Job Description

The Role Responsibilities

Standard Chartered (\xe2\x80\x9cSC\xe2\x80\x9d) has prioritised digital transformation and disruption in the strategic objectives.

To support the Business lines with Cyber Security and Resilience, we are establishing a dedicated 1st line Information and Cyber Security (\xe2\x80\x9cICS\xe2\x80\x9d) Centre of Excellence (\xe2\x80\x9cCoE\xe2\x80\x9d). The CoE will improve framework, controls, services, and products and continuously improve cyber security resilience and support the Business via their Heads of ICS.

The global utility will be established as a CoE to maintain sustainable processes for all Business and Function ICS requirements, covering Change and Business as Usual (\xe2\x80\x9cBAU\xe2\x80\x9d) aspects. It will also be pivotal in

• Sharing of best practice across the Business lines to urgently reduce risk
• Facing off to the Business / Function / Regional Head of ICS (\xe2\x80\x9cCISO\xe2\x80\x9d) in support of their agenda across all ICS capabilities and requirements

ICS is a top priority, and this role offers the opportunity to contribute and learn in a fast paced and evolving environment.

This is a new role will report directly AVP, ICS CoE, will support the CISO community to manage the following ICS capabilities:

Regulatory Exam

• Coordinate responses to regulatory exams with CISO
• Interface with all service providers including but not limited to STS, Technology & Innovation (\xe2\x80\x9cT&I\xe2\x80\x9d), Third Party Security Assessment (\xe2\x80\x9cTPSA\xe2\x80\x9d), Resilience, CIO domains to accurately and efficiently complete reports,
• Ensure remedial actions are prioritized into requirements
• Maintain an inventory of regulatory responses from the first line to expedite future responses
• Perform gap analysis between regulatory requirements and current SC control standards
• Agree SLAs with stakeholders and regularly report status, escalate slippages accordingly
• Provide regular status update reporting to all stakeholders off to Regional / Business / Function CISO who are accountable for successful completion by providing regular status reporting
• Comply with the LRM pre-submission review process for ICS regulatory obligation returns
• Maintain a forward-looking timeline of obligations and resource requirements
• Continuously seek to improve the process with stakeholders
• Support delivery of relevant ICS OKRs (including Vital Few) (including Vital Few) and TTO 25 strategy initiatives

Other new / emerging ICS capabilities where applicable

Strategy

• Ensure prioritisation and assisting the CISO community with oversight and remediation
• Identify changes required in terms of additional components, reprioritisation to anticipate and respond to changes emanating from the ICS drivers

Business

• Ensure timely and quality delivery of e2e ICS regulatory commitments (including submission and non-submission),
• Ensure timely remediation of higher risk issues including external regulators and Group Internal Audit through proper visibility and appropriate escalation,
• Responsible for speaking out on emerging risks, issues, blockages, challenges, and trends in the appropriate forums,

Processes

• Driving End-to-End LRM Pre-submissions review,
• Driving Gap Assessment for past regulations (non-submissions),
• Support Regulatory Inspections for countries,
• Scope RFIs and review the quality of response from on-going submissions / Non-submissions for quality review managed by CoE,
• Orchestrate complex organization wide gap assessments emanating from group regulators like Prudential Regulatory Authority, FCA, etc.
• ICS RFI support for Internal & External audits (e.g., Financial Audits)
• Non-Regulatory Assessments, RTPSA,
• Draft regulatory related responses pertaining to ICS attestations like SWIFT, NESA, CRAF, CHAPS, PCI-DSS etc.
• Regularly identify and implement opportunities for efficiency (via A3s) across processes, systems, and infrastructure,
• Ensure standardisation and best practice migration across regions, segments, and functions by working closely with the CISO,

People & Talent

• Working in close collaboration with CISO, risk and control partners across all functions to effectively embed a strong culture of risk awareness and good conduct,
• Improve client centricity through increased delivery velocity,
• Spread and sustain a continuous improvement and innovation culture,

Risk Management

• Mature the Bank\xe2\x80\x99s ability to proactively identify and manage cyber threats through implementation of robust, integrated risk framework (the ICS RTF and Threat Scenario Risk Assessment (TSRA) Standard),
• Support establishing governance to enable \xe2\x80\x9cSecure & Resilient by Design\xe2\x80\x9d solutions, supporting the Group\xe2\x80\x99s cloud first and digital transformation agenda,

