Senior Manager, ICS Control Framework

Senior Manager, ICS Control Framework

Standard Chartered
Malaysia
Not Specified
Not Specified

Job Description


About Standard Chartered 
We are a leading international bank focused on helping people and companies prosper across Asia, Africa and the Middle East.  
To us, good performance is about much more than turning a profit.  It%27s about showing how you embody our valued behaviours - do the right thing, better together and never settle - as well as our brand promise, Here for good. 
We%27re committed to promoting equality in the workplace and creating an inclusive and flexible culture - one where everyone can realise their full potential and make a positive contribution to our organisation. This in turn helps us to provide better support to our broad client base.


Job Purpose:

  • The purpose of this role is to provide risk / control framework subject matter expertise for the control framework design and implementation, as part of Information and Cyber Security (ICS) Transformation Remediation Programme (TRP), across Standard Chartered Bank. The framework will incorporate the newly established ICS Risk Type Framework and the bank wider Operational Risk Framework.  The role will need to manage / support the assessment of the current framework, design of the changes required, and delivery of these changes across the Bank.
  • Establishing the new framework and culture within Standard Chartered Bank (SCB) will cover all client segments (Retail Bank, Private Bank, Commercial and Global Banking) and products (Financial Markets, Transaction Banking, Wealth Management, Corporate Finance).
  • The ICS TRP brings together all material ICS investment activities. The portfolio will prioritize ICS investments to maximise risk reduction and capability improvement, while meeting compliance and legal obligations and minimising client impact. The portfolio provides a single end-to-end view of investment activities with regular tracking and reporting.
  • Information and Cyber Security risk has recently been established as a Principal Risk Type within the Enterprise Risk Management Framework. The new ICS Risk Type Framework (RTF) seeks to bring consistency in approach and introduce operational structure to the identification and mitigation of ICS risks. The RTF is based upon core best practice methods of ICS risk management including NIST.

The Responsibilities include to:
Control Framework:
  • Provide subject matter expertise for the design process, control standards and to enable the establishment of a clear business, function and risk framework.
  • Provide clear communication of principles and concepts that are required to ensure successful adoption of the framework within the businesses and functions.
  • Provide solution mind-set to the strategic design and review of project deliverables as they relate to the control and risk framework to ensure the target operating model and infrastructure is best in class. Ensure that the approach taken recognises the context and objectives.
  • Adapt to emerging risks and issues to maximize outcomes. Urgent and timely action for risks and issues which may impair delivery.
  • Support overall project governance to effectively deliver the business benefits aligned to the project governance standards.
  • Support mobilising and gaining commitment for change with the business COO’s.
  • Partner with technology stakeholders to ensure alignment of priorities and timeframes.

Change Management:
  • Manage working groups across domains to progress the framework roll out.
  • Escalate appropriately to ensure Program Head is briefed and necessary decisions are made in a timely manner.
  • Support / manage cross regional governance to ensure efficient knowledge sharing and decision making.
  • Support the Program Head in the delivery of the programme objectives including the preparation of an Implementation Guide, training material, tactical and strategic tools, centralised data provision, reporting capabilities and tracking mechanisms.
  • Deliver against the agreed plan by working with key stakeholders and face off to assigned Business lines, Functions and/or Regions. The plan will incorporate digital footprint discovery, risk assessment and definition and implementation of controls as guided by the ICS RTF and tailored to the relevant areas.
  • Support the project reporting is up to date including project static, RAG status, key milestones, financials, risks, dependencies, issues and resource forecasts. Deliver quality submissions to PgSC.
  • Support and apply the refinement of tools, templates and good practice.

Risk Management:
  • Deliver the assigned project components professionally and efficiently, closely tracking timeline commitments for provision of information and action plans, and for validation of actions taken.

Regulatory and Business Conduct:
  • Display exemplary conduct and live by the Group%27s Values, Valued Behaviours, and Code of Conduct
  • Take personal responsibility for embedding the highest standards of ethics, including regulatory and business conduct, across the Bank.
  • Effectively and collaboratively identify, escalate, mitigate, and resolve risk, conduct and compliance matters.

Key Stakeholders:
  • ICS and Operational Risk / Control SMEs in the Business / Functions / Country teams
  • Group Operational Risk SME’s

  • Group CISRO ICS SME’s

QUALIFICATIONS:
  • Experience in the development and successful roll out of risk frameworks is preferred.

  • CRISC / CISSP / CISM / Cobit 5 / ISO270001

Apply now to join the Bank for those with big career ambitions. 
To view information on our benefits including our flexible working please visit our . We welcome conversations on flexible working.

Similar Jobs

Career Advice to Find Better