Information Security Risk Manager at Standard Chartered Bank

The Role:

We are seeking an information and cyber security risk specialist to deliver a range of activities associated with the discharging of CISRO second line responsibilities. These roles will support the Information Security Risk Officers team within the CISRO and play a direct active part in the oversight of effective information and cyber security risk management across the bank. This role will have considerable engagement with all business units, risk committees, and other stakeholders across the bank. The role holder will report directly to the Regional ISRO Head, Africa & Middle East. The successful candidate will be expected to lead and deliver a range of complex activities in the following fields:
Risk Management:

• Support the ISRO team in the rollout of the RTF from a 2nd line perspective.
• Support the reporting of ICS to regional 1st line teams.
• Raise visibility of ICS weaknesses in order to drive ICS improvements and uplift.
• Create risk mitigation plans calling out where these are ineffective or insufficiently followed.

Regulatory Management:

• Maintain a full view of ICS regulatory requirements via the Obligations Register.
• Highlight gaps or control weaknesses against regulations.

Controls Testing:

• Participate in ICS controls testing and thematic reviews as required by the ISRO team.

Governance:

• Lead the preparation of materials for Region's NFRCs using the material centrally produced by the CISRO Governance team.
• Ensure consistency of reporting and production of high quality documentation and materials.
• Brief presenters on the report content highlighting any risks/issues.

Regulatory and Business Conduct:

• Display exemplary conduct and live by the Group's Values and Code of Conduct.
• Take personal responsibility for embedding the highest standards of ethics, including regulatory and business conduct, across Standard Chartered Bank. This includes understanding and ensuring compliance with, in letter and spirit, all applicable laws, regulations, guidelines and the Group Code of Conduct.
• Effectively and collaboratively identify, escalate, mitigate and resolve risk, conduct and compliance matters.

Key Stakeholders:

• ISRO teams
• CISRO Governance, Policy and Risk team
• STS team
• Testing and Assurance team
• Education and Awareness team
• Cyber Partnerships and Government Strategy
• Identified business stakeholders in country and the regional stakeholders

Experience & Qualifications

• Proven Information and Cyber Security experience and expertise
• Cyber Security certifications such as CISM, CISSP, CISA or equivalent
• Recognized academic qualification in Information and Cyber Security or Technology or equivalent
• Preferable to have Cyber security audit experience in performing regulatory submissions and evidence validation
• Able to understand the Banking businesses, markets and operations of Standard Chartered Bank and the policies, procedures and processes through which information and cyber security risks are addressed throughout the Group
• Proven ability to respond to complex challenges and deliver practical Cyber security proposals and direction which reflect a balanced view of the operation of the bank
• Ability to both assess priorities and to focus on work in a structured fashion which delivers results
• Strong integrity, independence and resilience