No more applications are being accepted for this job
- Support CISO in defining Information and Cyber Security Strategy and socialize to enhance awareness within the businesses, working closely with CIO and COO's.
- Support CISO in determining key ICS threats and risks to the business and their mitigation plans.
- Track and align ICS adoption and execution to the ICS risk reduction initiatives with key enterprise programmes (Obsolescence remediation, Cloud Adoption, etc).
- CISO delegate within the businesses.
- Identify and manage ICS risk within the business and represent ICS risk to relevant Risk Committees / governance forums.
- Educate business stakeholders regarding ICS Risks to drive accountability across the business.
- Maintain strong stakeholder engagement with business stakeholders, COO, CIO and CISRO teams.
- Good organisation skills with ability to manage multiple deadlines and effectively prioritise, including strong collaboration with peers.
- Responsible to represent CISO in the business.
- Perform ICS risk assessment for business - Execute Threat Security Risk Assessment (TSRA) to identification and manage ICS Risks and threats as per the Bank's Risk framework and frequency.
- Define ICS Risk treatment plans in collaboration with the Business CISOs including ICS Risk tracking and management of associated ICS Treatment plans
- Key focal point for CISRO in relation to TSRA Risk Assessment.
- Responsible for risk and threat reporting requirements for key risk committees / forums (like NFRC, ICS check point, Sustainability Refinement forums, ERR Treatment plan governance meeting, etc).
- Manage actions coming out of various risk committees / forums.
- Governance of ICS Treatment Plans actions in collaboration with Business CISOs.
- Ensure key ICS risk and issues are monitored and appropriately addressed by key stakeholders.
- Ensure adoption of the ICS controls across business.
- Display exemplary conduct and live by the Group's Values and Code of Conduct.
- Take personal responsibility for embedding the highest standards of ethics, including regulatory and business conduct, across Standard Chartered Bank. This includes understanding and ensuring compliance with, in letter and spirit, all applicable laws, regulations, guidelines and the Group Code of Conduct.
- Effectively and collaboratively identify, escalate, mitigate, and resolve risk, conduct and compliance matters.
- Lead the team to achieve the outcomes set out in the Bank's Conduct Principles: [Fair Outcomes for Clients; Effective Financial Markets; Financial Crime Compliance; The Right Environment].
- Exercise authorities delegated by the Board of Directors and act in accordance with Articles of Association.
- Client Coverage COO and relevant Business Stakeholders
- Client Coverage Technology Team
- Client Coverage CISO
- Client Coverage CISRO
- Head of ICS Controls, CCIB
- Head of ICS Risk Governance and Compliance, CCIB
- Bachelor's degree in engineering, Computer Science / Information Technology or its equivalent.
- At least 5 years' experience in banking industry - MUST
- Experience in working across multiple security frameworks ( NIST, ISO 27001, PCI-DSS) - MUST
- Experience in ICS Risk Framework within banking industry - MUST
- Industry certifications will be an advantage like CISSP, CISM, CRISC, SANS GIAC, GPEN, OCSP, CREST certification.
- Understanding of the Cyber landscape and ICS Controls within the banking environment
- Excellent organisation skills with ability to manage multiple deadlines and effectively prioritise
- Ability to foster positive relationships with internal and external stakeholders at appropriate level ensuring open cooperative environment. Be a Team player
- Experienced in the production of executive reporting; good communication skills (written and oral)
Senior Manager, Client Coverage ICS Risk - Kuala Lumpur, Malaysia - Standard Chartered Bank
Description
Role Responsibilities
Strategy
Business
People and Talent
Risk Management
Governance
Regulatory and Business Conduct
Key Stakeholders
Our Ideal Candidate
Certification
Role Specific Technical Competencies