Governance

• Become the trusted cybersecurity advisor to Business, Functions, Regions, Countries to directly support the delivery of the Bank\xe2\x80\x99s ICS strategy,

Regulatory & Business Conduct

• Display exemplary conduct and live by the Group\xe2\x80\x99s Values and Code of Conduct.
• Take personal responsibility for embedding the highest standards of ethics, including regulatory and business conduct, across Standard Chartered Bank. This includes understanding and ensuring compliance with, in letter and spirit, all applicable laws, regulations, guidelines and the Group Code of Conduct.
• Lead the Centre of Excellence team to achieve the outcomes set out in the Bank\xe2\x80\x99s Conduct Principles. Fair Outcomes for Clients; Act responsively and within your authority; Comply with laws, regulations, and group standards; Be open and co-operate with regulators; Protect confidential information; Treat colleagues fairly and with respect
• Effectively and collaboratively identify, escalate, mitigate, and resolve risk, conduct and compliance matters.

Key stakeholders

• Regional, Segment and Function CISO; ISRO and CISRO team; GIA, Business & Country Compliance teams; Control owners in ET, CCIB, CSS etc

Other Responsibilities

• Embed Here for good and Group\xe2\x80\x99s brand and values in ICS CoE; Perform other responsibilities assigned under Group, Country, Business or Functional policies and procedures; driving and adapting to change; identifying and implementing efficiencies through the new ways of working, actively participating in A3s.

Our Ideal Candidate

• Someone with proven track record of working on Cyber Security related assessments for various countries, knowledge in Cyber Security and data privacy related concepts and relevant certifications e.g., CISSP, CISM, CISA, CRISC, ISA, PCIP, CIPP etc. will be preferred

Role Specific Technical Competencies

• Process management
• Regulatory environment
• Internal controls
• Risk management
• Interpersonal relationships
• Banking products
• Operational risk
• MS Office Skills
• Stakeholder and team management

About Standard Chartered

We\'re an international bank, nimble enough to act, big enough for impact. For more than 160 years, we\'ve worked to make a positive difference for our clients, communities, and each other. We question the status quo, love a challenge and enjoy finding new opportunities to grow and do better than before. If you\'re looking for a career with purpose and you want to work for a bank making a difference, we want to hear from you. You can count on us to celebrate your unique talents. And we can\'t wait to see the talents you can bring us.
Our purpose, to drive commerce and prosperity through our unique diversity, together with our brand promise, to be here for good are achieved by how we each live our valued behaviours. When you work with us, you\'ll see how we value difference and advocate inclusion. Together we:

• Do the right thing and are assertive, challenge one another, and live with integrity, while putting the client at the heart of what we do
• Never settle, continuously striving to improve and innovate, keeping things simple and learning from doing well, and not so well
• Be better together, we can be ourselves, be inclusive, see more good in others, and work collectively to build for the long term

In line with our Fair Pay Charter, we offer a competitive salary and benefits to support your mental, physical, financial and social wellbeing.

• Core bank funding for retirement savings, medical and life insurance, with flexible and voluntary benefits available in some locations
• Time-off including annual, parental/maternity (20 weeks), sabbatical (12 weeks maximum) and volunteering leave (3 days), along with minimum global standards for annual and public holiday, which is combined to 30 days minimum
• Proactive wellbeing support through Unmind, a market-leading digital wellbeing platform, development courses for resilience and other human skills, global Employee Assistance Programme, sick leave, mental health first-aiders and all sorts of self-help toolkits
• A continuous learning culture to support your growth, with opportunities to reskill and upskill and access to physical, virtual and digital learning
• Being part of an inclusive and values driven organisation, one that embraces and celebrates our unique diversity, across our teams, business functions and geographies - everyone feels respected and can realise their full potential.

Recruitment assessments - some of our roles use assessments to help us understand how suitable you are for the role you\'ve applied to. If you are invited to take an assessment, this is great news. It means your application has progressed to an important stage of our recruitment process.

Visit our careers website

Standard Chartered