Senior Manager, Operations – Data Privacy & Records Management. Senior Manager, Operations – Data Privacy &  …

Standard Chartered Bank Malaysia Berhad
in Kuala Lumpur, Kuala Lumpur, Malaysia
Permanent, Full time
Be the first to apply
Standard Chartered Bank Malaysia Berhad
in Kuala Lumpur, Kuala Lumpur, Malaysia
Permanent, Full time
Be the first to apply
Senior Manager, Operations – Data Privacy & Records Management.
About Standard Chartered
We are a leading international bank focused on helping people and companies prosper across Asia, Africa and the Middle East.

To us, good performance is about much more than turning a profit. It's about showing how you embody our valued behaviours - do the right thing, better together and never settle - as well as our brand promise, Here for good.

We're committed to promoting equality in the workplace and creating an inclusive and flexible culture - one where everyone can realise their full potential and make a positive contribution to our organisation. This in turn helps us to provide better support to our broad client base.

The Role Responsibilities

The "Data Privacy & Records Management Operations" is part of a newly formed '1 st line' centre of excellence under Group COO - Trust, Data & Automation. The role will support the businesses and functions & 2 nd line compliance, through the provision of effective service delivery model on agreed process for data privacy & records management capabilities. The role will work internally with Head -ICS & Risk assurance teams, business & functions partners & 2 nd line compliance colleagues to design, implement & operationalise capabilities for Data Privacy & Records Management. The role will ensure that these capabilities are operating effectively in BAU to achieve and manage the respective business objective in this area. The role will also provide timely feedback / data to all stakeholders to meet any key regulatory obligations.

Key responsibilities of the role include:

Providing Operational Support
  • Implement and manage operational processes which delivers outcome focused & timely service delivery.
  • Analyse existing business & functional processes to identify automation opportunities in area of data privacy.
  • Recommend process improvements to address control gaps and to enhance efficiency where possible.
  • Support & coordinate with stakeholders in defining automation or remediation actions / solutions.
  • Develop, track & analyse actionable metrics to continuously improve tools, procedures & provide visibility of operations to management.
Risk Management
  • Support liaison with Risk Assurance team on any Group Internal Audit and any regulatory inspections as required.
  • Assist in identifying, assessing, monitoring, controlling and mitigating data protection & privacy risks to the Group.
  • Adopt a proactive approach to threat risk assessment through appropriate stakeholder engagement and monitoring of the external environment to improve assurance planning.
  • Work with other risk assurance teams to drive efficiency, effectiveness and reduce duplication.
Supporting Strategic Delivery and Risk Reduction

Build effective relationships with stakeholders to facilitate:
  • The provision of timely & effective service delivery.
  • Collaboration with other business, functions & 2 nd line compliance to improve risk controls.
  • Grow trust with internal stakeholders and regulators by delivering best practice on data protection data and privacy.
Developing Capability and Supporting Success
  • Facilitate the on the job learning from current & previous experience by identifying and communicating transferable lessons, helping to embed these lessons, and encouraging best practice.
Business, Functions, and Regions
  • Provide robust challenge and escalation to senior management and all relevant business/function/region stakeholders to ensure activities achieve risk reduction.
  • Maintain strong stakeholder engagement with Chief Data Protection Officer, Heads of Operations - Automation, Chief Information Security Office, Head - Information Protection, 2 nd line Risk & Compliance, and Internal risk assurance and COOs teams to ensure alignment across stakeholder groups
  • Provide timely and accurate reporting to internal risk assurance team & appropriate forums /committees
  • Ensure appropriate oversight to senior management and facilitate resolution of high impact risk and issues
Leadership, People, and Talent
  • Practice a proactive self-orienting and self-motivating work ethic.
  • Provide strong leadership, management, and coaching
  • Lead through example and build the appropriate culture and values. Set appropriate tone and expectations, and work in collaboration with internal & external stakeholders.
  • Regularly share lessons learnt and best practice in a timely manner across a wide-ranging stakeholder group within businesses/functions
Regulatory and Business Conduct
  • Display exemplary conduct and live by the Group's Values, Valued Behaviours, and Code of Conduct
  • Take personal responsibility for embedding the highest standards of ethics, including regulatory and business conduct, across the Bank.
  • Effectively and collaboratively identify, escalate, mitigate, and resolve risk, conduct and compliance matters.
Key Stakeholders
  • Group COO - Trust, Data, and Automation
  • Global Head - Data Management & Privacy
  • Chief Data Protection Officer
  • Head of Operations - Automation
  • Head - ICS, Business & Functions
  • Global Head of Assurance - Cyber, Data & Automation
  • 2 nd line Risk & Compliance
  • Chief Information Security Office
  • SIS & Head - Information Protection

Our Ideal Candidate
  • Core understanding of Information Security Policy, Privacy Policy, Data Management Framework & Records Retention Policy as well as Standard.
  • Basic exposure to global data protection laws and practices preferred with an understanding of any of the following: Personal Data Protection Acts, General Data Protection Regulation, Cybersecurity Act, Safe Harbour and Multi-Jurisdictional IT / Privacy regulations and requirements such as cross-border data transfer.
  • Previous exposure of data protection & privacy, data handling and data classification including (but not limited to) preferred: Data and application protection, cross border data restrictions, data classification, data discovery, data governance, data loss prevention, back-up/recovery, and retention etc .
  • Good organisation and leadership skills with ability to manage multiple deadlines and effectively prioritise
  • Strong interpersonal skills to foster positive relationships with internal and external stakeholders
  • Effective oral and written communication skills, with an ability to influence and to gain the respect of senior stakeholders and peers
  • Ability to exercise good judgment and objectivity.
  • Demonstrates ability to work with limited direction and multi-task without loss of quality
  • Ability to perform the role of 'Change Leader'
  • Confident and courageous to raise/escalate issues in a pro-active, professional, and timely manner
  • Demonstrate understanding of and commitment to the Group's core values
  • University degree with professional certification (such as CIPP, CIA, CISA, CISSP, or CISM) preferred
  • Fluency in English
  • Ability to commit up to 10% business travel
  • Preferred
    • Background in Data Protection & Privacy or Cybersecurity or Financial Crime Control related units within international financial services organisations.
    • Professional law firms or risk and control specialists preferred with background in cybersecurity, data protection & privacy.
    • Knowledge of financial services businesses, processes, and controls

Apply now to join the Bank for those with big career ambitions.