Job Description

Role Responsibilities

• Identify, Assess, and monitor FM ICS risk based on Financial Market risk
• Drive appropriate coverage of FM risks and regulatory obligations into control framework
• Trusted advisor to FM businesses on evolving threat, industry trends and regulatory environment
• Escalate material gaps in risks coverage identified to NFRCs and/or CCIBRC as appropriate
• Work with Process Owners to ensure suitable incident management, response and recovery processes are in place

Introduction

Standard Chartered Bank is headquartered in London with operations in 50+ with two primary businesses:

• Commercial, Corporate and Investment Banking (\xe2\x80\x9cCCIB\xe2\x80\x9d)
• Consumer, Private and Business Banking (\xe2\x80\x9cCPBB\xe2\x80\x9d)

The CCIB business incorporates the Transaction Banking, Financial Markets, Security Services and Client Coverage businesses. The business has ambitious digitisation agenda and is looking to transform its businesses to be digital native organisation.

Banks are built on trust from the key stakeholder groups:

• Clients: trust that they will safeguard client assets (money, securities and commercial data).
• Governments & regulators: trust that they will provide capital for economies and businesses.
• Shareholders: trust they will provide a better return on capital than other banks.
• Communities: trust they will uphold their human rights build and uphold financial inclusion.

Trust is built on security:

• Identification of the priority business risks that are integrated into business strategy and decision making.
• Delivering best practice cybersecurity solutions and protecting data and privacy
• Threat-led approach ensure a security posture that mitigates the priority business risks
• Deliver efficiencies, continuous improvement, maximise risk reduction, resilience, policy and regulatory compliance.

The CCIB Information & Cyber Security Office is made up of thought leaders, who are accountable for the provision of a risk advisory services to continuously improve CCIB\xe2\x80\x99s security posture against the evolving cyber security landscape.

Role

Purpose:

• Trusted advisor for business stakeholders for risk identification, assessment and treatment.
• Drive maturity of decision making to incorporate information security and cyber within strategic management and design forums.
• Enable improved Information Security & Cyber knowledge and awareness to enable business leaders to understand the evolving threat and investment trade-offs.

Strategy

• Curate strategic design and integration of risk management across FM businesses

• Provide thought leadership, research and report on current organisation exposure to vulnerabilities and emerging threats through periodic management briefings and bulletins and working closely with relevant teams to implement short-gap remediation activities and compensating controls to reduce risk while identified vulnerabilities are being addressed.
• Build shared understanding of risk-based prioritisation of risk investment / activities across FM with 1st / 2nd lines of defence (LOD)
• To maintain an expert knowledge within the team of industry trends in relation to business requirements and direction to the Group.
• Support the continuous improvement through process re-engineering, technology transformation, integration and exploitation to deliver optimised yet robust services to mitigate threats.
• Integrate risk plans into all FM business / Client Journey strategic Enterprise Risk Management plans

Processes

• Either through leveraging Quarterly/Monthly Performance Review meetings or through the establishment of relevant 1st / 2nd LOD working groups agree, co-ordinate and oversee FM business risk mitigation plans to completion
• Collaborate with the control service providers to deliver adoption plans and services that inspire admiration - not desperation.
• Instil 90-day backlog discipline into all risk investment / activity to ensure it is appropriately prioritised against other risk and business investments / activities
• Provide check and challenge on RFO and Business risk plans and deliverables; advise on gaps in coverage for risks and regulatory obligations, with recommendation on how to address these; highlight risk activities that are not aligned to risk or their cost of control
• Support FM businesses / client journeys in cataloguing all Technology Risk controls & activities (current and planned) along with their MCE and impact on residual risk
• Institute agile risk management into ways of working e.g. handling of risk identification, incident reviews, etc

People and Talent

• Lead through example and build the appropriate culture and values. Set the appropriate tone and expectations for the team and work in collaboration with risk and control partners
• Employ, engage and retain high quality people and establish an appropriate team structure and capacity plans
• Set and monitor job descriptions and objectives for direct reports and provide feedback and recognition in line with their performance against those responsibilities and objectives

