(ml)associate Director Ics Risk & Control

Bukit Jalil, Kuala Lumpur, Malaysia

Job Description


About Standard Chartered

We\'re an international bank, nimble enough to act, big enough for impact. For more than 160 years, we\'ve worked to make a positive difference for our clients, communities, and each other. We question the status quo, love a challenge and enjoy finding new opportunities to grow and do better than before. If you\'re looking for a career with purpose and you want to work for a bank making a difference, we want to hear from you. You can count on us to celebrate your unique talents. And we can\'t wait to see the talents you can bring us.

Our purpose, to drive commerce and prosperity through our unique diversity, together with our brand promise, to be here for good are achieved by how we each live our valued behaviours. When you work with us, you\'ll see how we value difference and advocate inclusion. Together we:

  • Do the right thing and are assertive, challenge one another, and live with integrity, while putting the client at the heart of what we do
  • Never settle, continuously striving to improve and innovate, keeping things simple and learning from doing well, and not so well
  • Be better together, we can be ourselves, be inclusive, see more good in others, and work collectively to build for the long term
In line with our Fair Pay Charter, we offer a competitive salary and benefits to support your mental, physical, financial and social wellbeing.
  • Core bank funding for retirement savings, medical and life insurance, with flexible and voluntary benefits available in some locations
  • Time-off including annual, parental/maternity (20 weeks), sabbatical (12 weeks maximum) and volunteering leave (3 days), along with with minimum global standards for annual and public holiday, which is combined to 30 days minimum
  • Flexible working options based around home and office locations, with flexible working patterns
  • Proactive wellbeing support through Unmind, a market-leading digital wellbeing platform, development courses for resilience and other human skills, global Employee Assistance Programme, sick leave, mental health first-aiders and all sorts of self-help toolkits
  • A continuous learning culture to support your growth, with opportunities to reskill and upskill and access to physical, virtual and digital learning
  • Being part of an inclusive and values driven organisation, one that embraces and celebrates our unique diversity, across our teams, business functions and geographies - everyone feels respected and can realise their full potential.
Recruitment assessments - some of our roles use assessments to help us understand how suitable you are for the role you\'ve applied to. If you are invited to take an assessment, this is great news. It means your application has progressed to an important stage of our recruitment process.

Role Responsibilities

Strategy
  • To evaluate overall ICS risk, maintain an active view, and report on the actual, mitigated and residual risk in the Security Technology Services Organization.
  • Maintaining an active view of the Risk profile, will include conducting periodic assurance checks on Control Design and control Operating effectiveness and including this as part of the Residual Risk profile for each process.
Business
  • Achieving assigned full year objectives as per annual P3 document.
Processes
  • Risk Identification, Assessment and Evaluation
  • Identify, assess and evaluate risk to enable the execution of the enterprise risk management strategy.
  • Collect information and review documentation to ensure that risk scenarios are identified and evaluated.
  • Identify potential threats and vulnerabilities for Information Security and technology processes, associated data and supporting capabilities to assist in the evaluation of risk.
  • Assemble risk scenarios to estimate the likelihood and impact of significant events to the organization.
  • Correlate identified risk scenarios to relevant technology processes to assist in identifying risk ownership.
Risk Monitoring
  • Monitor risk and communicate information to the relevant stakeholders to ensure the continued effectiveness of the risk management strategy.
  • Collect and validate data that measure control monitors (KCIs / CSTs and KRIs) to monitor and communicate their status to relevant stakeholders.
  • Facilitate independent risk assessments and risk management process reviews to ensure they are performed efficiently and effectively.
Information Systems Control Design and Implementation
  • Design information systems controls in consultation with process owners to ensure alignment with process inputs and outputs.
  • Facilitate the identification of resources (e.g. people, infrastructure, information, architecture) required to implement and operate information systems controls at an optimal level.
  • Monitor the information systems control design and implementation process to ensure that it is implemented effectively and within time, budget and scope.
  • Provide progress reports on the implementation of information systems controls to inform stakeholders and to ensure that deviations are promptly addressed.
  • Test information systems controls to verify effectiveness and efficiency prior to implementation.
Information Systems Control Monitoring and Maintenance
  • Monitor and maintain information systems controls to ensure they function effectively and efficiently.
People and Talent
  • Build a transparent and collaborative culture with stakeholders to provide a broad view of risk profile of the respective domain.
  • To work in partnership with Service team, 2LOD, GIA, regulatory SPOC to address all risk mitigation requirement.
  • Continuously enhance the risk management and stakeholder management skillsets.
Risk Management
  • Monitor all major risk issues and concentrations. Where appropriate, direct remedial action and/or ensure adequate reporting to Risk Committees.
Governance
  • Promote an environment where compliance with ICS requirements is adhered and meet regulatory requirement is a central priority of the service.
Regulatory & Business Conduct
  • Display exemplary conduct and live by the Group\xe2\x80\x99s Values and Code of Conduct.
  • Take personal responsibility for embedding the highest standards of ethics, including regulatory and business conduct, across Standard Chartered Bank. This includes understanding and ensuring compliance with, in letter and spirit, all applicable laws, regulations, guidelines and the Group Code of Conduct.
  • Lead the STS Authentication Services Risk and Control to achieve the outcomes set out in the Bank\xe2\x80\x99s Conduct Principles: [Fair Outcomes for Clients; Effective Financial Markets; Financial Crime Compliance; The Right Environment].
  • Effectively and collaboratively identify, escalate, mitigate and resolve risk, conduct and compliance matters.
Key Stakeholders
  • STS \xe2\x80\x93 Authentication Services.
Our Ideal Candidate
  • Information and Cyber Security Risk Management: at least 10+ years work experience in Information & Cyber Security and technology risk.
  • The candidate should be well versed with core Information and Cyber Security processes like PKI and Digital Certificate Life Cycle Management, Identity & Access, Security Monitoring, Vulnerability Management, Network Security, Data Security.
  • Has experience in practical application of audit methodology, conducting Risk reviews, Threat assessment.
  • Possess good understanding of Risk Management Frameworks, Risk Assessment methodologies.
  • Have good understanding of Information Systems controls and control design.
  • Relevant technical qualifications such as CRISC, CISM, CISA, CISSP, etc.
  • Good knowledge on NIST and other relevant industry frameworks on Cyber Security.
  • Information and Cyber risk must be managed in the context of various other risks, opportunities and challenges facing the organization.
Visit our careers website

Standard Chartered

Beware of fraud agents! do not pay money to get a job

MNCJobz.com will not be responsible for any payment made to a third-party. All Terms of Use are applicable.


Related Jobs

Job Detail

  • Job Id
    JD926172
  • Industry
    Not mentioned
  • Total Positions
    1
  • Job Type:
    Full Time
  • Salary:
    Not mentioned
  • Employment Status
    Permanent
  • Job Location
    Bukit Jalil, Kuala Lumpur, Malaysia
  • Education
    Not mentioned