About Standard Chartered
We are a leading international bank focused on helping people and companies prosper across Asia, Africa and the Middle East.
To us, good performance is about much more than turning a profit. It's about showing how you embody our valued behaviours - do the right thing, better together and never settle - as well as our brand promise, Here for good.
We're committed to promoting equality in the workplace and creating an inclusive and flexible culture - one where everyone can realise their full potential and make a positive contribution to our organisation. This in turn helps us to provide better support to our broad client base.The Role Responsibilities
The Group Chief Information Security Officer (CISRO) organisation is instrumental in protecting and ensuring the resilience of Standard Chartered Bank&rsquos data and IT systems by managing information and cyber security (ICS) risk across the enterprise. As a critical function reporting into the Group Chief Risk Officer (CRO), the Group CISRO team serves as the second line of defence for assuring ICS controls are implemented effectively, in accordance with the ICS Risk Framework, and for instilling a culture of cyber security within the Bank. The Group CISRO is responsible for ICS governance, strategy, policy, awareness, training, risk assessments, cyber stress testing, third party security risk, industry partnerships, and regulatory engagement. In addition, the team of Information Security Officers (ISO) reports to the CISRO and performs a pivotal role as an extension of the CISRO in supporting the ICS risk management strategy, governance, advisory and assurance roles that face off to the Client Services, Regions, and Functions. The Group CISRO is central to ensuring the Bank&rsquos ability to meet its ICS commitments to internal and external stakeholders, including regulators, as well as maintaining an acceptable ICS risk profile that is regularly reported to the Board.Strategy
The Senior Information & Cyber Security (ICS) Assurance Manager is a permanent role with the following responsibilities:
- Support the Head of Assurance and Attestation to deliver assurance, attestation and issue management activities.
- Identify gaps and recommend improvements to Bank&rsquos ICS controls
- Support the Head of Assurance and Attestation to recruit, onboard and train new team members.
- Support the Global Head of Assurance and Testing to deliver CISRO objectives and initiatives.
- Maintain strong stakeholder engagement with Information and Cyber Security 3 Lines of Defence to ensure the successful delivery of each exercise
- Provide ongoing reporting of deliverables (outcomes and recommendations) and schedule to key stakeholders in a timely manner. Timely escalation and reporting of issues to ensure that expectation management across the organisation is proactively carried out.
- Develop knowledge base of ICS technical controls
People & Talent
- Support the Head of ICS Assurance and Attestation to design and implement the ICS testing methodology and ensure that the ICS testing deliverables meets the quality standards set out in the methodology.
- Develop knowledge base of technical and operational controls for ICS assurance and attestation purpose
- Establish constructive relationships with key stakeholders.
- Actively participate in team&rsquos lessons learned or experience sharing sessions
- Proactively learn knowledge on new technology, application, platform and share with the team
- Ensure that all activities are in line with and support of the ICS principal risk type under the Bank&rsquos Enterprise Risk Management Framework (ERMF)
- ICS indicator analysis to proactively identify technical problem areas
- Contribute to the establishment of technical expertise/ knowledge base for operating control assessment
Regulatory and Business Conduct
- Ensure compliance with relevant operational risk controls.
- Support the Global Head of Assurance and Testing to set up the annual plan and manage the execution of the plan to achieve the target on quality, timeline and budget.
- Display exemplary conduct and live by the Group's Values and Code of Conduct.
- Demonstrate leadership ability to ensure that the team achieves the outcomes set out in the Bank's Conduct Principles.
- Take personal responsibility for embedding the highest standards of ethics, including regulatory and business conduct, across Standard Chartered Bank. This includes understanding and ensuring compliance with, in letter and spirit, all applicable laws, regulations, guidelines and the Group Code of Conduct.
- Effectively and collaboratively identify, escalate, mitigate and resolve risk, conduct and compliance matters.
- Group CISRO team.
- Group STS team.
- Group CSS team.
- Centre of Excellence (COE) team.
- Global Head Technology Services Core Management.
- Head, Information Security Officers.
- Head, ICS Governance, Risk and Policy.
- Key Business Stakeholders including: All CIOs Business and Function COOs.
- Head, Audit &ndash Information Security & Cyber.
- Head Operational Risk &ndash Information Security & Cyber.
- Group Risk and Compliance
- Proven experience in Information and Cyber Security control testing, ICS audit, information security officer, senior ICS governance, policy or risk management role
- Thorough understanding of IT security business processes, risks, threats and internal controls.
- Experience working in or with the financial services industry with keen understanding of business and operational environments. In-depth knowledge of payment security e.g. PCI DSS, SWIFT.
- Strong knowledge of the businesses, markets and operations of Standard Chartered Bank and its ICS risk policies, procedures and processes.
- Good understanding of global legal, regulatory and industry regulations, frameworks and standards and the ability to adapt to the changes accordingly.
- Good understanding of the latest ICS threat development.
- Able to communicate complex ICS risks/issues precisely and effectively. Able to construct recommendations in a factual and persuasive manner. Excellent communication skills in both written and oral form.
- Strong senior stakeholder management.
- Ability to both assess strategic priorities and to focus on detailed aspects of a function to drive effective delivery.
- Strong integrity, independence and resilience.
- Any other platform/technology experience across various systems and platforms.
Apply now to join the Bank for those with big career ambitions.
To view information on our benefits including our flexible working please visit our . We welcome conversations on flexible working.