Functional Lead – Security Risk Consulting recruitment

Why Standard Chartered?

70,000 reasons why we are a different kind of bank
Standard Chartered, the world's best international bank, leading the way in Asia, Africa and the Middle East

Job Description

Information Security Policy

1. Ability to conceive, direct and/or write Information Security Policy, Standards, Guidelines, Process and Procedures for
a. Application
b. Infrastructure
c. Architectures

Facilitate all business related systems development work through the Risk Review Life Cycle process:

1. Assess potential business impact that could result from a security breach, and the resultant value of the security of information;
2. identify security weaknesses and vulnerabilities;
3. model security threat scenarios;
4. assess the likelihood of such threat scenarios;
5. Assess the overall risk level and identifying and recommending appropriate controls to manage the risk.

Ad hoc security consultancy on:

1. Policy and standards interpretation
2. Security Design and Risk Issues

Risk Analysis of systems and infrastructures under development:

1. Assist the relevant business and Technology parties in the application of the Risk Process and Policy
2. Liaise with these groups to ensure early involvement of the Risk Process in new developments

Logical and physical design:

1. Analyse proposed design of security mechanisms and feedback changes to project teams;
2. highlight potential synergies from common security requirements across projects;
3.assist both business and technology to develop appropriate architecture and standards in response

Functional controls analysis:

1. Work with other risk functions to enable an informed understanding of the effectiveness of technology controls in mitigating their risks.

Project and Program management

1. Ability to handle and run Large to Medium initiatives on Security Infrastructure or Information Security Management Program on your own

People management
1. Manage people across geographies and culture.

Key Roles Responsibilities

1.Run Information Security Program and/or Projects to improve the state of Information Security within the organization.
2.Manage a team of Security Consultants and Risk manager to improve the Security KRI and SLA.
3. Introduce or improve new Policies, Standards, Processes and Procedures time to time to improve the state of Information Security.
4.Review Application and Infrastructure for Security Design, Architecture and Controls and manage the end to end Risk Life Cycle.

Qualifications Skills

- Thorough Understanding of more than 2 of the following technologies,
Networks
Database
Messaging
Operating System
Application

- Information Security Skills
Access Control and Authentication
Secure Network Connectivity
Cryptography
Inter Process Communication
Intra System Communication

Soft Skills

- Good Relationship and Networking Skills
- Good Interpersonal and Conflict Management Skills.
- Good Negotiation Skills
- Good Influencing Skills

Qualification

- Graduate or Post Graduate in Science or Engineering
- May posses either CISA or CISSP or CISM

Experience

- Sr. Risk manager with extensive relevant Experience

Diversity Inclusion

Standard Chartered is committed to diversity and inclusion. We believe that a work environment which embraces diversity will enable us to get the best out of the broadest spectrum of people to sustain strong business performance and competitive advantage. By building an inclusive culture, each employee can develop a sense of belonging, and have the opportunity to maximise their personal potential.