Senior Manager, Cyber Training %26 Awareness

Senior Manager, Cyber Training %26 Awareness

Standard Chartered
5-8 years
Not Specified

Job Description


About Standard Chartered
We are a leading international bank focused on helping people and companies prosper across Asia, Africa and the Middle East.
To us, good performance is about much more than turning a profit. It's about showing how you embody our valued behaviours - do the right thing, better together and never settle - as well as our brand promise, Here for good.
We're committed to promoting equality in the workplace and creating an inclusive and flexible culture - one where everyone can realise their full potential and make a positive contribution to our organisation. This in turn helps us to provide better support to our broad client base.
The Role Responsibilities
Make an impact every day with Trust, Data and Resilience (TDR)
Our TDR team sits within the Group Operations function and is responsible for mission-critical areas including cyber, information, data, privacy and resilience. These are challenges that impact our clients globally. Our TDR team develops the platforms, drives the processes and builds partnerships to benefit millions of people every day. The team thrives in providing solutions to complex issues, devote time and energy to designing new and innovative solutions, and all in an environment that demands being risk-aware, not risk-averse. TDR chooses progress over perfection and aims to always participate with a constructive purpose. The team makes an impact wherever they are based, be it in our offices around the world, our Global Business Solution centres in China, India, Malaysia and Poland, or even from our home.
Now you have an opportunity to make a meaningful impact with a diverse and passionate team of creators, innovators and achievers. With us, you&rsquoll learn, be inspired, and make an impact every day. The success of our work hinges on how we use the unique diversity of our people to realise the effects we seek to achieve: Always on. Always safe. Always Simple.
TDR Training and Awareness

  • The TDR Training and Awareness (T&A) team is responsible for fostering a data-ready, security-aware and resilient culture that protects the Bank and our clients from data breaches. It does this through creating risk-based, targeted campaigns for ICS, Data and Privacy, Resilience and 3rd Party Risk, to drive behaviour change amongst employees, executives, high risk roles, third parties and customers.

  • The ultimate goal of the T&A team is to reduce and manage the risk of a breach of Confidentiality, Integrity and Availability of the Bank&rsquos information assets to within the Bank&rsquos risk appetite.

  • The team achieves this goal through driving the design, development, deployment and enablement of delivery via virtual, instructor-led, and digital campaigns, enabled by global awareness communities of practice, based on employees&rsquo roles and risk types. Their remit spans general employee awareness, role-based training, executive engagement, phishing awareness and simulation exercises, field enablement, communications, assessing and remediating behaviour change, T&A risk reporting, operations and strategy, as well as TDR Skills Academies and Outreach..

  • We are looking for a seasoned cyber security training and awareness professional who enjoys creating engaging and effective campaigns for all audiences, general and targeted, and has a deep understanding of the intricacies of human behaviour and habits that drive behavioural change.


Main Purpose of Role:

  • The Cyber Training and Awareness Senior Manager will design, develop and ensure delivery of campaigns and learning materials for Bank employees, targeted high risk roles, and customers. This includes managing our Bank-wide cyber fundamentals e-learning module, as well as wider campaigns and training activities.

  • The successful candidate will be responsible for strategy and creative concepts, drafting of key campaigns, messages and communications, and working with the T&A Deploy and Deliver Team to ensure the successful deployment and delivery of campaigns through our Communities of Practice and Heads of ICS

  • They will use insights from our Voice of the Customer surveys, Go-To-Market reports and Threat Intelligence data to ensure the key threats and risks are remediated, and appropriately tracked and reported.

  • This role will ensure that all campaigns align with our adult learning and go to market principles. They should be compatible and appropriate for all countries across our global footprint and consider how different communities absorb knowledge and cultural sensitivities.

  • She/he will ensure compliance with the latest policy and standards, as well as liaising with the TDR T&A Operations and Reporting team, and TDR Threat Intelligence Team to identify and address emerging threats in a storytelling approach to help our employees understand, recall and behave securely in their day-to-day lives.

  • The Cyber Training and Awareness Senior Manager will be an ambassador for the Trust, Data & Resilience Team and a credible and engaging presenter, able to talk confidently internally and externally on ICS culture and awareness. They must be able to convey technical information in a non-technical way.

  • This role will appeal to someone who has proven expertise in creating engaging, gamified and innovative content, and who is passionate about human behaviour and nudge theory. They will have hands on experience in designing threat-based awareness programmes, in line with industry frameworks, that directly drive down the human aspect of ICS risk. Preference will be given to an individual who can engage with audiences at all levels, and roll their sleeves up and deliver on the ground training and awareness activities with our Communities of Practice and Heads of ICS.


Key responsibilities:
Bank-wide Campaigns&ndash 40% of the role (may flex as needed)

  • Design and develop ICS campaigns to mitigate threat scenarios applicable to training and awareness as a key NIST control, by building awareness and developing secure behaviors across employees, contractors, 3rd party providers, customers and high-risk roles.

  • Collaborate with the T&A team and key business stakeholders (eg: Heads of ICS, Head, GTM, T&A Operations and Reporting, Threat Intelligence, and the Cyber Defence Centre) to form and develop the required messaging based on the risks and behaviour gaps.

  • Develop creative concepts and storylines that will effectively deliver the required messaging aligned with our Go-To-Market and adult learning principles.

  • Work with country translation teams to ensure the mandatory Bank-wide cyber e-learning fundamentals module is fit for purpose as factors in cultural nuances around the globe.

