JOB SUMMARY

The Global Head, Technology & Operations (T&O) Risk & Control (R&C) leads the risk management and control capabilities across Technology & Operations (T&O) and seeks to manage the risks in a more consistent and effective manner. This team has both dedicated, client-centric R&C expertise to drive proactive risk identification and remediation outcomes for critical domain areas across T&O and also specialised capabilities to provide clearer and streamlined risk management support, ensuring that our risks are governed, assessed, mitigated, and reported in a consistent manner.

Within this team, the Control Testing & RMO vertical brings together the existing T&O control testing, technology assurance, ICS application & infrastructure compliance and Risk Management Operations capabilities, and establishes new capability to provide assurance over key transformation programmes in T&O. This team helps to ensure we embed and enhance our assurance capabilities across T&O. 

Within this vertical, the Head, eSDLC Controls Testing role is responsible to manage testing of eSDLC controls for releases at pre-production and immediately after production deployment and to build capability for major Program Delivery Assurance.

RESPONSIBILITIES

Strategy
The role is responsible to do the following.
For ensuring the quality and reliability of application releases, both prior to production release and post-release,
Lead Expert System Development Lifecycle (eSDLC) and technology resilience controls,
Lead Non-functional assurance covering App performance, Stress, resilience and capacity,
Lead Resilience Controls Testing,
Lead Cloud Onboarding Assurance review and Application Programming Interface (API) Assurance review,
Provide strategic guidance and support to senior management on risk-related matters, directly working with all the CIOs and their delegate on a regular basis
Provide strategic and BAU updates to various risk committees, forums etc  
Monitor and report on the effectiveness of the risk management framework and make recommendations for improvements,
Stay abreast of industry trends and best practices in risk management and digitisation.

Business
The role will be required to
Laser focus on Customer centricity to create long term value proposition for them,
Transition from manual testing to automated control validation at scale, ensuring continuous monitoring rather than periodic assessments,
Support stakeholders in defining remediation actions to address identified weaknesses and issues across critical systems, and associated processes,
Provide guidance and advisory on how to avoid recurrence of gaps/issue during control testing 
Ensure retesting of remediation, tracking and validating closure of issues identified

Processes
The role will:
Identify efficiencies in the execution process and streamline and automate wherever possible.
Regularly identify and implement opportunities for efficiency (via A3s) across processes, systems, and infrastructure,
Develop strategic plan for assurance review of eSDLC controls, covering Software Configuration Management (SCM) for relevant segments,
Provides support and training to delivery teams on software configuration approach and ESDLC compliance,
Ensures all SCM controls are reviewed on time and with right quality,
Build and enhance the Automated Assurance Solution for the SCM controls across the various software configuration tools of the Bank

People & Talent
Working in close collaboration with internal stakeholders, risk and control partners across all functions to effectively embed a strong culture of risk awareness and good conduct,
Track and sustain a continuous improvement and innovation culture,
Support a culture of diversity and inclusion to bring the best out of our people,

Risk Management
Prevent production incidents by ensuring that production releases are compliant to minimum controls and to drive up compliance across IBS applications,
Report Control compliance against Risk control monitors as part of ESDLC monthly RIR reporting,
Perform periodic reporting to CIOs to inform them on ongoing control compliance to ESDLC,
Ensures all Non-Functional Test (NFT) controls are reviewed on time and with right quality and conducts NFT reviews for applications and services,
Advise Delivery teams on Performance & Stability testing approach,
Provide pre-production and post-production release review for non-functional controls that exist in ESDLC and Technology Resilience Standards, and ensure Assurance covers ESDLC controls (non-functional requirements, application performance, stability, reliability and stress) and Technology Resilience controls (Availability, Recoverability, Backup & Restore, Capacity Management),
Act as Cloud Governance Reviewer for NFT,
Responsible to review applications which are onboarding to Cloud to ensure they are compliant to Cloud Controls with Assurance scope including SaaS, Private Cloud and Public Cloud (IaaS) applications,

Governance
Track and follow up for timely and accurate reporting to appropriate committees,
Support appropriate oversight and follow-up for resolution of high impact risk and issues,

