Security Technology Services (STS) is a critical function within Standard Chartered Bank operating under the overall purview of Enterprise Technology (ET). ET is accountable for enterprise wide infrastructure, data centres, Cloud, network, end-user services (EUS) and security (STS).
The STS team is made up of cyber security thought leaders, who are accountable for the provision of a global set of cyber security services and products to maintain and continuously improve Bank's cyber security posture in today's ever evolving cyber security landscape.
Business
The STS team protect the Bank from cyber security threats by delivering effective information security technology services, managing, and responding to security incidents to ensure, and support the continuity and growth of Bank's business operations; and meet the both internal and external stakeholders' expectations across 70+ countries and territories, in which SCB operates.
STS Operations function is a transversal service with a primary objective of managing operational activities for all STS owned products and services.
This technical SME role is responsible for operational activities (service requests, change requests etc.) of Authentication and PIM function (listed later in the document). This role supports 24x7 BAU operational activities for existing services/technologies and automating routine with a key focus on end-user experience and self-service.
Processes
This role is accountable for ensuring the STS services are adherent to all relevant Group standards, processes, and policies. The criticality of services provided by STS means there is emphasis, diligence and rigor on process adherence and risk management. The performance of STS services is audited and often reported to regulators.
People and Talent
This role is accountable of leading a team of technical people in delivering STS services. The focus on people development and people leadership is a significant part of this role.
Risk Management
This role is responsible for ensuring all Authentication and PIM services adhere to Group Risks Management Standards and all services are audit ready at any given time.
Governance
This role is responsible for ensuring all Authentication and PIM STS services adhere to Group standards and all services are audit ready at any given time.
Regulatory & Business Conduct
Display exemplary conduct and live by the Group's Values and Code of Conduct.
Take personal responsibility for embedding the highest standards of ethics, including regulatory and business conduct, across Standard Chartered Bank. This includes understanding and ensuring compliance with, in letter and spirit, all applicable laws, regulations, guidelines and the Group Code of Conduct.
Help the Authentication and PIM operations team with specific technologies to achieve the outcomes set out in the Bank's Conduct Principles: [Fair Outcomes for Clients; Effective Financial Markets; Financial Crime Compliance; The Right Environment.] *
Effectively and collaboratively identify, escalate, mitigate and resolve risk, conduct and compliance matters.
Key Stakeholders
Architecture, Site Reliability Engineering and Service heads who own the strategy and roadmap for STS
Project teams that deliver new services or improve existing services via projects or initiatives
Infrastructure support teams (servers, databases, networks, etc.)
Service Management team (change management team, major incident management team, support teams locally in countries where we operate, and STS services are consumed)
Application support teams (other application teams that rely on STS services)
Internal Risk Management teams and auditors
Technology and Innovation (CIO Function) team
Other Responsibilities
Accountable for managing the SME team, address the gaps in the process, automate manual tasks and address any failures in the automation or systems supporting it.
Responsible for managing SME tasks for some of the below services:
Identify tasks with repetitive nature and automate wherever feasible
Align and adopt SRE practices in day-to-day operations
Work closely with related teams, viz. platform, infra, SCM on a day to day basis
Able to Provide artefacts from the service when required.
Work closely with business and other stakeholders to deliver their security requirements
Participate in security incident response activities.
Be a subject matter expert within security production support by providing solutions to complex problem statements
Adoption of standard tools and techniques for support management including event monitoring, batch management for routine activities, resiliency, capacity and for other standard core support processes like Incident, Problem and Change
Ensure IT assets of STS are appropriately recorded and recertified; This includes maintaining list of security services, service and support ownership, assets - servers, software and relationship with upstream and downstream systems
Proactive review of production platform related risks or non-compliances like resiliency, capacity, obsolescence, event monitoring and reporting controls, and ensure full risks awareness is in place
Take part in on-boarding newer capabilities/products into production support by reviewing all non-functional requirements, service validation and ensuring compliance to technology delivery assurance
Contribute to product strategy and lifecycle, wherever applicable; Also ensure there are no redundancies of services within STS products and services
Conduct production service level reviews with all key stakeholders with STS
Contribute in security product roadmap and strategy
Support on-boarding of all newer capabilities into STS
Engage with other transversal technology services teams like data centre, database and platform support, ensuring there is adequate awareness of security tools, products and services, its significance to the security ecosystem for the bank
Establish and govern all service reviews with suppliers/vendors providing support services for STS
Plan and manage the financials (budget, forecasts, actuals) for Security Production Support and ensuring the spends do not overrun
Adoption of DevOps and industry standards and practices for Security Production support
Our Ideal Candidate
Qualifications
Technical Skills
Minimum 5 years of deep technical experience in Cybersecurity design, architecture, and operations.
