Information Security Analyst

JOB SUMMARY

•    Define and implement secure cloud environment
•    Implement and manage CASB solution to monitor, prevent and control information protection across cloud application, 
•    Design and implement Azure Information Protection policies
•    Enforce control for Data Leakage protection using cloud-native DLP solution (Microsoft Purview, Zscaler DLP, Proofpoint, Symantec DLP)
•    Design zero trust framework across Cloud & AI services
•    Establish and enforce guardrails to prevent sensitive or regulated data from being exposed, misused, or leaked through AI/LLM
•    Identify, design, and implement internal process improvements: automating manual processes, optimizing data protection solution etc
•    Work with architects and other leads on service strategies across people, process and technology
•    Define roadmaps on future service and product capabilities
•    Review and validate mature operating model for the service along with other stakeholders in the team
•    Identify opportunities for continuous and automated deployment.
•    Document and publish service catalogues to provide transparency on the capabilities provided by the service with improved end user journey to access the services. 
•    Work on the demand management to deliver demand driven by corresponding stakeholders like business, regulators etc
•    Partner with technical teams and solution architects to analyse technical and non-technical requirements to build robust Data protection solution.
•    Work with internal and external auditors support auditing requirements.
•    Collaborate with business teams, infra teams, security operations, project teams and offer technical guidance

Candidate to have

•    Minimum 5-10 yrs of experience in relevant security products
•    Design, Implemented and managed Cloud Environment and CASB solution
•    Hands on experience data protection technologies like Information Rights Management, Data Discovery & Classification, Cloud Security, Data Loss Prevention etc is a must
•    Delivered engagements across cloud security lifecycle of strategy definition, architecture, design and implementation in line with regulatory and standards  
•    Have hand-on experience in implementing AI guardrails on AI/LLM models
•    Experience in working with geographically dispersed teams, preferably in the Financial Services industry.
•    Experience with enterprise applications (architecture, development, support, and troubleshooting).
•    Experience and exposure to security products to assess security implications and requirements for introduction of new technologies.
•    Strong interpersonal and communication skills; ability to work in a team environment
•    Industry certifications like CISSP, CCSP, Azure & AWS related certifications would be plus

RESPONSIBILITIES

Strategy 

•    DLP Specialist needs more than just tool skills – they need to ensure controls are effective, aligned with business needs and resilient to new risks like Cloud and AI/LLM usage.
•    Discover -> Protect -> Monitor -> Improve. Balance business enablement with data protection, ensuring controls evolve with Cloud & AI risks.

Business
•    Awareness and understanding of the wider business, economic and market environment in which the Group operates to ensure control implemented are enabled for business and control any Data loss risk.

Processes
•    Identify, design, and implement internal process improvements: automating manual processes, optimizing data protection solution etc

People & Talent
•    Lead through example and build the appropriate culture and values. Set appropriate tone and expectations from their team and work in collaboration with risk and control partners.

Risk Management
•    Proactively manage risk by identifying, assessing, reporting and mitigation of risk.

Governance
•    Responsible to adhere to the defined process. Proactively assess effectiveness of process and controls.

Regulatory & Business Conduct

•    Display exemplary conduct and live by the Group’s Values and Code of Conduct. 
•    Take personal responsibility for embedding the highest standards of ethics, including regulatory and business conduct, across Standard Chartered Bank. This includes understanding and ensuring compliance with, in letter and spirit, all applicable laws, regulations, guidelines and the Group Code of Conduct.
•    Effectively and collaboratively identify, escalate, mitigate and resolve risk, conduct and compliance matters.
•    Lead to achieve the outcomes set out in the Bank’s Conduct Principles

Key Stakeholders

•    Cyber Security Operations
•    WKS Workplace Technology
•    Email Security
•    Perimeter Security

Qualifications

•    Education     Computer Graduate and Above
•    Certifications     CISSP, CCSP, AZURE & AWS certification

Role Specific Technical Competencies

•    Cloud Security
•    AI / LLM
•    CASB ( Cloud Access Security Broker)
•    Data Loss Prevention(Microsoft Purview, Proofpoint)
•    Microsoft Purview - Data Security Posture Management
•    (DSPM), Data Security Investigations
•    Insider Risk Management, Data Security Posture Management for AI
•    Azure Information Protection (AIP)
•    Python, PowerBI

We're an international bank, nimble enough to act, big enough for impact. For more than 170 years, we've worked to make a positive difference for our clients, communities, and each other. We question the status quo, love a challenge and enjoy finding new opportunities to grow and do better than before. If you're looking for a career with purpose and you want to work for a bank making a difference, we want to hear from you. You can count on us to celebrate your unique talents and we can't wait to see the talents you can bring us.

Our purpose, to drive commerce and prosperity through our unique diversity, together with our brand promise, to be here for good are achieved by how we each live our valued behaviours. When you work with us, you'll see how we value difference and advocate inclusion.

Together we:

• Do the right thing and are assertive, challenge one another, and live with integrity, while putting the client at the heart of what we do
• Never settle, continuously striving to improve and innovate, keeping things simple and learning from doing well, and not so well
• Are better together, we can be ourselves, be inclusive, see more good in others, and work collectively to build for the long term

In line with our Fair Pay Charter, we offer a competitive salary and benefits to support your mental, physical, financial and social wellbeing.

• Core bank funding for retirement savings, medical and life insurance, with flexible and voluntary benefits available in some locations.
• Time-off including annual leave, parental/maternity (20 weeks), sabbatical (12 months maximum) and volunteering leave (3 days), along with minimum global standards for annual and public holiday, which is combined to 30 days minimum.
• Flexible working options based around home and office locations, with flexible working patterns.
• Proactive wellbeing support through Unmind, a market-leading digital wellbeing platform, development courses for resilience and other human skills, global Employee Assistance Programme, sick leave, mental health first-aiders and all sorts of self-help toolkits
• A continuous learning culture to support your growth, with opportunities to reskill and upskill and access to physical, virtual and digital learning.
• Being part of an inclusive and values driven organisation, one that embraces and celebrates our unique diversity, across our teams, business functions and geographies - everyone feels respected and can realise their full potential.