Regulatory & Business Conduct
Display exemplary conduct and live by the Group’s Values and Code of Conduct,
Take personal responsibility for embedding the highest standards of ethics, including regulatory and business conduct, across Standard Chartered Bank. This includes understanding and ensuring compliance with, in letter and spirit, all applicable laws, regulations, guidelines and the Group Code of Conduct,
Effectively and collaboratively identify, escalate, mitigate and resolve risk, conduct and compliance matters,

Key Stakeholders
Interim Global Head, Control Testing & RMO 
Control Testing MT
2LoD OTCR 
COOs/CIOs of different businesses/functions
Group Internal Audit 

Other Responsibilities
Embed Here for good and Group’s brand and values in T&O Risk & Control; Perform other responsibilities assigned under Group, Country, Business or Functional policies and procedures; Multiple functions (double hats)

Our Ideal Candidate

• 18+ years of experience in IT/ Cyber Security/ Cyber Audit / risk management (Technology and Cyber), Cloud Risk and Controls Testing, 
• A proven track record of leading successful teams is priority.
• Strong understanding of risk management frameworks and regulatory requirements.
• Proven track record of leading and implementing digitisation initiatives in a financial institution.
• Excellent analytical, problem-solving, and decision-making skills.
• Thorough understanding of business processes, risks, threats, internal controls, and experience with regulators and multi-stakeholder organisations.
• Technical knowledge on security controls best practices across different platforms, systems and security tools,
• Excellent understanding of security processes, risks and controls, audit and testing methodologies,
• Highly effective oral and written communication skills, with an ability to influence and to gain the respect of senior stakeholders and peers.
• Bachelor's degree in Finance, Business Administration, or a related field. A Master's degree or professional certification (e.g., CFA, FRM) is preferred. Professional certifications have an advantage (e.g., PCI ISA, CISA, CISSP, CISM, ITIL, PMP, CSM, CPO).

Role Specific Technical Competencies

• Business Process Design
• Analytical Thinking
• Process Management
• Risk Management  
• Program Management

About Standard Chartered

We're an international bank, nimble enough to act, big enough for impact. For more than 170 years, we've worked to make a positive difference for our clients, communities, and each other. We question the status quo, love a challenge and enjoy finding new opportunities to grow and do better than before. If you're looking for a career with purpose and you want to work for a bank making a difference, we want to hear from you. You can count on us to celebrate your unique talents and we can't wait to see the talents you can bring us.

Our purpose, to drive commerce and prosperity through our unique diversity, together with our brand promise, to be here for good are achieved by how we each live our valued behaviours. When you work with us, you'll see how we value difference and advocate inclusion.

Together we:

• Do the right thing and are assertive, challenge one another, and live with integrity, while putting the client at the heart of what we do
• Never settle, continuously striving to improve and innovate, keeping things simple and learning from doing well, and not so well
• Are better together, we can be ourselves, be inclusive, see more good in others, and work collectively to build for the long term

What we offer

In line with our Fair Pay Charter, we offer a competitive salary and benefits to support your mental, physical, financial and social wellbeing.

• Core bank funding for retirement savings, medical and life insurance, with flexible and voluntary benefits available in some locations.
• Time-off including annual leave, parental/maternity (20 weeks), sabbatical (12 months maximum) and volunteering leave (3 days), along with minimum global standards for annual and public holiday, which is combined to 30 days minimum.
• Flexible working options based around home and office locations, with flexible working patterns.
• Proactive wellbeing support through Unmind, a market-leading digital wellbeing platform, development courses for resilience and other human skills, global Employee Assistance Programme, sick leave, mental health first-aiders and all sorts of self-help toolkits
• A continuous learning culture to support your growth, with opportunities to reskill and upskill and access to physical, virtual and digital learning.
• Being part of an inclusive and values driven organisation, one that embraces and celebrates our unique diversity, across our teams, business functions and geographies - everyone feels respected and can realise their full potential.

Recruitment Assessments

Some of our roles use assessments to help us understand how suitable you are for the role you've applied to. If you are invited to take an assessment, this is great news. It means your application has progressed to an important stage of our recruitment process.

Visit our careers website www.sc.com/careers