Job Summary

About SC Ventures
SC Ventures is Standard Chartered’s innovation, fintech investment and ventures arm. We were established to reinvent banking, as the significant technological disruptions to the industry was impacting its ability to serve clients and customers, in the ways they needed to be served.
We are a unique ecosystem of innovators, banking experts, business builders and partners who are focused on rewiring the DNA in banking and bringing breakthrough ideas to scale, together.
We are building ecosystems around four high conviction themes: Online Economy & Lifestyle, SMEs & World Trade, Digital Assets, and Sustainability & Inclusion. 
We are a global team of "Members" (excluding individual ventures), including dedicated colleagues from the Group's support functions, based in Singapore, Hong Kong, London, and the United Arab Emirates.
Purpose
The cyber security specialist is a thought-leader, who is accountable for the provision of cyber security services and controls to maintain and continuously improve Ventures’ cyber security posture in today’s ever evolving cyber security landscape.
The role is to protect our Ventures and the Platform from cyber security threats by delivering effective information security technology services, managing and responding to security incidents to ensure, and support the continuity and growth of innovation’s arm operations; and meet both internal and external stakeholders’ expectations within SC Ventures, the SC Ventures CTO and bank leadership.
Standard Chartered is innovating within SC Ventures and requires a forward thinking “Secure by Design” and ‘Compliant by Default’ function to embed Security in its portfolio of technology investments and projects.  Reporting directly to the SCV Technology and ICS Operating Lead, and dotted line to the SCV CISO you will be part of dynamic team and expected to effective and efficient security solutions for Ventures of varying size from conception through development to operational production systems

Key Responsibilities

Responsibilities 
·       Provide deep consulting expertise on complex projects, delivering workable and risk/threat-driven solutions;
·       Conduct various threat modelling techniques at an application, system and enterprise level;
·       Create and harvest reusable Security Patterns through projects and bank security team;
·       Provide thought leadership on emerging technologies and how they can be secured;
·       Work in an Agile environment to drive continuous improvement (efficiency and effectiveness) to align to System Readiness Assurances (SRA) and perform Security Impact Assessments (SIA);
·       Maintain and grow a centralised knowledge repository of Security Requirements, Patterns, Threat Models and Capabilities;
·       Be a Secure by Design Champion and promote secure software development practices within each Venture, and its sub-contractors.
·       Cloud Identity and Access and Provisioning for new and on-going ventures
·       SaaS Security Risk Assessment tools Support the Architecture team from an ICS perspective
ICS and Governance
• Define and maintain an efficient technical assurance methodology which delivers risk focused, timely and re-performable assurance on key controls, to support and maintain risk reduction
• Proven experience identifying solutions for complex problems in enterprise environments.
• Proven ability to map and understand complex relationships and interactions between Enterprise Architecture, business direction, emerging trends, emerging technologies, and legacy systems
• Proven ability to do research and documentation on emerging trends and their impact 
• Strong technical knowledge and confidence in communicating with highly technical audiences.
• Highly meticulous and detail oriented.
• Excellent analytical and problem solving skills.
• Proven experience and desire to operate as a self-starter and be comfortable working in an ambiguous, yet fast-paced, environment.
• Superb speaking, writing and influencing skills are required as the opportunity often presents or interacts verbally or in written form to CTO, CISO/CIS, and business leadership.
• Proven ability to identify and develop clear and understandable security capabilities and strategic views from high-level business objectives and technology constraints.
• Developing knowledge of information security principles, frameworks and best practices and how those principles support the Group's Information & Cyber Security Strategy and Vision.
• Proven ability to pull a diverse group of individuals with different goals together to facilitate, moderate, and influence productive discussions driving towards results
• Strong business acumen to quickly learn new business processes and understand how information security can support the business in achieving revenue and profit goals
• Superior communication and collaboration skills, ability to explain complex concepts in plain language and graphics.
• Demonstrated relevant security expertise in designing security solutions for a mix of technology areas, with a focus on application, network and cloud security.
• Demonstrated ability to develop expertise on the job and supporting security programs in a mix of technology areas including:

Qualifications

Our Ideal Candidate
·       10+ years' experience in information security or information technology disciplines
·       5+ years of Information Security architecture and / or strategy
·       Experience running cyber security (1st line) in a start up / fintech
·       Experience working in a regulated banking / financial services environment
Role Specific Technical Competency
·       Familiarity with ISO27001, ISO27017 and ISO27018 is beneficial
·       CISSP / GSEC / SABSA / TOGAF certifications highly beneficial
·       Advanced Identity & Access Management (SAML, SSO, AD)
·       APIs, Web Services, REST Endpoints, HTTP Headers
·       Cloud Service, Provider, and Platform Security (SaaS, FaaS, PaaS & IaaS)
·       Application Security (Secure SDLC, DevSecOps, and IaC Automation)
·       Next Generation Network Security (Software Defined Perimeter, Zero Trust/BeyondCorp, SDWAN)
·       End User Technology, Productivity & Collaboration Security
·       Hands-on experience with Cloud configuration (Azure, AWS, GCP)
·       AWS SCP/ JSON Policies, and Identity and Access Management (IAM) experience
·       Bachelor's degree in Computer Science or related field, or equivalent work experience
Apply now to join the Bank for those with big career ambitions. 
 Remit 

About Standard Chartered

We're an international bank, nimble enough to act, big enough for impact. For more than 170 years, we've worked to make a positive difference for our clients, communities, and each other. We question the status quo, love a challenge and enjoy finding new opportunities to grow and do better than before. If you're looking for a career with purpose and you want to work for a bank making a difference, we want to hear from you. You can count on us to celebrate your unique talents and we can't wait to see the talents you can bring us.

Our purpose, to drive commerce and prosperity through our unique diversity, together with our brand promise, to be here for good are achieved by how we each live our valued behaviours. When you work with us, you'll see how we value difference and advocate inclusion.

Together we:

• Do the right thing and are assertive, challenge one another, and live with integrity, while putting the client at the heart of what we do
• Never settle, continuously striving to improve and innovate, keeping things simple and learning from doing well, and not so well
• Are better together, we can be ourselves, be inclusive, see more good in others, and work collectively to build for the long term

What we offer

In line with our Fair Pay Charter, we offer a competitive salary and benefits to support your mental, physical, financial and social wellbeing.

• Core bank funding for retirement savings, medical and life insurance, with flexible and voluntary benefits available in some locations.
• Time-off including annual leave, parental/maternity (20 weeks), sabbatical (12 months maximum) and volunteering leave (3 days), along with minimum global standards for annual and public holiday, which is combined to 30 days minimum.
• Flexible working options based around home and office locations, with flexible working patterns.
• Proactive wellbeing support through Unmind, a market-leading digital wellbeing platform, development courses for resilience and other human skills, global Employee Assistance Programme, sick leave, mental health first-aiders and all sorts of self-help toolkits
• A continuous learning culture to support your growth, with opportunities to reskill and upskill and access to physical, virtual and digital learning.
• Being part of an inclusive and values driven organisation, one that embraces and celebrates our unique diversity, across our teams, business functions and geographies - everyone feels respected and can realise their full potential.