Manager / Operational Risk, Cyber Risk
- Kuala Lumpur, Malaysia Kuala Lumpur Kuala Lumpur MY
- Permanent, Full time
- Standard Chartered Bank Malaysia Berhad
- 21 Jul 18 2018-07-21
Manager / Operational Risk, Cyber Risk
About Standard Chartered
We are a leading international bank focused on helping people and companies prosper across Asia, Africa and the Middle East.
To us, good performance is about much more than turning a profit. It's about showing how you embody our valued behaviours - do the right thing, better together and never settle - as well as our brand promise, Here for good.
We're committed to promoting equality in the workplace and creating an inclusive and flexible culture - one where everyone can realise their full potential and make a positive contribution to our organisation. This in turn helps us to provide better support to our broad client base.
The Role Responsibilities
•Support delivery of the banks Group-wide ICS Transformation and Remediation Programme (TRP).
•Recommend any additions to the ICS ERMF or ORF.
•Work closely with COO/STS/CISO Programme team, Head of ICS Governance, TISO, Head of ICS Audit, and Business Information Security Officers to ensure that the delivery of controls into the ORF/ERMF and that it is effectively managing ICS risk.
• Maintain strong stakeholder engagement with COOs, ITO, Business Information Security Officers, and Risk & Compliance stakeholders to ensure alignment across stakeholder groups in conjunction with ICS risk management.
• Delivery and quality of assigned project tasks and activities for the stream.
• Provide ongoing reporting of deliverables and timelines to key stakeholders and escalate any blockages to progress to program teams
Targets Budget & Governance
• Escalate any issues and risks, as appropriate so that they can be appropriately tracked and managed by programme team.
• Ensure compliance with relevant operational and people risk controls, and employment legislation.
• Provide ad hoc support to the GOR functions and CISO function as required.
People & Talent
• Educate IT staff on subject best practices and standards.
• Manage team (where available)
• Identify and create positive relationships with stakeholders.
• Provide oversight, governance and monitoring, and work with various delivery owners to embed controls into the appropriate framework.
• Ensure that the ICS risk function is managed in accordance with the Group's enterprise wide risk management standards and that specialist risks and issues are identified, escalated, and addressed as appropriate.
• Create and maintain management information relating to ICS risks and appropriately review, approve and escalate as required.
• Support the establishment of appropriate risk governance oversight activities.
• Provide reporting to appropriate project working groups / committees on the evolution and progress of the control rollout.
Regulatory and Business Conduct
• Display exemplary conduct and live by the Group's Values and Code of Conduct.
• Take personal responsibility for embedding the highest standards of ethics, including regulatory and business conduct, across Standard Chartered Bank. This includes understanding and ensuring compliance with, in letter and spirit, all applicable laws, regulations, guidelines, and the Group Code of Conduct.
• Lead the risk functional team to achieve the outcomes set out in the Bank's Conduct Principles.
• Effectively and collaboratively identify, escalate, mitigate and resolve risk, conduct and compliance matters.
This role provides for the management and direction of the Group's Information and Cyber Security risk model. This will deliver:
•ICS risk definition, appetite setting and key control identification.
•Creation and monitoring of risk mitigation plans
Our Ideal Candidate
We are seeking an experienced ICS expert for a global project role. The individual will sit in GOR and will be accountable for:
• The design of ICS controls across NIST (National Institute of Standards and Technology) domains for a portfolio of ICS transformation projects;
• Imbedding ICS controls into the Operational Risk Framework (ORF) or recommending for the ICS Enterprise Risk Management Framework (ERMF);
• Conducting Operational Risk Assessments (ORAs) with ICS Global process owners;
• Providing constructive challenge on project steering committees across NIST Domains.
As a new role, the individual will support the Senior Manager, Information and Cyber Security to ensure that that ICS TRP risk activities are prioritised, integrated and managed across and into the Group. This role has significant engagement with all business units, risk committees, and ITO. Delivery of controls into respective ICS risk frameworks is a high priority for the bank and thus the role will have significant exposure to stakeholders across the bank.
EXPERIENCE & QUALIFICATIONS
•Personal authority based on established trusted relationships and ability to provide advice and functional direction which is respected at senior levels of the Group
•Recognised tertiary degree - e.g. Bachelor/Masters of IT, Ecommerce, Science (Information Technology)
•Recognised security qualifications - e.g. CISSP, CISA, CEH
•Strong knowledge of the businesses, markets and operations of Financial Services and the policies, procedures and processes through which cybercrime risks are addressed throughout the industry
•Proven ability to lead highly complex, global activities through influence and credibility rather than command and control
•Ability to both assess strategic priorities and to focus on detailed aspects of a function in order to drive effective delivery
•Sound judgement and anticipation
•Strong integrity, independence and resilience
•Established relationships with external and internal stakeholders
• Do the right thing: Be brave, be the change; Think client; Live with integrity
• Never Settle: Continuously improve and innovate; Simplify; Learn from your successes and failures
• Better together: See more in others; How can I help?; Build for the long term
Apply now to join the Bank for those with big career ambitions.