Job Summary

The Group Chief Information Security Officer (CISO) organisation is instrumental in protecting and ensuring the resilience of Standard Chartered Bank’s data and IT systems by managing information and cyber security (ICS) risk across the enterprise. As a critical function reporting into the Group Chief Technology, Operations and Transformation Officer, the Group CISO serves as the first line of defence for assuring ICS controls are implemented effectively and in accordance with the ICS Risk Framework, Policy and Standard, and for instilling a culture of cyber security within the Bank

The Head of Regulatory & Technical Standards Compliance (RTSC) is a key leadership role within Standard Chartered Bank’s Technology and Operations (T&O) function. This role is responsible for establishing and managing a compliance program across Information and Cyber Security (ICS), Technology and Architecture, and potentially Data, and Resilience. The role ensures the Bank meets regulatory requirements and internal policies while embedding compliance into risk management processes. A key focus is developing the compliance logic framework—a structured approach to assessing and monitoring compliance across technology assets. This includes building the capability to provide a clear, data-driven view of compliance, enabling better risk oversight and decision-making. The role also enhances automation, analytics, and governance models to improve efficiency and strengthen compliance processes.  The role is responsible for gap assessment across T&O, ensuring smooth coordination of regulatory and external audit RFIs.

The role will work closely with Country CISOs / OTCR / ICS / T&O representatives within the Bank to ensure the Banks ICS regulatory obligations are met on time. This includes supporting the ICS & T&O (Group) regulatory queries and gap assessment for markets.

Key Responsibilities

Strategy 
•    The role will work closely with Country CISOs / OTCR / ICS / TTO representatives within the Bank to ensure the Banks ICS & T&A regulatory obligations are met on time. 
•    Drive automation of processes with the use of ML/Gen AI
•    Lead standardisation across ICS, Tech and across clusters
•    Explore expand the scope to FCSO, Data and Resilience

Processes:
•    Drive End-to-End LRM Submissions, Non-submissions and Audits review,
•    Drive Gap Assessment of Operating Effectiveness for regulations (non-submissions),
•    Support Regulatory Inspections for countries,
•    Scope RFIs and review the quality of response from on-going submissions / Non-submissions for quality review,
•    Orchestrate complex organization wide gap assessments emanating from group regulators like Prudential Regulatory Authority, FCA, etc.
•    RFI support for External audits (e.g., Financial Audits)
•    Build trusted working relationships with other security functional heads, risk and compliance counterparts, business unit stakeholders, and Group Internal Audit and any third party or regulatory inspections, where needed.
•    Develop, implement, and continuously improve processes to monitor and manage compliance across T&O verticals.
•    Leverage automation, data analytics, and digital solutions to enhance the efficiency and effectiveness of compliance processes.
•    Manage end-to-end regulatory submissions, audits, and assessments, ensuring accuracy and timeliness.
•    Establish performance metrics and dashboards to track compliance effectiveness and drive accountability across T&O functions.
•    Provide regular updates on the T&O compliance position to relevant Operational, Group, and Board Risk committees.
•    Establish, maintain and refine the compliance methodology through incorporating industry practices and standards, where relevant
•    Coordinate and lead gap assessments to identify and close compliance deficiencies across Data, Technology, ICS, Technology and Architecture, and Resilience.
•    Improve and integrate processes and tools to monitor policy and standards compliance / non-compliances and their treatment (where relevant), to drive consistency in the delivery of the compliance service

Business
•    Act as a trusted advisor to business and functional leaders across T&O, ensuring compliance activities enable innovation while maintaining regulatory adherence.
•    Lead and manage T&O compliance function as part of Risk Management, by leveraging and driving digital solutions, including automation and data analytics, while eliminating manual attestations. 
•    This role also ensures the timely and quality delivery of e2e regulatory compliance (including submission and non-submission)

People & Talent Management
•    Working in close collaboration with CISO, risk and control partners across all functions to effectively embed a strong culture of risk awareness and good conduct,
•    Track and sustain a continuous improvement and innovation culture,
•    Support a culture of diversity and inclusion to bring the best out of our people,
•    Build and lead a high-performing compliance team capable of addressing complex, global challenges across multiple verticals.
•    Foster a culture of accountability, collaboration, and continuous improvement within the compliance function.
•    Develop team members through targeted training, mentorship, and professional development initiatives, ensuring skills align with evolving business needs.
•    Act as a role model for ethical leadership, embedding the Bank’s values and Code of Conduct into all aspects of team operations.

