About Standard Chartered
We are a leading international bank focused on helping people and companies prosper across Asia, Africa and the Middle East.
To us, good performance is about much more than turning a profit. It's about showing how you embody our valued behaviours - do the right thing, better together and never settle - as well as our brand promise, Here for good.
We're committed to promoting equality in the workplace and creating an inclusive and flexible culture - one where everyone can realise their full potential and make a positive contribution to our organisation. This in turn helps us to provide better support to our broad client base. The Role Responsibilities
- The role is responsible for supporting the Head of Special Projects in assessing third party engagements that falls under the Special Projects category. Key Roles & Responsibilities
- Effectively perform third party security reviews, and ensure quality and timely execution.
- Make timely and sound judgments, and identify clear solutions from broad, complex or ambiguous situations.
- Interact with all levels of management within the Bank while performing third party security reviews of service providers across all the Bank’s markets.
- Effectively communicate the security risks to internal and external stakeholders.
- Effectively communicate and manage relationships with stakeholders globally.
- Diligently provide weekly and ad hoc reporting on status of reviews.
- Support any training and awareness initiatives relating to third party security risk.
- Support and assist in third party program improvement initiatives
- Assist in the development of new/amended processes, innovative ways of working and reviewing risk and control assessments.
- Assist in the forward planning and prioritisation of vendor assessments or requests from business stakeholders, and resource allocations. Regulatory & Business conduct
- Display exemplary conduct and live by the Group’s Values and Code of Conduct.
- Take personal responsibility for embedding the highest standards of ethics, including regulatory and business conduct, across Standard Chartered Bank. This includes understanding and ensuring compliance with, in letter and spirit, all applicable laws, regulations, guidelines and the Group Code of Conduct.
- Follow the Leadership of Global Head of TPSR to achieve the outcomes set out in the Bank’s Conduct Principles: Fair Outcomes for Clients; Effective Operation of Financial Markets, Financial Crime Prevention; Creating the Right Environment.
- Effectively and collaboratively identify, escalate, mitigate and resolve risk, conduct and compliance matters. Stakeholder Engagement and Influence
- Maintain strong stakeholder engagement within team and externally with other business stakeholders
- Collaborate with other teams to improve the risk controls Key Stakeholders
- Head of Special Projects, TPSR
- Head of Digital Strategy, TPSR
- Global Head of Third Party Security Risk
- Group Chief Information Security Officer (CISO)
- Group Chief Information Security Risk Officer (CISRO)
- Head of Operations & Management, Third Party Security Risk
- Regional Heads, Third Party Security Risk Other Responsibilities
- Embed “Here for Good” and Group’s brand and values in the TPSR Team
- Perform other responsibilities assigned under Group, Country, Business or Functional policies and procedures.
Our Ideal Candidate
- Bachelor’s degree from an accredited college/university in an appropriate field
- Professional information security, risk or audit certification, e.g. CISA, CISSP
- 8 to 10 years of experience in IT Strategy, IT Transformation, Information Security, IT Risk, and/or IT Audit, preferably with Big 4 and/or Banking & Financial Services experience
- Experience in managing team and familiarity with working in MNC or cross-cultural setting
- Experience in third party security risk or audit is a plus, but understanding of risk management/assessment, auditing standards, compliance and internal control frameworks is a requirement
- Understanding of controls, regulatory and risk issues in a global financial institution
- Knowledge of key outsourcing regulatory requirements, e.g. MAS, HKMA, RBI
- Knowledge of information security frameworks (e.g. COBIT, ISF, COSO), standards (e.g. ISO, NIST, CIS), information security principles and security architecture
- Excellent written and interpersonal skills
- Strong stakeholder engagement skills, and ability to interact at all levels across an organisation
