Associate Director, CS Risk & Control

•    The TTO ICS Risk and Governance has been set-up to provide best in class risk & control execution from both a ‘Vertical’ and ‘Horizontal’ perspective. Central Risk & Governance is one of the horizontal functions in TTO ICS team with the objective to ensure effective application of relevant Principal Risk Type Frameworks across TTO ICS, including the provision of relevant information to Risk Management and Oversight Forums, and to oversee the timely identification and resolution of emerging risks, issues, and findings. In addition, to raise the effectiveness and efficiency of risk and control management across all ICS domains 

•    Associate Director, ICS Risk and Control LRM role is created under Cyber Security Service Risk and Control team for managing and responding to regulatory & external audit requests for information (RFI) related to vulnerability management infrastructure security & Application Security. This role requires an understanding of regulatory requirements, vulnerability assessment processes, and effective communication.

Regulatory RFI Management:
•    Serve as the primary point of contact for regulatory RFI requests related to vulnerability management infrastructure security & Application Security domains.
•    Coordinate with internal teams to gather necessary information and documentation to respond to RFI requests.
•    Ensure timely and accurate submission of responses to regulatory bodies.

Vulnerability Management:
•    Collaborate with the Vulnerability Management team to understand current vulnerability management processes, tools, and methodologies.

Documentation and Reporting:
•    Prepare comprehensive and clear documentation to support RFI responses, including detailed reports, summaries, and supporting evidence.
•    Ensure all documentation meets regulatory requirements and is presented in a professional manner.

Stakeholder Communication:
•    Communicate effectively with internal stakeholders to gather necessary information and ensure alignment on RFI responses.

Process Improvement:
•    Identify opportunities to improve the efficiency and effectiveness of the RFI response process.
•    Implement best practices and standard operating procedures to streamline RFI management.

Audit Support:
•    Assist with external audits related to vulnerability management and regulatory compliance.
•    Provide documentation and evidence to support audit activities and findings.

Risk Management
•    Support liaison with LRM AIC team and any third party or regulatory inspections.
•    Be adept in the vulnerability management infrastructure security & Application Security processes to be able to respond to RFI queries on their own. 
•    Escalating significant risks and issues to the group process Owners and control owners.

Regulatory & Business Conduct
•    Display exemplary conduct and live by the Group’s Values and Code of Conduct.
•    Take personal responsibility for embedding the highest standards of ethics, including regulatory and business conduct, across Standard Chartered Bank. This includes understanding and ensuring compliance with, in letter and spirit, all applicable laws, regulations, guidelines and the Group Code of Conduct.

Key stakeholders
•    Head Vulnerability Management and Infrastructure Security
•    Head Application Security and Assurance
•    AIC LRM team
•    Country CISO POCs.

Other Responsibilities
•    Perform other responsibilities as assigned by the Risk & Control Lead

•    Education - Bachelor / Honors Degree. Cyber Security or other technology related qualifications are added advantage.
•    Languages - English

•    Technology / Cyber Security Risk Management
•    Vulnerability Management

We're an international bank, nimble enough to act, big enough for impact. For more than 170 years, we've worked to make a positive difference for our clients, communities, and each other. We question the status quo, love a challenge and enjoy finding new opportunities to grow and do better than before. If you're looking for a career with purpose and you want to work for a bank making a difference, we want to hear from you. You can count on us to celebrate your unique talents and we can't wait to see the talents you can bring us.

Our purpose, to drive commerce and prosperity through our unique diversity, together with our brand promise, to be here for good are achieved by how we each live our valued behaviours. When you work with us, you'll see how we value difference and advocate inclusion.

Together we:

• Do the right thing and are assertive, challenge one another, and live with integrity, while putting the client at the heart of what we do
• Never settle, continuously striving to improve and innovate, keeping things simple and learning from doing well, and not so well
• Are better together, we can be ourselves, be inclusive, see more good in others, and work collectively to build for the long term

In line with our Fair Pay Charter, we offer a competitive salary and benefits to support your mental, physical, financial and social wellbeing.

• Core bank funding for retirement savings, medical and life insurance, with flexible and voluntary benefits available in some locations.
• Time-off including annual leave, parental/maternity (20 weeks), sabbatical (12 months maximum) and volunteering leave (3 days), along with minimum global standards for annual and public holiday, which is combined to 30 days minimum.
• Flexible working options based around home and office locations, with flexible working patterns.
• Proactive wellbeing support through Unmind, a market-leading digital wellbeing platform, development courses for resilience and other human skills, global Employee Assistance Programme, sick leave, mental health first-aiders and all sorts of self-help toolkits
• A continuous learning culture to support your growth, with opportunities to reskill and upskill and access to physical, virtual and digital learning.
• Being part of an inclusive and values driven organisation, one that embraces and celebrates our unique diversity, across our teams, business functions and geographies - everyone feels respected and can realise their full potential.