Short Description

We are looking for a passionate Information & Cyber Security (ICS) professional to join our global ICS audit team as an Audit Manager. The ideal candidate will have hands-on experience in domains such as Vulnerability Management, Security Operations Centre, Red and Purple Teaming, Identity and Access Management, Application Security, Penetration Testing, Code Security, or Cloud Security. Experience with AI and exposure to digital assets will be a significant advantage. An audit background is not required.

Qualifications

Qualification:

• Education: Bachelor’s degree in information technology, Computer Science, Information Systems, or a related field. A master's degree is a plus.
• Experience: Minimum of 5 years of experience in IT auditing, information security, or risk management.

Technical and Audit Skills:

• Strong understanding of identity and access management, vulnerability management, code security, security operation centre, threat intelligence, red and purple teaming, penetration testing, ICS related industry standards such as NIST and CIS, and risk management.
• IT infrastructure components, including servers, networks, databases, and cloud services would be a plus.
• Knowledge of cybersecurity principles, frameworks, and best practices.
• Proficiency in audit tools and techniques.

Professional Certifications: 

• Professional certifications such as Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), Certified Cloud Security Professional (CCSP), and Global Information Assurance Certification (GIAC) related certificates are highly desirable. Other designations such as Certified in Risk and Information Systems Control (CRISC) and Certified Information Security Manager (CISM), and Certified Internal Auditor (CIA) are a plus.

Analytical Skills: 

• Excellent analytical and problem-solving abilities with a keen attention to detail.

Soft Skills:

• Communication Skills: Strong written and verbal communication skills to effectively convey audit findings and recommendations.
• Interpersonal Skills: Ability to work collaboratively with cross-functional teams and build strong relationships with stakeholders.

Job Summary

• The Group Internal Audit & Investigations (GIAI) in Standard Chartered Bank is looking for an exceptional and dynamic Audit Manager to join our Information and Cyber Security (ICS) Team with strong technical ICS knowledge on identity and access management, vulnerability management, code security, security operation centre, threat intelligence, red and purple teaming, penetration testing, ICS related industry standards such as National Institute of Standards and Technology (NIST) and Centre for Internet Security (CIS), and risk management.
• The Audit Manager will collaborate closely with the Audit Team Lead or Team Manager on the audit assignment and deliver impactful and high-quality audit work within the agreed timelines, budget constraints, and in full alignment with established audit methodology. Furthermore, the Audit Manager will also be responsible for a continuous monitoring of certain domains.

Key Responsibilities

Strategy
•    Support the Head of Audit (HOA) and Senior Audit Managers (SAMs) in GIAI risk assessment and audit planning activities.
•    Suggest audits for coverage during the planning cycle based on key ICS risks.
•    Execute responsibilities in accordance with the Audit Charter, maintaining independence from management and avoiding any interference.

Audit Delivery
•    Actively participate as a team member or leader in assigned audit work.
•    Ensure audit deliverables adhere to quality standards and timelines according to GIAI methodology.
•    Draft contributions to audit scope, including the Audit Planning Memo and Process Risks Controls Matrix.
•    Assist in drafting the audit issues and report during the audit reporting phase. 
•    Monitor the remediation of audit issues for assigned audits and validate issues as per the agreed timelines. 

Processes
•    Support high-risk audits of ICS and collaborate with GIAI teams.
•    Execute audits efficiently, adhering to budget and timelines.
•    Update Audit Team Lead and Manager on progress and obstacles, ensuring quality standards.
•    Work with Audit Team Lead and Manager to draft issues, articulate risks, and obtain action plans.
•    Conduct audit testing using data analytics.

Personal Behaviours
•    Model valued behaviours and foster an environment that recognizes positive contributions.
•    Engage with peers to enhance knowledge sharing.
•    Seek external perspectives to improve audit work.
•    Provide expertise to support GIAI audit teams.
•    Implement and support department initiatives, including planning and training.

