About Standard Chartered
We are a leading international bank focused on helping people and companies prosper across Asia, Africa and the Middle East.
To us, good performance is about much more than turning a profit. It's about showing how you embody our valued behaviours - do the right thing, better together and never settle - as well as our brand promise, Here for good.
We're committed to promoting equality in the workplace and creating an inclusive and flexible culture - one where everyone can realise their full potential and make a positive contribution to our organisation. This in turn helps us to provide better support to our broad client base.The Role ResponsibilitiesOverview
Main Purpose of Job
- The Cyber Security Assessment (CSA) is an integral part of Cyber Security Services (CSS) with an aligned goal to protect the Bank from information security threats by delivering effective information security services. As part of CSS, we work effortlessly in ensuring the Bank soundly meets its commitments to internal and external stakeholders and maintains an appropriate cyber security defence posture through our 'Secure by Design' initiatives.
Key Roles & Responsibilities:
- The role is a Global Information security risk management position reporting to CyberSecurity Risk Advisory Portfolio Lead. The role is expected to perform risk assessments of all classes/types of bank&rsquos technology assets.The role require the ability to communicate and build relationships with technology product owners and support teams across geographies.
Qualifications & Skills:
- Evaluate the design and effectiveness of technology controls for applications, infrastructure systems
- Act as security liaison for all key business and IT projects
- Perform risk reviews based on ICS standard requirements.
- Provide advice and support to developers and other relevant support teams in designing and implementing risk mitigation/remediation measures
- Review risks and Identify root causes for common risks and provide recommendations for sustainable improvements
- Review evidences for risk closure and document the evidences
- Perform periodic reviews of controls and assessments to provide assurance
- Report risks and risk summaries accurately to various stakeholders
- Train & mentor junior staffs
- Minimum 10 years experience in Information security, preferably in Banking and Financial services sector
- At least 5 years or more hands-on experience on application/ infrastructure risk assessments
- At least 3 years of experience in implementation or management of security tools/ projects
- Bachelor Degree in Engineering, Computer Science/Information Technology or its equivalent.
Standard Chartered is committed to diversity and inclusion. We believe that a work environment which embraces diversity will enable us to get the best out of the broadest spectrum of people to sustain strong business performance and competitive advantage. By building an inclusive culture, each employee can develop a sense of belonging, and have the opportunity to maximise their personal potential.
- Experience in performing technical audits is a plus
- Hands on experience in working on Risk Assessment and performing Control Assessments
- Knowledge on latest security technologies, Cloud, DevOps, Blockchain,etc is a plus.
- Experience in review of the SDLC process and understanding on application architecture and development concepts.
- Industry certifications viz: CISA, CISSP, CRISC or CISM
- Strong knowledge of security frameworks ( COBIT, ISF) , standards (ISO, NIST, CIS) information security principles and security architecture
- Good knowledge of firewalls, Access Management process and security solutions
- Excellent written, oral communication, stakeholder management and reporting skills
- CIO Delivery teams
- Head of ICS for each business
- Cyber Security domain teams
- 2LOD - CISRO
Apply now to join the Bank for those with big career ambitions.
To view information on our benefits including our flexible working please visit our . We welcome conversations on flexible working.