Lead, Information Security

Lead, Information Security

Standard Chartered
10-13 years
Not Specified

Job Description


About Standard Chartered
We are a leading international bank focused on helping people and companies prosper across Asia, Africa and the Middle East.
To us, good performance is about much more than turning a profit. It's about showing how you embody our valued behaviours - do the right thing, better together and never settle - as well as our brand promise, Here for good.
We're committed to promoting equality in the workplace and creating an inclusive and flexible culture - one where everyone can realise their full potential and make a positive contribution to our organisation. This in turn helps us to provide better support to our broad client base.
The Role Responsibilities
Strategy

  • Security Technology Services (STS) is a critical function within Standard Chartered Bank operating under the overall purview of &ldquoTechnology Services&rdquo.

  • The STS team is made up of cyber security thought leaders, who are accountable for the provision of a global set of cyber security services and products to maintain and continuously improve Bank&rsquos cyber security posture in today&rsquos ever evolving cyber security landscape.


Business

  • The STS team protect the Bank from cyber security threats by delivering effective information security technology services, managing, and responding to security incidents to ensure, and support the continuity and growth of Bank&rsquos business operations and meet the both internal and external stakeholders&rsquo expectations across 70+ countries and territories, in which SCB operates.

  • Security Production Support within STS, is a transversal service with a primary objective to provide Production Support Services (PSS) for all STS owned products and services. The PSS function requires an experienced leader to setup a production support team, Run and Govern the minimum production support controls defined by the bank across all security products and services. This includes managing all day-to-day producton support operations covering event, incident, problem, release and change activities. In addition to business-as-usual activities, the role is also expected to drive support improvement initiatives for all the security service domains


Regulatory & Business Conduct

  • Display exemplary conduct and live by the Group&rsquos Values and Code of Conduct.

  • Take personal responsibility for embedding the highest standards of ethics, including regulatory and business conduct, across Standard Chartered Bank. This includes understanding and ensuring compliance with, in letter and spirit, all applicable laws, regulations, guidelines and the Group Code of Conduct.

  • Lead the [country / business unit / function/[team] to achieve the outcomes set out in the Bank&rsquos Conduct Principles: [Fair Outcomes for Clients Effective Financial Markets Financial Crime ComplianceThe Right Environment.] *

  • Effectively and collaboratively identify, escalate, mitigate and resolve risk, conduct and compliance matters.


Key Stakeholders

  • Services Domain Heads within Security Technology Services

  • Other relevant functions with Technology Services including Infrastructure Services (database, network, servers), In-Count Technology teams and End user services


Other Responsibilities

  • Manage and support Encryption and Tokenization Infrastructure in production environment

  • Identify tasks with repetitive nature and automate wherever feasible

  • Align and adopt SRE practices in day-to-day operations

  • Work closely with related teams, viz. platform, infra, SCM on day to day basis

  • Able to Provide artefacts from the service when required.

  • Work closely with business and other stakeholders to deliver their security requirements

  • Participate in security incident response activities.

  • Run, Govern the support operating model within Security Production Support

  • Define support prioritise and drive service improvement deliverables for SPS

  • Be a subject expert within security production support by providing solutions to complex problem statements

  • Adoption of Standard tools and techniques for support management including event monitoring, batch management for routine activities, resiliency, capacity and for other standard core support processes like Incident, Problem and Change

  • Ensure IT Assets of STS are appropriately recorded and recertified This includes maintaining list of security services, service and support ownership, assets &ndash servers, software and relationship with upstream and downstream systems

  • Lead Major production incidents by constructing and taking overall responsibility for service resumption

  • Proactive review of production platform related risks or non-compliances like resiliency, capacity, obsolescence, event monitoring and reporting controls, and ensure full risks awareness is in place

  • Take part in on-boarding newer capabilities/products into production support by reviewing all non-functional requirements, service validation and ensuring compliance to technology delivery assurance

  • Contribute to product strategy and lifecycle, wherever applicable Also ensure there are no redundancies of services within STS products and services

  • Conduct Production service level reviews with all key stakeholders with STS

  • Contribute in Security product roadmap and strategy

  • Support on-boarding of all newer capabilities into STS

  • Engage with other transversal technology services teams like data centre, database and platform support, ensuring there is adequate awareness of security tools, products and services, its significance to the security ecosystem for the bank

  • Establish and Govern all service reviews with suppliers/vendors providing support services for STS

  • Plan and manage the financials (Budget, forecasts, actuals) for Security Production Support and ensuring the spends do not overrun

  • Adoption of DevOps and industry standards and practices for Security Production support


Our Ideal Candidate

  • Minimum 10 years&rsquo experience in Data Security Services

  • Hands on experience in more than one Encryption, Tokenization technologies (Protegrity, Thales, Fortanix, nCipher, etc)

  • Strong technical skills on:


  • Integration of applications with Encryptions and tokenization systems

  • Troubleshooting issues related to Encryption, tokenization


  • Experienced in delivering and managing on-prem and in-cloud Encryption and Tokenization services

  • Has excellent knowledge of cloud environment and cloud security

  • Able to get things done in a quick-paced environment. Be transparent and open around what doesn&rsquot work and what does

  • Hands-on knowledge of Java, Python and related tools (bitbucket, antifactory, etc.) with ability to automate manual tasks

  • Should have knowledge of SRE practices and has hands-on experience with managing production as per SRE standards and best-practices.

  • Should have performed in SRE driven environment in past

  • Good knowledge and understanding on the below.


  • Understanding on Linux/UNIX basics

  • Understanding of networking concepts

  • Working knowledge on Windows OS

  • Understanding of Information Security concepts

  • Basic understanding of Web Applications.


  • Excellent communication skills &ndash oral, written and presentation technical reporting writing across various types of target audiences.

  • Having adequate knowledge in Information security basics and Encryption tools.

  • Having demonstrated ability in managing any of the Certificate Authority Services and its related systems/tools is an added advantage

  • Good working knowledge of MS Office Suite: Outlook (advance), Word (advance), PowerPoint (advance), Excel (advance)

  • Diploma or Bachelor&rsquos Degree in Engineering, Computer Science/Information Technology or its equivalent

  • Ensures and monitors security compliance with Group and Regulatory standards.

  • Have good understanding of ITIL practices and ITSM tools

  • Has excellent track record in running complex application production / support environment

  • Has performed Production tasks within the SDF/SDLC process

  • Has supported Problem Management, Change Management and Incident Management functions

  • Highly motivated, results-driven, and able to multi-task

  • Excellent communication and interpersonal skills, and able to work well with cross-organizational teams

  • Strong analytical and quantitative skill

  • Strong managerial, influencing and negotiation skills

  • Experience with enterprise data centre design, DevOps, and Cloud Computing

  • Strong sense of personal ownership and responsibility in accomplishing the organisation&rsquos goal. Is confident and will roll-up his/her sleeves to drive success.


Apply now to join the Bank for those with big career ambitions.
To view information on our benefits including our flexible working please visit our . We welcome conversations on flexible working.

Job Details

Employment Types:

Function:

IT

Job Source : scb.taleo.net

Similar Jobs

Career Advice to Find Better