Job Summary

We are seeking a dedicated Security Architect to strengthen our CIB Financial Markets (FM) banking operations through the design and implementation appropriate controls to protect our FM applications. In this pivotal role, you will collaborate closely with cross-functional teams in FM to ensure our systems and applications are fortified against cyber threats and comply with our ICS Standards. Your expertise will be instrumental in integrating security best practices into our technology infrastructure, safeguarding sensitive financial data, and ensuring compliance with regulatory standards.

As a Security Architect, you will have the opportunity to lead initiatives that protect our digital assets and maintain the trust of our customers. Your contributions will directly impact the resilience and integrity of our banking services in an increasingly complex cybersecurity landscape. If you are passionate about cybersecurity and thrive in a collaborative environment, we invite you to join us in shaping the future of secure banking operations. You will be a business enabler support our FM business to provide pragmatic risk-based approach and ensure compliance. 

Key Responsibilities

A Security Architect will be responsible for one or more of the following at the same time.

Maintain and keep updated on Bank Security Architecture and Group Governance process. 
•    Work closely with Security Design Architecture team on the latest Security Architecture Process. 
•    Understand bank’s process – eSDLC, Product Onboarding, Cloud Governance, SCBuy
•    Provide timely update and training to Financial Markets Team members on Governance process and new updates. 

Collaborate with Delivery Teams
•    Work closely with development and IT teams to integrate security measures into the software development lifecycle (SDLC), ensuring that security is prioritized from design through deployment.
•    Advise and guide Application teams on possible remediations on identified gaps. 

Conduct Risk Assessments
•    Perform regular risk assessments and vulnerability assessments to identify potential security weaknesses and develop effective mitigation strategies.

Achieve systemic risk reduction
•    Lead security domain practices to create security strategy for the domain, including baseline security architecture, target security architecture, roadmaps, risks and mitigation plans.

Evaluate and Recommend Security Technologies
•    Stay current with emerging security technologies and trends, evaluate their applicability to our environment, and recommend solutions that enhance our security posture.

Develop Security Documentation
•    Create and maintain security documentation, including architecture diagrams, policies, procedures, and standards, to ensure clarity and consistency in security practices.

Provide Security Guidance
•    Offer guidance and training to staff on security best practices, policies, and procedures to foster a culture of security awareness and compliance.

Stay Informed on Regulatory Requirements
•    Stay abreast of regulatory requirements and industry standards related to banking security, ensuring our security measures remain compliant and up to date.

ARCHITECTURE SKILLS

1.    Architecture design skills
•    Understand and apply design thinking process.
•    Capability to design secure architectures that align with business goals and regulatory requirements.
•    Experience in Solution architecture for mid to large scale projects.
•    Experience in designing patterns. 
•    Apply security principles in the design – secure by design and by default.
•    Understand resiliency design for high transactional volume requirements.
•    Solution validation on required RTO/RPO.
•    Able to draw and present clear architecture landscape in a presentable form – i.e.PowerPoint, Visio or Industry recommended Enterprise architecture tools 

2.    Understand Architecture and Security standards and frameworks.
•    Demonstrate ability to apply architecture and security frameworks in day-to-day architecture work
•    Follow and apply architecture principles and standards.
•    Understand Security Standards and Frameworks. 
•    Familiarity with standards such as ISO/IEC 27001, NIST, COBIT, and compliance requirements (e.g., GDPR, HIPAA).

3.    Service oriented architecture.
•    Ability to architect solutions run as services.
•    Ability to understand complex business and service processes.
•    Improve current service designs and architectures.
•    Design solutions as platforms.

4.    Analytical Skills
•    Risk Assessment - Identify and prioritize risks based on their potential impact on the business
•    Threat Modeling - Proficiency in identifying potential threats and vulnerabilities and designing countermeasures.
•    Problem-Solving - Strong analytical and problem-solving skills to address complex security challenges.

5.    Technical skills
•    IAM, 
•    Application Security, 
•    Network security, 
•    Cryptography, 
•    Infrastructure and Cloud security, 
•    Information security, 
•    Incident response, 
•    Security logging and monitoring, 
•    API and API security,
•    Physical security

6.    Soft Skills
•    Communication - Ability to convey complex security concepts to technical and non-technical stakeholders clearly and effectively.
•    Leadership - Skills to lead security teams, manage projects, and drive security initiatives across the organization.
•    Collaboration - Ability to work with cross-functional teams, including IT, legal, compliance, and business units.
•    Adaptability - Flexibility to adapt to evolving security landscapes and emerging technologies.

7.    Strategic Skills
•    Business Acumen - Understanding of business processes and how security can support and protect business objectives.
•    Policy Development - Ability to develop, implement, and enforce security policies and procedures.
•    Vendor Management - Skills to evaluate, select, and manage security vendors and third-party solutions.
•    Continuous Learning and Improvement - Commitment to continuous learning and improvement in security practices and knowledge.

