Cyber Risk Assurance Lead - Virtual Banking
About Standard Chartered
We are a leading international bank focused on helping people and companies prosper across Asia, Africa and the Middle East.
To us, good performance is about much more than turning a profit. It's about showing how you embody our valued behaviours - do the right thing, better together and never settle - as well as our brand promise, Here for good.
We're committed to promoting equality in the workplace and creating an inclusive and flexible culture - one where everyone can realise their full potential and make a positive contribution to our organisation. This in turn helps us to provide better support to our broad client base.
As one of the biggest banks in market, we are rapidly expanding by growing a new virtual banking business in Hong Kong. We see ourselves as a fast growing start-up company where you will enjoy autonomy and teamwork at the same time, solving new and exciting problems in a nimble and agile way. Join us and be part of history making for future banking experience!
The Role Responsibilities
Our Ideal Candidate
- Direct the design of the Bank's second line of defence in managing information & cyber security risk, encompassing the areas of strategy, governance, business engagement, policy, risk assessment, and awareness.
- Understand regulatory requirements for information & cyber security and define control requirements to mitigate relevant risks.
- Act as primary coordinator during significant information security events. Work with 1st Line Cybersecurity to oversee incident investigations and ensure security risks are identified and managed.
- Support CISRO in coordinating firm-wide cyber security programme such as business continuity programme, disaster recovery operations, impact analysis and training programme for different business streams.
- Support CISRO in representing the Bank on internal and external information & cyber security committees.
- Establish & review assessment processes for: 1) new products and services; and 2) the continuous monitoring of existing platforms and infrastructure.
- Establish & review appropriate cyber risk tolerance threshold and follow-up action.
- Solid experience in information & cyber security risk mandatory
- Experience in fintech or FI or eCommerce preferred
- Experience of ICS regulation (preferably HKMA) mandatory
- Educational background in computer science, information security, or engineering.
- Familiarity with information and cyber security regulatory requirements and the three lines of defence risk model
- Experience in the following areas important: information security, cyber security, and technology risk management
- Experience in the following areas desirable: network and application security, data loss prevention, identity and access management, vulnerability management, business continuity programme and disaster recovery operation.
- Experience in Cloud Security Governance and related risk (Desirable).
- Proficiency in MacOS environment (Desirable)
- Influencing skills and ability to manage relationships with senior management
- Qualifications or certifications in ICS areas important: CISM, CRISC, CISA, CISSP, CGEIT.
Apply now to join the Bank for those with big career ambitions.