About Standard Chartered
We are a leading international bank focused on helping people and companies prosper across Asia, Africa and the Middle East.
To us, good performance is about much more than turning a profit. It's about showing how you embody our valued behaviours - do the right thing, better together and never settle - as well as our brand promise, Here for good.
We're committed to promoting equality in the workplace and creating an inclusive and flexible culture - one where everyone can realise their full potential and make a positive contribution to our organisation.
This in turn helps us to provide better support to our broad client base.
As one of the biggest banks in market, we are rapidly expanding by growing a new virtual banking business in Hong Kong. We see ourselves as a fast growing start-up company where you will enjoy autonomy and teamwork at the same time, solving new and exciting problems in a nimble and agile way.
Join us and be part of history making for future banking experience!
The Role Responsibilities
Provide cyber security leadership and expertise to effectively and efficiently ensure the ongoing confidentiality, integrity, and
availability of systems and information .
Develop Technology & Security Policies, guidelines and procedures across the Technology Department
Provide key input in the delivery and maintenance of the cyber and information security framework, policies, and standards
Define and maintain the security control, strategy and framework
Coordinate steering committee to drive cyber and information security agenda
Implement controls to ensure compliance to internal policies and external regulatory requirements
Provide Cyber Compliance and Governance within the bank
Provide input, cyber risk assessments, cloud security assessments, and evaluation support of cyber security solutions,infrastructure, and projects
Consult on cyber implications of vendor and internally provisioned service integrations to our AWS environments.
Provide leadership and supervision of the internal control environment and escalate key risks to senior management
Ensure third-party risk management is compliance to internal and regulatory expectations
Ensure the internal control environment is safe and sound by way of developing remediation programs and risk treatments
Lead efforts to conduct periodic compliance testing and risk & control self-assessment
Participate in the planning and help drive the evaluation, documentation, and hands-on implementation of key security controls,processes, solutions, and infrastructure in order to prevent and mitigate information security risks
Work collaboratively with key development and IT operations stakeholders to establish and deliver a secure CI / CD pipeline
Identify opportunities to drive service quality, contain costs, improve service delivery, and security by conducting gap assessments and promoting / driving automation initiatives
Engage and collaborate with technology, business, and risk lines to ensure that risk items such as high impact changes are appropriately addressed and maintained in line with the risk management framework and risk appetite
Closely integrate with the business and provide stakeholders with front door cyber engagement and cyber consultative services for new initiatives.
This may cover support with cyber related queries, regulatory, and lines-of-risk control objectives
Coach and mentor security and / or other staff members to allow them to develop their risk and security knowledge to become more rounded Cyber Security and risk professionals
Our Ideal Candidate
10+ Years' experience in technology / IT / security and consulting / advisory related positions, including time spent in IT Governance, Cyber & Technology Risk Management.
You should be able to demonstrate :
Expert IT Governance, Technology Risk Management and Cyber Security knowledge and experience
Deep understanding in regulatory requirements, technology operations, processes and digital banking business
Deep understanding of information & cyber security and in-depth experience in managing internal control environment
Possess strong interpersonal and communication skills and display initiative to lead discussions with operational staff at all levels, business leaders and colleagues
Successful track record of driving Governance, Cyber Risk and Compliance Programs
Sound knowledge of application security, information security, and risk management frameworks, such as OWASP, NIST, ISO / IEC 27001, and ITIL.
Candidates with global regulatory knowledge and good understand of Cloud Controls are preferred.
Excellent written and verbal communication skills, proactive, interpersonal and collaborative skills, and the ability to communicate information security and risk-related concepts to technical and nontechnical audiences at various hierarchical levels, ranging from board members to technical specialists.
Proven track record and experience in developing information security policies and procedures, as well as successfully executing programs that meet the objectives of excellence in a dynamic business environment.
Ability to act calmly and competently in high-pressure, high-stress situations. Must be a critical thinker, with strong problemsolving skills and analytical skills.
The ability to manage multiple projects under strict timelines.
Ability to lead and motivate the information security team to achieve tactical and strategic goals, team player mentality
Apply now to join the Bank for those with big career ambitions.
To view information on our benefits including our flexible working please visit our career pages . We welcome conversations on flexible working.