Risk Management

• Drive appropriate coverage of FM risks and regulatory obligations into control framework
• Advise businesses on evolving threat, industry trends and regulatory environment
• Escalate material gaps in risks coverage identified to NFRCs and/or CCIBRC as appropriate
• Work with Process Owners to ensure suitable incident management, response and recovery processes are in place
• Promote socialisation of lessons learnt across FM

Governance

• Maintain oversight of Risk Treatment actions, Root Cause Reviews and other remediation activities across TB-Cash
• Produce quarterly update to FM Refinement meeting on plan and execution progress

Regulatory & Business Conduct

• Liaise with Internal Audit / Regulators as required
• Display exemplary conduct and live by the Group\xe2\x80\x99s Values and Code of Conduct
• Effectively and collaboratively identify, escalate, mitigate and resolve risk, conduct and compliance matters

Key stakeholders

• FM COO
• CIO FM
• Operational Risk FM
• CISRO FM
• Control Security Services MT
• Security Technology Services MT
• FM Business Control & Governance Leads
• Internal / external audit
• SCB Clients

Our Ideal Candidate

Qualifications

• Bachelor\xe2\x80\x99s Degree in engineering, Computer Science/Information Technology or its equivalent; and Industry certifications will be a plus e.g. CISSP, CISM, CRISC, SANS GIAC, GPEN, OCSP, CREST certifications

Role Specific Competencies

• Risk Management Frameworks
• Deep understanding of Threats and their interplay with FM business
• Financial Market or Capital Market understanding
• Communication
• Manage Change
• Solve Problems
• Spot Opportunities

About Standard Chartered

We\'re an international bank, nimble enough to act, big enough for impact. For more than 160 years, we\'ve worked to make a positive difference for our clients, communities, and each other. We question the status quo, love a challenge and enjoy finding new opportunities to grow and do better than before. If you\'re looking for a career with purpose and you want to work for a bank making a difference, we want to hear from you. You can count on us to celebrate your unique talents. And we can\'t wait to see the talents you can bring us.

Our purpose, to drive commerce and prosperity through our unique diversity, together with our brand promise, to be here for good are achieved by how we each live our valued behaviours. When you work with us, you\'ll see how we value difference and advocate inclusion. Together we:

• Do the right thing and are assertive, challenge one another, and live with integrity, while putting the client at the heart of what we do
• Never settle, continuously striving to improve and innovate, keeping things simple and learning from doing well, and not so well
• Be better together, we can be ourselves, be inclusive, see more good in others, and work collectively to build for the long term
• In line with our Fair Pay Charter, we offer a competitive salary and benefits to support your mental, physical, financial and social wellbeing.
• Core bank funding for retirement savings, medical and life insurance, with flexible and voluntary benefits available in some locations
• Time-off including annual, parental/maternity (20 weeks), sabbatical (12 weeks maximum) and volunteering leave (3 days), along with with minimum global standards for annual and public holiday, which is combined to 30 days minimum
• Flexible working options based around home and office locations, with flexible working patterns
• Proactive wellbeing support through Unmind, a market-leading digital wellbeing platform, development courses for resilience and other human skills, global Employee Assistance Programme, sick leave, mental health first-aiders and all sorts of self-help toolkits
• A continuous learning culture to support your growth, with opportunities to reskill and upskill and access to physical, virtual and digital learning
• Being part of an inclusive and values driven organisation, one that embraces and celebrates our unique diversity, across our teams, business functions and geographies - everyone feels respected and can realise their full potential.
• Recruitment assessments - some of our roles use assessments to help us understand how suitable you are for the role you\'ve applied to. If you are invited to take an assessment, this is great news. It means your application has progressed to an important stage of our recruitment process.

Visit our careers website www.sc.com/careers

Standard Chartered