People & Talent 
•    Demonstrate proactivity engagement during team sessions.
•    Identify growth areas at each audit and collaborate on strategies.
•    Complete key training for self-development.
•    Excellent analytical, problem-solving, and critical thinking skills.
•    Strong written and verbal communication skills.
•    Ability to work independently and as part of a team.
•    Attention to detail and a commitment to maintaining high-quality standards.

Business
•    Assist the HOA in managing audit costs within the allocated budget for engagements.
•    Identify and implement opportunities to enhance productivity in audits.

Risk Management 
•    Support the HOA in regularly updating risk assessments and proposing audit plan changes.
•    Be prepared to raise issues / concerns outside the normal audit process.
•    Attend Risk and Control forums at HOA's request to stay updated on ICS developments and ensure key risks are monitored.
•    Regularly review Management Information and reports to track key trends related to risk and control matters.

Stakeholder Management
•    Establish and maintain effective working relationships with the management of relevant ICS units.

Governance
•    Assist the HOA in managing Product / Country stakeholders and build relationships to improve risk and control awareness.
•    Communicate findings / issues to ICS stakeholders and monitor overdue issues / action plans for resolution.
•    Escalate delays in audit work to auditee and GIAI management. 

Regulatory & Business Conduct

• Display exemplary conduct and live by the Group’s Values and Code of Conduct.
• Take personal responsibility for embedding the highest standards of ethics, including regulatory and business conduct, across Standard Chartered Bank. This includes understanding and ensuring compliance with, in letter and spirit, all applicable laws, regulations, guidelines and the Group Code of Conduct.
• Effectively and collaboratively identify, escalate, mitigate, and resolve risk, conduct, and compliance matters.

Key stakeholders

• ICS stakeholders for audit assignments
• GIAI stakeholders – team leaders, members, managers, and Heads of Audit.

Other Responsibilities

• Embed Here for Good and Group’s brand and values in GIAI.
• Perform other responsibilities assigned under Group, Country, Business or Functional policies and procedures.

Skills and Experience

• Information and Cyber Security
• Technology and Architecture
• Audit
• English (Written / Spoken)
• Risk and Controls

Competencies

About Standard Chartered

We're an international bank, nimble enough to act, big enough for impact. For more than 170 years, we've worked to make a positive difference for our clients, communities, and each other. We question the status quo, love a challenge and enjoy finding new opportunities to grow and do better than before. If you're looking for a career with purpose and you want to work for a bank making a difference, we want to hear from you. You can count on us to celebrate your unique talents and we can't wait to see the talents you can bring us.

Our purpose, to drive commerce and prosperity through our unique diversity, together with our brand promise, to be here for good are achieved by how we each live our valued behaviours. When you work with us, you'll see how we value difference and advocate inclusion.

Together we:

• Do the right thing and are assertive, challenge one another, and live with integrity, while putting the client at the heart of what we do
• Never settle, continuously striving to improve and innovate, keeping things simple and learning from doing well, and not so well
• Are better together, we can be ourselves, be inclusive, see more good in others, and work collectively to build for the long term

What we offer

In line with our Fair Pay Charter, we offer a competitive salary and benefits to support your mental, physical, financial and social wellbeing.

• Core bank funding for retirement savings, medical and life insurance, with flexible and voluntary benefits available in some locations.
• Time-off including annual leave, parental/maternity (20 weeks), sabbatical (12 months maximum) and volunteering leave (3 days), along with minimum global standards for annual and public holiday, which is combined to 30 days minimum.
• Flexible working options based around home and office locations, with flexible working patterns.
• Proactive wellbeing support through Unmind, a market-leading digital wellbeing platform, development courses for resilience and other human skills, global Employee Assistance Programme, sick leave, mental health first-aiders and all sorts of self-help toolkits
• A continuous learning culture to support your growth, with opportunities to reskill and upskill and access to physical, virtual and digital learning.
• Being part of an inclusive and values driven organisation, one that embraces and celebrates our unique diversity, across our teams, business functions and geographies - everyone feels respected and can realise their full potential.