Job Description

Role Responsibilities

We are a leading international bank focused on helping people and companies prosper across Asia, Africa and the Middle East.

To us, good performance is about much more than turning a profit. It\'s about showing how you embody our valued behaviours - do the right thing, better together and never settle - as well as our brand promise, Here for good.

We\'re committed to promoting equality in the workplace and creating an inclusive and flexible culture - one where everyone can realise their full potential and make a positive contribution to our organisation. This in turn helps us to provide better support to our broad client base.

Make an impact every day with Information & Cyber Security (ICS)

Within Technology, Transformation and Operations (TTO) SC has established a world class 1st line Information and Cyber Security (\xe2\x80\x9cICS\xe2\x80\x9d) capability to support the Business, Function, and Region to deliver their strategy and continuously improve ICS posture against ever evolving threats. These are challenges that impact our clients globally. Our ICS team develops the platforms, drives the processes, and builds partnerships to benefit millions of people every day. The team thrives in providing solutions to complex issues, devoting time and energy to designing new and innovative solutions, and all in an environment that demands being risk-aware, not risk-averse. ICS chooses progress over perfection and aims to always participate with a constructive purpose. The team makes an impact wherever they are based, be it in our offices around the world, our Global Business Services centres in China, India, Malaysia, and Poland, or even from home.

Now you have an opportunity to make a meaningful impact with a diverse and passionate team of creators, innovators, and achievers. With us, you\xe2\x80\x99ll learn, be inspired, and make an impact every day. The success of our work hinges on how we use the unique diversity of our people to realise the effects we seek to achieve: Always on. Always safe. Always Simple.

People Security, ICS

The People Security (PS) team is responsible for fostering a culture of cyber awareness and resilience to protect the Bank and our clients from cyber threats. It does this through creating campaigns to drive behaviour change amongst a range of populations including employees, executives, high risk roles, third parties and customers.

It drives the design, development, deployment, and enablement of delivery via virtual, instructor-led, and digital campaigns, enabled by global awareness communities of practice, based on employees\xe2\x80\x99 roles and risk types. The team\xe2\x80\x99s remit spans general employee awareness, role-based training, executive engagement, phishing awareness and simulation exercises, communications, external awareness, driving and remediating behaviour change, risk reduction, skills academies, risk culture (ICS) and UX.

Main Purpose of Role:

This role is fundamental in supporting the People Security team in providing targeted, relevant and timely insights and behaviour data points that help identify, measure and reduce human ICS risk (for both Cyber hygiene and Risk Culture (ICS))

Responsibilities*

• Review, improve and maintain the processes for identifying, defining and measuring appropriate secure behaviours across the People Security controls / programmes and key controls at a group, region, country and business function level.
• Ensure the identified and defined secure behaviours address the People Security-applicable threat scenarios.
• Liaise with key business stakeholders to ensure regular reporting and active communication of data/insights/results, modifying/maturing metrics as needed. Explore visualisation tools for easy reporting, and leaderboards.
• Liaise with ICS operations/metrics stakeholders to ensure alignment with other metrics/reporting forums eg: BRAM, MT, country scorecards
• Lead the Risk Culture (ICS) People Squad to develop targeted support processes that help improve ICS behaviours and drive sustainable behavioural change eg: rewarding good behaviour, consequence management for non-compliance
• Support, and demonstrate alignment to, the Bank\xe2\x80\x99s broader culture / risk culture work through the alignment of ICS culture behaviours with the ERMF/Valued behaviours.
• Support the upskilling of colleagues in Behavioural insights and act as the lead Behavioural Insights SME.
• As SME, present on MT meetings/forums/committees as needed to promote the behavioural insights programme, canvass support.
• Establish strong relationships with colleagues in first and second line. This includes the Chief Information Security Officers (CISOs), HR, Employee Relations and vendor relationships.

