Job Summary

Audit Management
•    First point of contact for all Domain audit requests.
•    Review and assess FM audit matters; ensuring requests, actions and issues are managed and responded appropriately in timely manner.
•    Review adequacy of management response to audit findings, including proposing mitigating controls, relevant evidences.
•    Review progress and timely closure of audit findings.
•    Represent the Domain(s) as the Single Point of Contact (SPoC) on audits (internal and external) and Subject Matter Expert (SME) on the audit related matters

Risk Management
•    Scope and plan thematic risk / isolated control reviews aligning with the Domain(s)’s key objectives, Group Internal Audit themes and key risk areas (may include suppliers where appropriate) including proposing treatment plans and risk ratings.
•    Manage risk assessments raised in systems (such as ServiceNow, M7 and CRISP) through periodic follow with action owners.
•    Ensure completeness and integrity of risk information captured in these systems .
•    Deliver control design for the relevant domain / process. Propose addition of or change in controls. 
•    Propose changes and / or new Control indicators (KCI, KRI, KCSA, CST etc) to Portfolio Risk Leads. 
•    Provide advice, drive and oversee Group wide remediations on Domain applications where applicable.
•    Manage remediation of exceptions to return to Green identified in various sources (metric, risk analysis)

Key Responsibilities

Risk Forums
•    Support delivery of all risk forums within the Domain(s) operates within the approved Terms of Reference (ToR), including membership, agenda, and frequency.etc.
•    Facilitation and pack production for the Domain(s) risk forums. Provide challenge to ensure robust Risk Management practice
•    Submission of risk and control related details to relevant (Group) Risk Forums within schedule and at the required quality 
•    Participate/Input in other relevant forums as representation of Risk member for Domain. 

Key stakeholders
FM Technology

Skills and Experience

•    Overall 7+ years of audit background, practical experience in engaging / managing technology audit engagement or being a member of a technology audit team. 
•    At least 2-4 years’ experience in Operational Risk within technology.
•    At least 5 years’ experience in any (combination of) technology discipline.
•    In-depth understanding of IT controls required to manage Technology Risk. 
•    Understanding of Technology Infrastructure / Applications / Project Lifecycle and the associated controls required through project delivery to manage and mitigate risk.
•    Knowledge of approaches, tools, techniques for recognising, anticipating, and resolving operational or process problems.
•    Confident and self-motivated leader with experience in effectively negotiating with and influencing others in a matrix environment.
•    Ability and confidence to operate across a wide range of seniority levels, Domain(s) operational divides, locations, and businesses.
•    Be able to create and tailor clear and concise verbal and written communications to different audiences, fluent written and spoken English language skills.
•    Possess a pro-active posture and committed to continuous improvement.
•    Good presentation skills.
•    Demonstrable analytical thinking; data analysis and reporting skills
•    A team player who enjoys working with people on all levels as well as being able to work independently and under pressure to meet tight deadlines.

The following skills are not a pre-requisite, but will be advantageous: 
•    Project management experience / background, ideally with distributed teams.
•    Experience in any other risk management discipline (Credit, Market, etc.).
•    Experience working in a financial institution industry

Qualifications

•    Tertiary qualifications in IT or Computer Science / Risk Management
•    ITIL Foundation / COBIT certified.
•    Optional but will be advantageous:
•    Certification in CRISC (Certified in Risk and Information Systems Control)
•    Certification in CISA (Certified Information System Auditor) or any other related qualification would be beneficial

Role Specific Technical Competencies

•    IT Auditing
•    Risk Management
•    Project Management
•    IT Technical (infra, hardware, software)
•    Bank Processes
•    IT Auditing 

About Standard Chartered

We're an international bank, nimble enough to act, big enough for impact. For more than 170 years, we've worked to make a positive difference for our clients, communities, and each other. We question the status quo, love a challenge and enjoy finding new opportunities to grow and do better than before. If you're looking for a career with purpose and you want to work for a bank making a difference, we want to hear from you. You can count on us to celebrate your unique talents and we can't wait to see the talents you can bring us.

Our purpose, to drive commerce and prosperity through our unique diversity, together with our brand promise, to be here for good are achieved by how we each live our valued behaviours. When you work with us, you'll see how we value difference and advocate inclusion.

Together we:

• Do the right thing and are assertive, challenge one another, and live with integrity, while putting the client at the heart of what we do
• Never settle, continuously striving to improve and innovate, keeping things simple and learning from doing well, and not so well
• Are better together, we can be ourselves, be inclusive, see more good in others, and work collectively to build for the long term

What we offer

In line with our Fair Pay Charter, we offer a competitive salary and benefits to support your mental, physical, financial and social wellbeing.

• Core bank funding for retirement savings, medical and life insurance, with flexible and voluntary benefits available in some locations.
• Time-off including annual leave, parental/maternity (20 weeks), sabbatical (12 months maximum) and volunteering leave (3 days), along with minimum global standards for annual and public holiday, which is combined to 30 days minimum.
• Flexible working options based around home and office locations, with flexible working patterns.
• Proactive wellbeing support through Unmind, a market-leading digital wellbeing platform, development courses for resilience and other human skills, global Employee Assistance Programme, sick leave, mental health first-aiders and all sorts of self-help toolkits
• A continuous learning culture to support your growth, with opportunities to reskill and upskill and access to physical, virtual and digital learning.
• Being part of an inclusive and values driven organisation, one that embraces and celebrates our unique diversity, across our teams, business functions and geographies - everyone feels respected and can realise their full potential.