Regulatory & Business Conduct  
•    Display exemplary conduct and live by the Group’s Values and Code of Conduct.  
•    Take personal responsibility for embedding the highest standards of ethics, including regulatory and business conduct, across Standard Chartered Bank. This includes understanding and ensuring compliance with, in letter and spirit, all applicable laws, regulations, guidelines and the Group Code of Conduct. 
•    Effectively and collaboratively identify, escalate, mitigate and resolve risk, conduct and compliance matters. 
 
Key stakeholders  
•    Financial Markets Domain Architect
•    Financial Markets CISO
•    Security Design Architecture (SDA) Team
•    FM Application Teams (Product Owner, Scrum Master, Solution Architect, Software Engineers
•    FM Technology Advisory
•    Assurance Team
•    ICS Domain team

Skills and Experience

•    Bachelor's degree in engineering, computer science, preferably majoring in cybersecurity.  
•    2-3 years hands-on experience (coding in Java, JS, Python) ideally full stack development.  
•    3-5 years’ experience in security architecture roles, leading complex architectural projects with multiple stakeholders, utilizing various security tools/technologies. 
•    Proven threat modelling experience using STRIDE/MITRE/OWASP and/or other threat modelling methodologies for complex systems (ideally MITRE ATT&CK Defenders (MAD) Certified). 
•    1-2 years of experience in networking architecture and/or networking security architecture and/or AWS networking specialty certified / Cisco CCNP Security / etc. 
•    Deep technical skills with good understanding in cross-functional technologies (IAM, data protection, threat management, vuln management, etc.) ability to dive into technical engineering details. 
•    Experience in offensive tactics, techniques, and procedures (TTPs), pen-testing / hacking background or (OSCP, CEH master) certified. 
•    Excellent communication skills, ability to explain complex topics to both technical and non-technical audiences. Proven ability to influence relevant stakeholders and decision makers. 
•    Excellent organisational skills, ability to manage deadlines and effectively prioritise multiple projects

Role Specific Technical Competencies

•    experience working in security architecture / engineering roles for financial institutes.
•    relevant cybersecurity certifications (AWS/Google/Microsoft Certified Security specialist, architect, GDSA, SANS GIAC, CISSP-ISSAP)
•    AWS solutions architect professional certified and 3 years of experience in AWS environment or 5 hands-on years equivalent experience in AWS solution architecture
•    In depth understanding of threat-attack methodologies (STRIDE, DREAD, OWASP, Attack trees, MITRE ATT&CK, etc.) and corresponding mitigations in an enterprise environment.
•    Experience with cybersecurity frameworks e.g. NIST cybersecurity framework, NIST 800-53v5, NIST 800-37, ISO 27xxx, etc.
•    knowledge of offensive tactics, techniques, and procedures (TTPs), ideally completed training and/or certifications (OSCP, CEH, Pentest+, etc.) 

About Standard Chartered

We're an international bank, nimble enough to act, big enough for impact. For more than 170 years, we've worked to make a positive difference for our clients, communities, and each other. We question the status quo, love a challenge and enjoy finding new opportunities to grow and do better than before. If you're looking for a career with purpose and you want to work for a bank making a difference, we want to hear from you. You can count on us to celebrate your unique talents and we can't wait to see the talents you can bring us.

Our purpose, to drive commerce and prosperity through our unique diversity, together with our brand promise, to be here for good are achieved by how we each live our valued behaviours. When you work with us, you'll see how we value difference and advocate inclusion.

Together we:

• Do the right thing and are assertive, challenge one another, and live with integrity, while putting the client at the heart of what we do
• Never settle, continuously striving to improve and innovate, keeping things simple and learning from doing well, and not so well
• Are better together, we can be ourselves, be inclusive, see more good in others, and work collectively to build for the long term

What we offer

In line with our Fair Pay Charter, we offer a competitive salary and benefits to support your mental, physical, financial and social wellbeing.

• Core bank funding for retirement savings, medical and life insurance, with flexible and voluntary benefits available in some locations.
• Time-off including annual leave, parental/maternity (20 weeks), sabbatical (12 months maximum) and volunteering leave (3 days), along with minimum global standards for annual and public holiday, which is combined to 30 days minimum.
• Flexible working options based around home and office locations, with flexible working patterns.
• Proactive wellbeing support through Unmind, a market-leading digital wellbeing platform, development courses for resilience and other human skills, global Employee Assistance Programme, sick leave, mental health first-aiders and all sorts of self-help toolkits
• A continuous learning culture to support your growth, with opportunities to reskill and upskill and access to physical, virtual and digital learning.
• Being part of an inclusive and values driven organisation, one that embraces and celebrates our unique diversity, across our teams, business functions and geographies - everyone feels respected and can realise their full potential.