  • Work with 3rd party agencies to build on the team&rsquos creative concepts to deliver impactful campaigns. This includes briefing agencies and managing them towards successful campaign delivery, including reviews and debriefs.

  • Partner with key business stakeholders to drive the delivery of employee, contractor, 3rd party providers and customer awareness either via sc.com or training and awareness materials.

  • Work with the Head, GTM, Deploy and Deliver and Operations and Reporting teams to track campaign reach, frequency, behaviour change and programme effectiveness. Use data as inputs to campaign planning cycle.


High Risk Roles (HRR) / Targeted Training&ndash 40% of the role (flex as required)

  • Partner with T&A team and key stakeholders (eg: Heads of ICS, T&A Operations and Reporting, Threat Intelligence, and the Cyber Defence Centre) to form and develop the required messaging based on risks and behaviour gaps.

  • Design and develop learning materials such as e-learning modules, videos, comms, and instructor-led training sessions to help raise awareness of ICS and related risks (eg: Data and Privacy, Operational Resilience, Third Party) among the Bank&rsquos targeted audiences and high risk roles. This includes, but is not limited to, People Leaders, Board/MT members, repeat clickers, new joiners and other roles as defined in the end to end awareness process.

  • Ensure all targeted campaigns and content address emerging threats and remediate gaps identified by regulatory, audit and, control testing activities&rsquo while meeting the business needs .

  • Collaborate with T&A Deploy and Deliver team, People Capability and Learning Operations teams to ensure the successful deployment and delivery of targeted training content.

  • Track and manage the deployment and delivery of the campaigns, identifying blockers and impediments to enable early intervention and to meet targets.

  • Work with the Head, GTM and Operations and Reporting team to track reach, frequency, behaviour change and programme effectiveness, and use data as inputs to campaign planning cycle.


Policy, risk, reporting, regulatory management &ndash 20% of the role (flex as required)

  • Partner with Head, GTM and Head, Operations and Reporting to conduct periodic reviews of the ICS Policy, Training & Awareness Standard, all ICS domain Standards, identified threat scenarios to identify the desired secure behaviours needed to reduce the risk of human related incidents.

  • Ensure that awareness, training and targeted training campaigns are &ldquodesign&rdquo and &ldquooperationally&rdquo effective in developing the desired behaviours

  • Work and liaise with Operations and Reporting team / 2nd Line teams to test the training and awareness risk controls, demonstrating that the awareness, training and targeted training programmes are effective in reducing the risk of a human related incidents.

  • Fulfil relevant regulatory requests for information within the stipulated time (as requested by T&A Operations and Reporting team).


The role should also collaborate with other Training and Awareness leads (Data and Privacy, Automation, Third Party, Resilience, Skills Academies, Outreach and Community Engagement leads ) and awareness communities of practice to leverage materials, share best practices and collaborate on joint initiatives.
Regulatory & Business Conduct

  • Display exemplary conduct and live by the Group&rsquos Values and Code of Conduct.

  • Take personal responsibility for embedding the highest standards of ethics, including regulatory and business conduct, across Standard Chartered Bank. This includes understanding and ensuring compliance with, in letter and spirit, all applicable laws, regulations, guidelines and the Group Code of Conduct.

  • Effectively and collaboratively identify, escalate, mitigate and resolve risk, conduct and compliance matters.

  • Manage and respond to requests for information (RFIs) from industry regulators in a timely manner.


Key Stakeholders

  • TDR Training & Awareness Team

  • Group Learning and People Capability teams

  • Heads of ICS (country, region, group, business and functions)

  • Global Head, TDR Training & Awareness

  • Group CISO and Global Head, Trust Data and Resilience

  • Trust, Data and Resilience Communications and Engagement team and TDR Comms Council

  • Country language translation teams

  • Business and Functions Strategic Communications Partners

  • ICS teams across 1st and 2nd line

  • Threat Intelligence Team

  • Policy & Governance Team

  • Cyber Defence Centre


Our Ideal Candidate

  • Minimum 5 years&rsquo relevant working experience in designing and delivering awareness or employee engagement/behaviour change programmes. Preference for ICS training and awareness experience

  • An experienced learning and development practitioner, with the ability to design and develop advanced adult learning tactics that drive measurable behaviour change

  • Good experience in internal/external communications, marketing, cross-cultural communications, training/development. Multinational corporation experience is a plus.

  • Proven ability in creating leading-edge learning content, communications, training and awareness materials for employees and customers alike

  • Experience of working in a regulated environment, where good operational governance is essential.

  • A competent level of user-oriented understanding of data and privacy, information technology and cyber security.

  • Experience in using storytelling, analogies and mature learning techniques to bring to life the &ldquoso what&rdquo of Bank policies and risks, with clear calls to action, and translating jargon into simple-to-understand learning for non-technical audiences

  • Strong stakeholder management skills

  • Good project management skills

  • Impeccable communications skills, impeccable business writing and verbal skills

  • Competent and comfortable with a very dynamic and demanding environment

  • A Degree in Communications, Mass Communications, Marketing Communications or related field preferred. Extended years of advanced marketing / training experience may be considered in lieu.


Apply now to join the Bank for those with big career ambitions.
To view information on our benefits including our flexible working please visit our . We welcome conversations on flexible working.

Job Details

Job Source : scb.taleo.net

Similar Jobs

Career Advice to Find Better