Information and Cyber Security Analytics Manager Information and Cyber Security Analytics Manager …

Standard Chartered Bank
in Warsaw, Mazowieckie, Poland
Permanent, Full time
Be the first to apply
Competitive
Standard Chartered Bank
in Warsaw, Mazowieckie, Poland
Permanent, Full time
Be the first to apply
Competitive
Standard Chartered Bank
Information and Cyber Security Analytics Manager
About Standard Chartered
We are a leading international bank focused on helping people and companies prosper across Asia, Africa and the Middle East.

To us, good performance is about much more than turning a profit. It's about showing how you embody our valued behaviours - do the right thing, better together and never settle - as well as our brand promise, Here for good.

We're committed to promoting equality in the workplace and creating an inclusive and flexible culture - one where everyone can realise their full potential and make a positive contribution to our organisation. This in turn helps us to provide better support to our broad client base.


The Role Responsibilities

The Group Chief Information Security Risk Officer (CISRO) organisation is instrumental in protecting and ensuring the resilience of Standard Chartered Bank's data and IT systems by managing information and cyber security (ICS) risk across the enterprise. As a critical function reporting into the Group Chief Risk Officer (GCRO), the Group CISRO team serves as the second line of defence for assuring ICS controls are implemented effectively, in accordance with the ICS Risk Type Framework, and for instilling a culture of cyber security within the Bank. The Group CISRO is responsible for ICS governance, strategy, policy, awareness, training, risk assessments, cyber stress testing, third party security risk, industry partnerships, and regulatory engagement.
The ICS Risk Type Framework (ICS RTF) is a core component of the Group's Enterprise Risk Management Framework (ERMF) which sets out overall risk management for ICS within Standard Chartered.
The Group ICS Risk team is responsible for developing, maintaining and supporting first line of defence with the operationalization of the ICS RTF on behalf of the Risk Framework Owner (CISRO).
It outlines the overall approach for the Group Chief Risk Officer (GCRO), internal and external stakeholders, including Board members, external auditors and regulators.

Strategy
  • The Information and Cyber Security (ICS) Risk Manager is a permanent role that requires knowledge and experience in ICS risk management, and information and cyber security risk. This role reports directly to the Head of ICS Risk.
Business
  • The primary purpose of this position is to support the embedding of ICS Risk management across the Group through the execution of the ICS RTF.
  • The successful candidate will work closely with the Head of ICS Risk to lead the development of ICS Risk artefacts (methodology, standards, training) for relevant first and second line stakeholder groups across the organisation and the discharge of CISRO obligations as defined within the ICS RTF.
Processes
  • Provide support to the maintenance of the ICS Risk Type Framework (RTF)
  • Provide SME input to support operationalisation and ensure adherence to the RTF's risk management methodology
  • Perform high quality review and challenge of Group risk profiles (by key control domain) produced by first line
  • Support Group ICS risk reporting to stakeholder groups across the Bank
  • Produce all necessary reporting and provisioning of templates and other supporting tooling

Our Ideal Candidate
  • Bachelor's degree or above from an accredited college/university in an appropriate field.
  • Strong communication skills in English
  • At least 6+ years of experience in Information Security / IT auditing, with Consultancy and/or Banking & Financial services experience including the following:
    • Information and Cyber Security framework, procedures, standards development, documentation,
    • Information and Cyber Security methodology communication
    • Information security risk business alignment, risk framework, risk management process e.g. risk definition, risk tolerance, reporting metric, set up risk controls, risk monitoring, risk mitigation plan, etc.
    • Creation of complex new Information and Cyber Security content aligned to industry standard.
    • Production of materials for governance meetings relating to Information and Cyber Security.
  • Professional qualifications: CISA/CISSP/CISM/CRISC/ISO27001 lead auditor or lead implementer is preferred but not mandatory
  • Personal authority based on established trusted relationships and ability to provide advice and direction which is respected amongst peers
  • Good understanding and knowledge of working with Information and Cyber Security risk
  • Good knowledge of the businesses, markets and operations of Standard Chartered Bank and the policies, procedures and processes through which Information and Cyber Security risks are addressed throughout the Group
  • Proven ability to respond to complex challenges and deliver practical solutions and direction which reflect a balanced view of the operation of the bank
  • Ability to both assess priorities and to focus on work in a structured fashion which delivers results
  • Sound judgement and anticipation
  • Strong integrity, independence and resilience
  • Proven ability to respond to complex challenges and deliver practical solutions and direction which reflect a balanced view of the operation of the bank
  • Ability to both assess priorities and to focus on work in a structured fashion which delivers results
  • Sound judgement and anticipation. Strong integrity, independence and resilience
  • Proven advanced English writing and communication skills
  • Knowledge of security frameworks (e.g. COBIT, ISF, COSO), standards (e.g. ISO, NIST, CIS), information security principles, security architecture and Regulatory requirements
  • Advanced competency with Microsoft Office Suite (Word, PowerPoint, Excel, SharePoint).


Apply now to join the Bank for those with big career ambitions.

To view information on our benefits including our flexible working please visit our career pages .
Close
Loading...