Information Security Risk Officer

Information Security Risk Officer

Standard Chartered
10-13 years
Not Specified

Job Description


About Standard Chartered
We are a leading international bank focused on helping people and companies prosper across Asia, Africa and the Middle East.
To us, good performance is about much more than turning a profit. It's about showing how you embody our valued behaviours - do the right thing, better together and never settle - as well as our brand promise, Here for good.
We're committed to promoting equality in the workplace and creating an inclusive and flexible culture - one where everyone can realise their full potential and make a positive contribution to our organisation. This in turn helps us to provide better support to our broad client base.
The Role Responsibilities
This specific role is a senior Band 5 role who will report directly to Global Head ISRO, Technology & Innovation and SC Ventures. The role provides independent ICS risk advice, oversight and thought leadership to support the successful execution of the T&I business operating plans and strategies. This includes oversight of the STS function within T&I which execute a significant number of Bank&rsquos cyber controls.
The role delivers services that continually monitor the ICS threat landscape, undertake constructive and robust oversight of the effectiveness of ICS controls and risk remediation strategies, and ensuring accurate, insightful and transparent ICS risk reporting is provided to senior mgmt. to provide them appropriate assurance and confidence on theT&I ICS risk profile.
We are seeking an information and cyber security risk specialist to deliver a range of activities associated with the discharging of CISRO second line responsibilities. This role will have considerable engagement with all business units, risk committees, and other stakeholders across the bank, but especially those in T&I. The successful candidate will be expected to lead and deliver a range of complex activities in the following fields:
Risk Management

  • Support the assessment of ICS risk and reporting by T&I 1st line teams.

  • Support the ISRO team in the use of the ICS RTF and other techniques from a 2nd line perspective.

  • Raise visibility of ICS weaknesses to drive ICS improvements and uplift.

  • Highlight gaps or control weaknesses against security standards and regulations in the key ICS domains (Identity Access Management (IAM), Application Security, Vulnerability Management, Malware Protection, Network Security, API security, Cloud and Container Security

  • Create risk mitigation plans calling out where these are ineffective or insufficiently followed.

  • Perform thematic reviews as required by the ISRO team.


Governance

  • Work with teams within T&I and participate in work groups and other meetings to understand, advise and challenge on ICS matters

  • Collaborate with Head of ICS in the preparation of Group ICS update for TNFRC using the material from ICS RTF profile and centrally produced by the CISRO Governance team.

  • Report any ICS risks/issues during TNFRC which require attention and support

  • Ensure consistency of reporting and production of high-quality documentation and materials.

  • Provide recommendations and feedback to CISRO teams based on experience with T&I



Regulatory & Business Conduct

  • Display exemplary conduct and live by the Group&rsquos Values and Code of Conduct.

  • Take personal responsibility for embedding the highest standards of ethics, including regulatory and business conduct, across Standard Chartered Bank. This includes understanding and ensuring compliance with, in letter and spirit, all applicable laws, regulations, guidelines and the Group Code of Conduct.

  • Effectively and collaboratively identify, escalate, mitigate and resolve risk, conduct and compliance matters.


Key Stakeholders

  • Group CISRO Leadership Team

  • Group ISRO Leadership Team

  • Group T&I Risk Management and Cloud Governance Heads and teams

  • Global Head, Security Technology Services

  • Group CISO

  • Group T&I MT Leadership Team

  • Head of ICS for T&I

  • ISROs for Functions, Businesses and Regions

  • Other CISRO teams

  • Group Internal Audit

  • Identified business stakeholders


Our Ideal Candidate

  • A degree in Information and Cyber Security or Technology or equivalent

  • Professional Certifications such as CISSP, CISA, CISM or equivalent is desirable

  • Minimum 10 years&rsquo experience in information security or risk management, preferably in Banking and Financial sector, with 5 years hands-on experience in information security risk assessments

  • Strong knowledge of cybersecurity frameworks, standards and principles

  • Strong technical knowledge on Security Monitoring, Security Analytics, Identity Access Management, Network Security, Data Privacy, Third Party risk, Application Security, Vulnerability management, Cloud and Container Security

  • Must be a self-starter who is able to initiate and successfully drive initiatives to completion with little or no management supervision.

  • Excellent written and oral communication and reporting skills


Domain Knowledge

  • Strong technical knowledge in ICS controls domain &ndash Identity Access Management (IAM), Application Security, Vulnerability Management, Security Monitoring, Malware Protection, Network Security, Cloud and Container environment, API security


EXPERIENCE QUALIFICATIONS:

  • Personal authority based on established trusted relationships and ability to provide advice and direction which is respected amongst peers

  • Good knowledge of the businesses, markets and operations of Standard Chartered Bank and the policies, procedures and processes through which information and cyber security risks are addressed throughout the Group

  • Proven ability to respond to complex challenges and deliver practical solutions and direction which reflect a balanced view of the operation of the bank

  • Ability to both assess priorities and to focus on work in a structured fashion which delivers results

  • Sound judgement and anticipation

  • Strong integrity, independence and resilience


Apply now to join the Bank for those with big career ambitions.
To view information on our benefits including our flexible working please visit our . We welcome conversations on flexible working.

Job Details

Job Source : scb.taleo.net

Similar Jobs

Career Advice to Find Better