About Standard Chartered
We are a leading international bank focused on helping people and companies prosper across Asia, Africa and the Middle East.
To us, good performance is about much more than turning a profit. It's about showing how you embody our valued behaviours - do the right thing, better together and never settle - as well as our brand promise, Here for good.
We're committed to promoting equality in the workplace and creating an inclusive and flexible culture - one where everyone can realise their full potential and make a positive contribution to our organisation. This in turn helps us to provide better support to our broad client base.
The Role Responsibilites
- Support the functional head in leading a team of ICS technical control testing SMEs (Subject Matter Experts) to plan and execute on key controls testing across the bank’s critical IT systems.
- Lead the execution of a consistent, sustainable and re-performable control testing framework/methodology for the bank’s critical IT systems.
- Provide thought leadership on ICS technical control design, assessment, testing processes and drive continuous improvements in allignment with organisational's risk frameworks.
- Work with the Application/Service/Control Owners of critical IT systems to identify emerging ICS risks and ensure they are appropriately addressed by relevant technical controls.
- Support the provision of MI (Management Information) to the respective risk forums across business and functions.
- Assess compliance with the Bank’s risk frameworks, policies and industry standards (NIST).
- Support stakeholders in defining remediation actions to address identified control weaknesses and issues across critical IT systems, and associated processes.
- Track issue remediation, check and challenge delivery status and escalate delays.
- Identify opportunities for automation of controls testing.
- Maintain effective relationships with leaders and stakeholders.
- Support the continuous improvement of ICS control testing, risk and control processes, aligning to and avoiding duplication with other assurance functions.
- Lead through example and build the appropriate culture and values. Set appropriate tone and expectations, and work in collaboration with risk and control partners.
- Adopt an anticipatory approach to risk assessment through stakeholder engagement and monitoring of the external environment.
- Provide robust challenge and escalation to senior management to ensure activities achieve risk reduction.
- Provide timely and accurate risk & control information to support internal/external (e.g. regulatory) assessments.
Key Stakeholders
- Head of ICS Technical Controls Testing.
- Global Head of ICS Controls.
- Group Operational Risk.
- Group ISROs (Information Security Risk Officers).
- Group Internal Audit.
The Role Requirements
- Educational background in Computer Science, Economics, Law, Risk Management or other relevant areas.
- 8-15 years in IT/Cyber Audit and/or Cyber Risk Management or similar experience is essential.
- Professional qualifications such as CISA/CRISC/CISM/CISSP will be advantageous.
- Posess the right mix of leadership, cyber expert and risk & control skills.
- Be self motivating and kick starter capable of working with limited direction.
- Be capable to execute leadership, management and coaching over colleague(s).