Risk Management
•    Work closely with cluster leads to drive an effective risk management culture and compliance mindset,
•    Mature the Bank’s ability to proactively identify and manage cyber threats through quality compliance assessments at a Design and Operating level 
•    Work with other Risk and Controls teams to drive efficiency, effectiveness and reduce duplication.
•    Work closely with senior stakeholders to drive an effective security risk management culture and compliance mindset
•    Liaise with Group Internal Audit and any third party or regulatory inspections, where needed

Governance
•    Track and follow up for timely and accurate completion of ICS regulatory compliance assessments and ensure all governance metrics are met
•    Support appropriate oversight and follow-up for resolution of high impact risk and issues
•    Provide timely and accurate reporting to appropriate committees (risk governance committees, QPR/MPR and associated Refinement Forums, where applicable)
•    Support appropriate oversight and facilitate resolution of high impact risk and issues

Regulatory & Business Conduct 
•    Display exemplary conduct and live by the Group’s Values and Code of Conduct. Including tracking and remediation of conduct issues 
•    Effectively and collaboratively support to identify, escalate, mitigate, and resolve risk, conduct and compliance matters.

Key Stakeholders
•    VP, RMO
•    AVP / VP, LRM 
•    Regional and Country - Chief Information Security Officers (CISOs) and delegate
•    OTCR and delegate
•    ICS Service domains 
•    COOs/CIOs of different businesses/functions
•    Group Internal Audit 

Other Responsibilities
Embed Here for good and Group’s brand and values in ICS R&G; Perform other responsibilities assigned under Group, Country, Business or Functional policies and procedures; Multiple functions.

Skills and Experience

•    With over 15 years of relevant experience in risk management, compliance, assurance or equivalent field, preferably in Banking or Financial Services. A proven track record of leading successful teams is priority.
•    Strong analytical and program management skills. Ability to assess strategic priorities and to focus on detailed aspects of a program in order to drive effective delivery.
•    Strong leadership, negotiation and collaboration skills, and ability to work effectively in a complex multicultural and multi-time zone organization. 
•    Knowledge of the businesses, markets and operations of Standard Chartered Bank and relevant policies, procedures, and processes have an added advantage. 
•    Excellent interpersonal skills to foster positive relationships with internal and external stakeholders.
•    Thorough understanding of ICS, Technology, Resilience and Data business processes, risks, threats, internal controls, and experience with regulators and multi-stakeholder organisations.
•    Ability to collect and analyse data and make recommendations in written and oral form.
•    Strong ability to liaise with all parts of the Bank, including senior security, risk and business stakeholders.
•    Highly effective oral and written communication skills, with an ability to influence and to gain the respect of senior stakeholders and peers. Fluency in English.
•    Bachelor’s Degree in Information Technology, Cybersecurity, Business Management, or other related discipline. Professional certifications have an advantage (e.g., CISA, CISSP, CISM, ITIL, PMP, CSM, CPO)

Role Specific Technical Competencies

•    Business Process Design
•    Process Management
•    Risk Management  
•    Regulatory Environment – Financial Services
•    Program Management 

About Standard Chartered

We're an international bank, nimble enough to act, big enough for impact. For more than 170 years, we've worked to make a positive difference for our clients, communities, and each other. We question the status quo, love a challenge and enjoy finding new opportunities to grow and do better than before. If you're looking for a career with purpose and you want to work for a bank making a difference, we want to hear from you. You can count on us to celebrate your unique talents and we can't wait to see the talents you can bring us.

Our purpose, to drive commerce and prosperity through our unique diversity, together with our brand promise, to be here for good are achieved by how we each live our valued behaviours. When you work with us, you'll see how we value difference and advocate inclusion.

Together we:

• Do the right thing and are assertive, challenge one another, and live with integrity, while putting the client at the heart of what we do
• Never settle, continuously striving to improve and innovate, keeping things simple and learning from doing well, and not so well
• Are better together, we can be ourselves, be inclusive, see more good in others, and work collectively to build for the long term

What we offer

In line with our Fair Pay Charter, we offer a competitive salary and benefits to support your mental, physical, financial and social wellbeing.

• Core bank funding for retirement savings, medical and life insurance, with flexible and voluntary benefits available in some locations.
• Time-off including annual leave, parental/maternity (20 weeks), sabbatical (12 months maximum) and volunteering leave (3 days), along with minimum global standards for annual and public holiday, which is combined to 30 days minimum.
• Flexible working options based around home and office locations, with flexible working patterns.
• Proactive wellbeing support through Unmind, a market-leading digital wellbeing platform, development courses for resilience and other human skills, global Employee Assistance Programme, sick leave, mental health first-aiders and all sorts of self-help toolkits
• A continuous learning culture to support your growth, with opportunities to reskill and upskill and access to physical, virtual and digital learning.
• Being part of an inclusive and values driven organisation, one that embraces and celebrates our unique diversity, across our teams, business functions and geographies - everyone feels respected and can realise their full potential.