Manager, Controls Testing - Kuala Lumpur, Malaysia - Standard Chartered Bank

    Standard Chartered Bank
    Standard Chartered Bank Kuala Lumpur, Malaysia

    1 week ago

    Standard Chartered Bank background
    Full time
    Description

    Role Responsibilities

    To help grow trust with clients and regulators and maximize risk reduction, a Senior Manager of Technology Controls Testing role has been created to execute the testing of key IT controls across the bank's critical IT systems.

    This new team will provide planning, execution, reporting, governance, as well as advocating and imparting lessons and good practice to shape the design and implementation of key IT controls testing across all of the bank's critical IT systems. In addition, determining whether these key controls are operating effectively via an evidence-based testing process.

    Strategy *

  • ·Maintain effective relationships with stakeholders to facilitate:

    • oEffective key IT controls testing;

    oThe provision of timely, expert advice and assurance; and

    oPartnerships with other functions to provide professional advice and assurance.

    Business *

  • ·Execute a consistent, sustainable and re-performable technical control testing framework/methodology for the bank's critical IT systems.
  • ·Support the provision of timely and accurate control testing MI to the respective risk forums across business and functions.
  • ·Promote compliance with the Bank's risk framework and policies ( ERMF and O&T RTF)
  • ·Support stakeholders in defining remediation actions to address identified control weaknesses and issues across critical IT systems, and associated processes.
  • ·Track issue remediation, check and challenge delivery status and escalate delays.
  • ·Identify opportunities for automation of controls testing.

    • Processes *

  • ·Support the continuous improvement of risk and control processes, aligning to and avoiding duplication with other assurance functions.

    • People & Talent *

  • ·Provide proactive self-orienting and self-motivating leadership, and work with limited direction
  • ·Lead through example and build the appropriate culture and values. Set appropriate tone and expectations, and work in collaboration with risk and control partners.
  • ·Cultivate the right mix of SME and risk & control skills.

    • Risk Management *

  • ·Adopt an anticipatory approach to risk assessment through stakeholder engagement and monitoring of the external environment.
  • ·Work with other control assurance teams to drive efficiency, effectiveness and reduce duplication.
  • ·Provide robust challenge and escalation to senior management to ensure activities achieve risk reduction.
  • Manage and drive continuous improvement of the IT control environment through proactive risk management.

    • Governance *

  • ·Tracking and reporting of risk assessments ( audits, risk assessments etc) and their outputs to ensure oversight and escalation mechanisms are in place to provide MI on obligations.
  • Work with the Application/Service Owners of critical IT systems to identify emerging IT risks and ensure they are appropriately addressed by relevant technical controls.

    • Regulatory & Business Conduct *

  • Display exemplary conduct and live by the Group's Values and Code of Conduct.
  • Take personal responsibility for embedding the highest standards of ethics, including regulatory and business conduct, across Standard Chartered Bank.
  • Contribute in the Controls team to achieve the outcomes set out in the Bank's Conduct Principles: The Right Environment.
  • Effectively and collaboratively identify, escalate and resolve conduct and compliance matters.
  • Provide timely and accurate risk & control information to support regulatory meetings and RFIs.

    • Key stakeholders *

  • ·Head of Controls Testing
  • ·TTO Risk Management
  • ·Group Operational Risk
  • ·Group Internal Audit – Enterprise Technology

    • Qualifications *

    Training, licenses, memberships and certifications

    Desired:

    ·Tertiary qualifications in Computer Science, Economics, Law or other relevant areas

    ·5-8 years in IT Audit and/or IT Risk Management

    ·Experience in US SOX regime

    ·Professional qualifications such as CISA / CRISC will be advantageous

    ·Technical knowledge on IT controls best practices across different platforms, systems and security tools

    ·Good understanding of security processes, risks and controls, audit and testing methodologies

    Our Ideal Candidate

    Copy and paste key skills, experience and qualifications required.