Job Summary

The Operational, Technology and Cyber Risk (OTCR) department within the Risk function, is the second line-of-defence (2LoD) and provides independent challenge, guidance, and oversight of first line-of-defence (1LoD) risk management. 
OTCR is led by the Global Head, Operational, Technology and Cyber Risk, who has delegated authority from the Group Chief Risk Officer. OTCR comprises OTCR Business / Function Coverage Leads and OTCR SMEs who support the Global Head, OTCR. 
OTCR sets the methodology managing Information and Cyber Security (ICS) and Technology Risks across the Group. Risk Management authorities for ICS and Technology Risks are executed in line with the Bank’s risk management activities i.e., Risk Acceptance and Treatment Plan Escalation, Approval and Closure Authorities. 
This OTCR T&O Country Coverage Lead, Americas position spans two roles; OTCR ICS & Tech Risk SME and Technology and Operations (T&O) Coverage. It is a permanent role, requiring strong business acumen and familiarity with the Americas (North and South America) regulatory landscape, deep knowledge and experience in the ICS and Technology risk field. 

For the OTCR T&O Coverage role, the person will be responsible for:
•    Review, challenge and (where relevant) approval on core ICS and Technology Risk matters that are not aligned to a specific business or function.
•    ICS and Technology Risk management and stakeholder engagement / escalation.
•    Approvals / veto on risk decisions within ICS and Technology Risk.
•    End-to-end oversight of risk performance for ICS controls and core Technology.
•    Interfacing with 1LoD (i.e. Principle Point of Contact) for ICS and core Technology.

For the OTCR ICS and Tech Risk SME role, the person will help, guide, and support informed decision making and risk management with specialist knowledge and expertise. The role will be delivered through consultation, stakeholder engagement and SME insights. It does not involve approval responsibilities.

Key Responsibilities

The successful candidate will have a strong understanding of operating in a second line ICS and Tech Risk capacity and strong experience working with Americas regulators. They should be able to respond flexibly and collaboratively to evolving business, regulatory and threat requirements. 

•    The role reports directly to the Head, OTCR, Strategic & Emerging Risks, with a matrix management Cluster Head, OTCR, Americas & Country Head, US. 
•    The role will provide oversight and challenge of ICS and Technology risk management as a risk partner to country leadership as defined in the Bank’s ICS and Operational & Technology Risk Type Frameworks and under delegation from the Group OTCR. 
•    The primary purpose of this position to ensure that the management of ICS and Technology Risk is operating effectively and efficiently, providing assurance that the risks are appropriately managed. 
•    In addition, given the rapidly evolving ICS and Technology regulatory environment, the successful candidate will have a strong acumen for working with regulators and understanding relevant policies with an ability to articulate new requirements to be included in the ICS and Technology risk management process.
•    Work closely with the rest of OTCR to address ICS and Technology Risk and support its integration into the Bank's overall Enterprise Risk Management.

The role will be expected to focus on the following key risk activities:
Regulatory Engagement
o    Regulatory obligations to be implemented at a local/country-level may emanate from both Extraterritorial Regulation (ETRs) and local regulatory authorities. The Country RFO is the Country Operational, Technology and Cyber Risk Head, (Country OTCR Head).
o    ICS and Tech Risk SME role is responsible for presenting and providing opinions on ICS and Technology risk to regulators.
o    T&O Coverage is consulted on risk opinions for ICS & Tech risk, to be shared with the regulator.

Qualifications

Education    
•    Degree in Cyber Security or Technology or equivalent
Experience  
•    Proven experience in an information security office, senior governance and policy, ICS/ Technology Risk or Operational Risk or Audit role
•    Thorough understanding of IT security business process risks, threats, and internal controls relevant for managing and mitigating risks.
•    Strong knowledge of cyber security and technology frameworks, information security principles, architecture.
•    Technical knowledge across a broad range of ICS and technology risk capabilities including Cyber Defence, Security Monitoring, Analytics, DLP, Access management, Cloud etc. etc.
•    Strong leadership, negotiation and collaboration skills, and ability to work effectively in a complex multicultural and multi-time zone organization. 
•    Strong interpersonal and stakeholder management skills with experience across various levels in the organization including senior leadership teams, in influencing key decisions taken in the business and in support teams.  
•    Ability to collect and analyse data, establish facts, and make recommendations based on sound risk management principles.
•    A passion for keeping technical knowledge and skills up to date and horizon scanning new and emerging thematic risks from new technology or techniques.
•    Ability to articulate inherent and residual risk with specific ability to communicate complex ICS, technology and process risk clearly, concisely, and accurately to non-technical stakeholders in a lucid way.
•    Must be a self-starter who is able to initiate and successfully drive initiatives to completion with little or no management supervision.
Certifications     
•    Professional certifications related to ICS and Technology risk are desirable (e.g., CCSP, CRISC, CISA, CISSP, CISM, GIAC etc).

About Standard Chartered

We're an international bank, nimble enough to act, big enough for impact. For more than 170 years, we've worked to make a positive difference for our clients, communities, and each other. We question the status quo, love a challenge and enjoy finding new opportunities to grow and do better than before. If you're looking for a career with purpose and you want to work for a bank making a difference, we want to hear from you. You can count on us to celebrate your unique talents and we can't wait to see the talents you can bring us.

Our purpose, to drive commerce and prosperity through our unique diversity, together with our brand promise, to be here for good are achieved by how we each live our valued behaviours. When you work with us, you'll see how we value difference and advocate inclusion.

Together we:

• Do the right thing and are assertive, challenge one another, and live with integrity, while putting the client at the heart of what we do
• Never settle, continuously striving to improve and innovate, keeping things simple and learning from doing well, and not so well
• Are better together, we can be ourselves, be inclusive, see more good in others, and work collectively to build for the long term

Expected annual base pay range for the role is 157,400 USD to 236,100 USD. The final offer will be determined on an individualised basis using a number of variables, including but not limited to skill set, depth of experience and education, internal relativity, and specific work location. At Standard Chartered Bank, Base pay is only part of the total compensation package. Discretionary variable pay and a range of attractive bank sponsored benefit programs are available and designed to foster employee overall health and well-being including, but not limited to, a best in class 401k plan with up to 8% employer match, robust medical plan coverage with employer funded Health Savings Accounts, inclusive family building benefits, and flexible/hybrid working arrangements for many of our positions subject to role specific considerations Visit our careers website www.sc.com/careers 

What we offer

In line with our Fair Pay Charter, we offer a competitive salary and benefits to support your mental, physical, financial and social wellbeing.

• Core bank funding for retirement savings, medical and life insurance, with flexible and voluntary benefits available in some locations.
• Time-off including annual leave, parental/maternity (20 weeks), sabbatical (12 months maximum) and volunteering leave (3 days), along with minimum global standards for annual and public holiday, which is combined to 30 days minimum.
• Flexible working options based around home and office locations, with flexible working patterns.
• Proactive wellbeing support through Unmind, a market-leading digital wellbeing platform, development courses for resilience and other human skills, global Employee Assistance Programme, sick leave, mental health first-aiders and all sorts of self-help toolkits
• A continuous learning culture to support your growth, with opportunities to reskill and upskill and access to physical, virtual and digital learning.
• Being part of an inclusive and values driven organisation, one that embraces and celebrates our unique diversity, across our teams, business functions and geographies - everyone feels respected and can realise their full potential.