Must have hands on experience in designing, delivering, or managing (operations) in more than one of the following
Should have knowledge of SRE practices and has hands-on experience with managing production as per SRE standards and best-practices.
Good knowledge and understanding on the below.
Understanding on Linux/UNIX basics
Understanding of networking concepts
Working knowledge on Windows OS
Understanding of Information Security concepts
Basic understanding of Web Applications
Have good understanding of ITIL practices and ITSM tools
Has excellent track record in running complex application production / support environment
Has performed production tasks within the SDF/SDLC process
Has supported Problem Management, Change Management and Incident Management functions
Communication and Interpersonal Skills
Ability to organise thoughts and coherently communicate ideas both verbally and in writing
Ability to manage personal emotions and that of the team in stressful circumstances (High EQ)
Self-starter with a strong sense of ownership
Customer driven with the ability to view the service from an end-to-end perspective with objectivity and view to improving the services for end-users (could be other technical teams).
Ability to lead people (not manage) and treat the team with respect and dignity.
Role Specific Competencies
Managing cybersecurity BAU operations
Design and deliver cybersecurity technologies
Automation, SRE and DevOps
About Standard Chartered We're an international bank, nimble enough to act, big enough for impact. For more than 160 years, we've worked to make a positive difference for our clients, communities, and each other. We question the status quo, love a challenge and enjoy finding new opportunities to grow and do better than before. If you're looking for a career with purpose and you want to work for a bank making a difference, we want to hear from you. You can count on us to celebrate your unique talents. And we can't wait to see the talents you can bring us.
Our purpose, to drive commerce and prosperity through our unique diversity, together with our brand promise, to be here for good are achieved by how we each live our valued behaviours. When you work with us, you'll see how we value difference and advocate inclusion. Together we:
Do the right thing and are assertive, challenge one another, and live with integrity, while putting the client at the heart of what we do
Never settle, continuously striving to improve and innovate, keeping things simple and learning from doing well, and not so well
Be better together, we can be ourselves, be inclusive, see more good in others, and work collectively to build for the long term
In line with our Fair Pay Charter, we offer a competitive salary and benefits to support your mental, physical, financial and social wellbeing.
Core bank funding for retirement savings, medical and life insurance, with flexible and voluntary benefits available in some locations
Time-off including annual, parental/maternity (20 weeks), sabbatical (12 weeks maximum) and volunteering leave (3 days), along with with minimum global standards for annual and public holiday, which is combined to 30 days minimum
Flexible working options based around home and office locations, with flexible working patterns
Proactive wellbeing support through Unmind, a market-leading digital wellbeing platform, development courses for resilience and other human skills, global Employee Assistance Programme, sick leave, mental health first-aiders and all sorts of self-help toolkits
A continuous learning culture to support your growth, with opportunities to reskill and upskill and access to physical, virtual and digital learning
Being part of an inclusive and values driven organisation, one that embraces and celebrates our unique diversity, across our teams, business functions and geographies - everyone feels respected and can realise their full potential.
Recruitment assessments - some of our roles use assessments to help us understand how suitable you are for the role you've applied to. If you are invited to take an assessment, this is great news. It means your application has progressed to an important stage of our recruitment process.
Visit our careers website www.sc.com/careers
Beware of fraud agents! do not pay money to get a job
MNCJobz.com will not be responsible for any payment made to a third-party. All Terms of Use are applicable.