Key stakeholders*

• ICS Product Owners including the People Security non-ICS Team Leads working in Data & Privacy and Resilience
• Group CISO Management Team
• ICS Operations team (metrics, reporting)
• Transformation, Technology and Operations (TTO) Threat Intelligence, Cyber Security Services and Cyber Defence Centre teams
• CISRO Policy, Risk (Risk Framework Owner (RFO)), Assurance and Governance Teams
• Group CISO key risk stakeholders
• Corporate Affairs

*

Training, licenses, memberships and certifications

• A Degree or postgraduate degree in a related field such as Psychology / Behavioural Science preferred
• 5-7 years of practical industry experience and an excellent track record in applying Behavioural Science and/or human behaviour change principles (Education, Awareness, Engagement and training)
• Someone who is passionate about behaviour change, culture, adult learning principles and \xe2\x80\x93 preferably, the human aspect of cyber security risk.
• An advocate of measuring and driving real behaviour change over \xe2\x80\x9ccompliance as a strategy\xe2\x80\x9d. Someone who can join the dots between theory and real-world application of behaviour change/adult learning principles - and make it live for business stakeholders/risk managers
• Practical experience in identifying, defining, communicating and measuring secure behaviours to address gaps (preferably in relation to cyber threats and behaviours that mitigate cyber hygiene and risk culture risks)
• Experience in designing/deploying visual and impactful reporting methods to tell your \xe2\x80\x9cinsights story\xe2\x80\x9d to business stakeholders
• Good level of understanding of information and cyber security risk, cyber security policies/standards, cyber culture, cyber risk reporting, risk frameworks such as NIST and how they relate to human-centric security awareness
• Understanding of IT and cyber security business processes, risks, threats and internal controls
• Experience working in or with the financial services industry, or an ICS policy organisation in another industry, with keen understanding of a heavy regulatory driven environment
• Proven experience of driving down risk through company-wide behavioural related programmes
• Comfortable with technical jargon and proven ability to translate complex policies and technical requirements into plain English and clear call to actions for non-technical people

ROLE SPECIFIC TECHNICAL SKILLS AND COMPETENCIES AND PROFICIENCY LEVELS*

• Technical Competency Name: Proficiency Levels
• Cyber Security Core
• Data Privacy Entry
• Written Communication Advanced
• Effective Communications Advanced
• Communicating Complex Concepts Advanced
• Effectiveness Measurement Advanced
• Operational Risk Core
• Process Management Advanced
• Stakeholder Management Advanced

About Standard Chartered

We\'re an international bank, nimble enough to act, big enough for impact. For more than 160 years, we\'ve worked to make a positive difference for our clients, communities, and each other. We question the status quo, love a challenge and enjoy finding new opportunities to grow and do better than before. If you\'re looking for a career with purpose and you want to work for a bank making a difference, we want to hear from you. You can count on us to celebrate your unique talents. And we can\'t wait to see the talents you can bring us.

Our purpose, to drive commerce and prosperity through our unique diversity, together with our brand promise, to be here for good are achieved by how we each live our valued behaviours. When you work with us, you\'ll see how we value difference and advocate inclusion. Together we:

• Do the right thing and are assertive, challenge one another, and live with integrity, while putting the client at the heart of what we do
• Never settle, continuously striving to improve and innovate, keeping things simple and learning from doing well, and not so well
• Be better together, we can be ourselves, be inclusive, see more good in others, and work collectively to build for the long term

In line with our Fair Pay Charter, we offer a competitive salary and benefits to support your mental, physical, financial and social wellbeing.

• Core bank funding for retirement savings, medical and life insurance, with flexible and voluntary benefits available in some locations
• Time-off including annual, parental/maternity (20 weeks), sabbatical (12 weeks maximum) and volunteering leave (3 days), along with with minimum global standards for annual and public holiday, which is combined to 30 days minimum
• Flexible working options based around home and office locations, with flexible working patterns
• Proactive wellbeing support through Unmind, a market-leading digital wellbeing platform, development courses for resilience and other human skills, global Employee Assistance Programme, sick leave, mental health first-aiders and all sorts of self-help toolkits
• A continuous learning culture to support your growth, with opportunities to reskill and upskill and access to physical, virtual and digital learning
• Being part of an inclusive and values driven organisation, one that embraces and celebrates our unique diversity, across our teams, business functions and geographies - everyone feels respected and can realise their full potential.
• Recruitment assessments - some of our roles use assessments to help us understand how suitable you are for the role you\'ve applied to. If you are invited to take an assessment, this is great news. It means your application has progressed to an important stage of our recruitment process.

Visit our careers website

Standard Chartered