based.

This is a senior-level position within the second line of defence of a risk management organization. The role reports directly to the Head of OTCR, WRB and requires a blend of solid business acumen and deep technical risk knowledge.

Core Responsibilities
•    Single Point of Contact (SPOC): Acts as the primary advisor for the second line regarding all OTCR (Operational and Technology Risk) matters for their assigned portfolio.
•    Strategic Advisory: Provides judgment-based input to ensure risk management practices are integrated across all WRB operations.
•    Stakeholder Collaboration: Partners with senior stakeholders, Subject Matter Experts (SMEs), and other risk teams to guide the "first line" leads in making informed, risk-based decisions.
•    Problem Solving: Addresses complex issues and adapts to evolving regulatory, business, and threat landscapes.

Key Requirements & Skills
•    Experience: Proven track record in second-line risk management and familiarity with WRB-specific tools and practices.
•    Leadership: Ability to set a vision, provide clear direction, and take on "tough challenges" with courage and flexibility.
•    Soft Skills: High proficiency in stakeholder management, communication, and a collaborative mindset.
•    Focus: A commitment to delivering customer-centric solutions while maintaining rigorous risk standards.

Key Responsibilities

Strategy 
•    Execute the OTCR strategy for WRB, aligned to the OTCR Cyber Strategy and service priorities.
•    Translate enterprise cyber risk objectives into actionable WRB-specific risk outcomes, metrics, and roadmaps.
•    Influence decisions by providing clear risk-based insights on priority applications, platforms, and services.
•    Act as a strategic advisor to senior stakeholders on emerging cyber risks (e.g., ransomware, data theft, cloud, GenAI, third-party concentration risk).

Business
•    Partner with WRB business heads, technology leaders, and CISOs to enable secure growth, digital initiatives, and new product launches.
•    Provide risk-informed challenge on material initiatives (e.g., cloud migration, platform modernisation, vendor onboarding, GenAI implementations).
•    Balance loss of data, loss of funds, and loss of service considerations to support informed business decision-making.
•    Represent WRB cyber risk position in executive forums, steering committees, and investment discussions.

Processes
•    Own and oversee Threat Scenario Risk Assessments (TSRA), domain risk profiling, and thematic cyber reviews for WRB.
•    Establish consistent 2nd-line processes for risk identification, assessment, acceptance, treatment tracking, and reporting.
•    Ensure cyber control implementation is prioritized on scoped / high-risk applications and progress is independently tracked.
•    Drive continuous improvement and automation of OTCR processes to improve efficiency, coverage, and data quality.

People & Talent
•    Act as a role model for independent challenge, constructive engagement, and risk culture maturity.
•    Contribute to succession planning, capability uplift, and talent development across the cyber risk function.

Risk Management
•    Maintain the WRB cyber domain risk profile, ensuring risks are accurately assessed, challenged, agreed, and kept current.
•    Provide independent oversight of vulnerability exposure, ransomware readiness, third-party cyber risk, and control effectiveness.
•    Ensure alignment with the Bank’s risk appetite, ICS expectations, and regulatory obligations.
•    Escalate material or systemic risks with clear impact analysis and recommended management actions.

Governance
•    Drive governance excellence by leveraging existing management reports and identifying opportunities to optimize reporting structures for improved operational outcomes.
•    Support internal and external audits, regulatory reviews, and supervisory engagements related to cyber risk.
•    Ensure strong linkage between 1st Line execution and 2nd Line oversight, including evidence-based challenge.
•    Contribute to Group-wide cyber governance forums and policy direction where WRB impact is material.

Regulatory & Business Conduct
•    Display exemplary conduct and live by the Group’s Values and Code of Conduct. 
•    Take personal responsibility for embedding the highest standards of ethics, including regulatory and business conduct, across Standard Chartered Bank. This includes understanding and ensuring compliance with, in letter and spirit, all applicable laws, regulations, guidelines and the Group Code of Conduct.
•    Effectively and collaboratively identify, escalate, mitigate and resolve risk, conduct and compliance matters.

Key stakeholders
Internal
•    All teams of the following areas that support the assigned portfolio:
•    CEO WRB
•    CRO WRB
•    COO WRB
•    CIO WRB
•    CISO WRB

•    Functional Heads of WRB 
•    WRB leadership team
•    Head Second Line Assurance WRB
•    Head of Audit WRB Functional Heads example includes all relevant first line support functions for WRB e.g., WRB COO, WRB CIO, WRB CISO, WRB Human Resources, WRB Finance, etc.

External
•    The Group’s external auditors

Qualifications

•    Education - Degree level education or equivalent, in engineering or information technology
•    Certifications - Iso 27000 series, cloud certifications, fundamental ai/ml knowledge
•    Languages - Excel macros, PowerBuilder

Skills and Experience

•    Cyber & Technology Risk Management (Banking)
•    Threat Scenario Risk Assessment (TSRA) & Domain Risk Profiling
•    Third-Party & Supply Chain Cyber Risk
•    Cyber Governance, Risk Reporting & Executive Oversight
•    Cloud & Digital Platform Risk Oversight
•    Data Protection & Information Security Risk 
•    Network Security and Segmentation risk oversight
•    Gen AI risk governance and control oversight

About Standard Chartered

We're an international bank, nimble enough to act, big enough for impact. For more than 170 years, we've worked to make a positive difference for our clients, communities, and each other. We question the status quo, love a challenge and enjoy finding new opportunities to grow and do better than before. If you're looking for a career with purpose and you want to work for a bank making a difference, we want to hear from you. You can count on us to celebrate your unique talents and we can't wait to see the talents you can bring us.

Our purpose, to drive commerce and prosperity through our unique diversity, together with our brand promise, to be here for good are achieved by how we each live our valued behaviours. When you work with us, you'll see how we value difference and advocate inclusion.

Together we:

• Do the right thing and are assertive, challenge one another, and live with integrity, while putting the client at the heart of what we do
• Never settle, continuously striving to improve and innovate, keeping things simple and learning from doing well, and not so well
• Are better together, we can be ourselves, be inclusive, see more good in others, and work collectively to build for the long term

What we offer

In line with our Fair Pay Charter, we offer a competitive salary and benefits to support your mental, physical, financial and social wellbeing.

• Core bank funding for retirement savings, medical and life insurance, with flexible and voluntary benefits available in some locations.
• Time-off including annual leave, parental/maternity (20 weeks), sabbatical (12 months maximum) and volunteering leave (3 days), along with minimum global standards for annual and public holiday, which is combined to 30 days minimum.
• Flexible working options based around home and office locations, with flexible working patterns.
• Proactive wellbeing support through Unmind, a market-leading digital wellbeing platform, development courses for resilience and other human skills, global Employee Assistance Programme, sick leave, mental health first-aiders and all sorts of self-help toolkits
• A continuous learning culture to support your growth, with opportunities to reskill and upskill and access to physical, virtual and digital learning.
• Being part of an inclusive and values driven organisation, one that embraces and celebrates our unique diversity, across our teams, business functions and geographies - everyone feels respected and can realise their full potential.