CAIA's Career Center is an easy-to-use, comprehensive resource connecting job seekers with employers in the growing AI field. Use your knowledge and credibility to advance your career or build a talented team for your organization. Opportunities targeted to CAIA Charterholders are prioritized.
In order to search for jobs specifically for CAIA Charterholders or those pursuing the CAIA Charter please enter “CAIA” in the search panel.
This will enable you to search for CAIA specific roles globally.
About Standard Chartered We are a leading international bank focused on helping people and companies prosper across Asia, Africa and the Middle East.
To us, good performance is about much more than turning a profit. It's about showing how you embody our valued behaviours - do the right thing, better together and never settle - as well as our brand promise, Here for good.
We're committed to promoting equality in the workplace and creating an inclusive and flexible culture - one where everyone can realise their full potential and make a positive contribution to our organisation. This in turn helps us to provide better support to our broad client base.
The Role Responsibilities
SC Ventures (SCV) is a business unit created to promote innovation , invest in disruptive financial technology , and explore alternative business models. It leverages human-centric design and a lean start-up approach that nurtures an intrapreneurial culture by empowering people and creating open platforms and partnerships. Through its Innovation Investment Fund supported by 3 rd party investment managers, it invests in Fintech companies that enable forward-thinking capabilities. Through its Business Ventures programme, it sponsors and oversees formation of new business ventures, which focus on disruptive business models to create optionality. And through its eXellerator programme, it facilitates innovation and culture change across the Bank and provides a platform to support the Bank's intrapreneurs and clients along their innovation journey.
Information and Cyber Security ("ICS") function in the Bank is our first line of defence, aimed at regularly evaluating the Bank's cyber security posture in today's ever evolving threat landscape and constantly improving the Bank's cyber framework/controls and remediating cyber security services and products.
This is a new role to strengthen our first line of defence and extend the ICS focus within SCV by working closely with key business stakeholders and ensuring that the innovative and disruptive business models continue to have the required level of cyber security with value-added solutions, whilst remaining in line with the regulations, business risk appetite, policies and standards. It reports to the Global Head of Operations, ICS , to drive the ICS risk reduction agenda in the respective business / function / region.
The key deliverables of the role are:
Lead the Information and Cyber Security ("ICS") Risk Type Framework ("RTF") implementation in SCV in a manner that balances innovation and risk and in line with legal, compliance and regulations
Lead risk mitigation and remediation in SCV in line with the ICS TRP agenda, where necessary
Interface with the respective Group Business, Function and / or Country MT for effective implementation of innovative business models introduced by SCV
For select Group wide initiatives, lead the change agendas agreed with the ICS TRP AE
Understand SCV specific requirements including regulatory driven requirements. Support the management of these requirements within risk appetite
Provide leadership over the operational delivery, controls, and governance of the ICS agenda. Faceoff to the Group ICS TRP and ICS subject matter experts in Group Business lines
Chair SCV ICS Working Groups. Support in the respective business / function / region Heads to manage ICS risk including in Non-Financial Risk Committees
Identify and independently drive strategic change initiatives to deliver on the ICS agenda for SCV with a forward-looking view
Develop insightful strategies for engaging business on information security matters, ensure investments are prioritised and funding is approved
Support delivery of the Bank's enterprise wide risk management plan and strategy
Work with different ventures and partners to assist in the development of strategies and plans for improving both Architecture and application security
Ensure ICS risks in SCV are proactively managed and effectively controlled, mitigated and remediated with senior stakeholder's support and buy-in, in line with Group, Region, Country, Business/Function risk appetite and regulatory driven requirements, that SCV is working with to introduce innovative business models
Establish priorities in partnership with the COOs and take responsibility for resolving security issues
Ensure that the management of ICS risk is effective and operating efficiently within SCV
Drive security culture/awareness and help improve readiness for a cyber event.
Ensure information risks are identified, assessed, mitigated and controlled
Ensure Critical Information Assets are identified and graded appropriately and monitor changes in the risk profile of the highly critical systems
Work with IT to validate the resilience of SCV's data and IT systems
Support Group initiatives ensuring SCV needs are represented effectively. Face off to the Group ICS TRP and ICS subject matter experts in Group Business lines
Drive the continuous improvement of practices
Agree and drive the implementation of the ICS agenda for the respective business / function / region by working with the respective Business/Function Heads, Region / Country Management Team, COO/CIO teams, ISOs, the ICS TRP and senior T&I leadership
Lead ICS risk remediation initiatives and activities including incident responses, crisis exercises, risk assessments, stress testing, regulator engagement
Drive the implementation of the ICS RTF in in the respective business / function / region with a focus on key countries. The plan will incorporate digital footprint discovery, threat/risk assessment, definition and implementation of controls as guided by the ICS RTF
People and Talent
Maintain strong stakeholder engagement and serve as the business-facing lead with Group, Regional and Country IT, Business/Function, COO, ISOs, Risk & Control stakeholders to bring alignment across stakeholder groups in conjunction with ICS risk management
Collaborate with Corporate Communications, threat intelligence and other functions to lead and coordinate the information security change management effort around branding, communications, staff awareness and training
Maintain relationships with key service and product owners within Security Technology Services to keep abreast of changes that may affect TRB 's risk landscape
Help to interpret and translate the ICS requirements of the SCV ICS programme into technical requirements when needed
Engage external agencies / third parties to understand the threat environment and reported events; assess impact for SCV
Drive compliance with Group policies standards, and local regulatory requirements
Work closely with CISO, Regional ISO, Country ISO, Head of ICS Governance, TISO, Business and COOs to provide oversight, governance and monitoring, and work with various delivery owners to embed the ICS RTF
Understand and assess the impact of changes in the policy or procedures on SCV and engage with the SCV Heads to ensure the impact is understood
Recommend additions/enhancements/changes to the ICS policy, procedures, and RTF.
Monitor ICS risk profile and posture and report any non-compliance to senior management or governance committees
Participate and represent SCV in Risk Committees, ICS working groups, Programme Steer Cos etc. to provide updates and influence positive outcomes for the Business/Function/Region/Country
Validate the accuracy and consistency of KRIs, KCIs and other risk ratings/assessments, as well as process designs using available MI
Support the Third-Party Security Assessment team during 3rd party reviews
Help design and embed ICS RTF controls in ORF across SCV
Regulatory & Business Conduct
Display exemplary conduct and live by the Group's Values and Code of Conduct
Take personal responsibility for embedding the highest standards of ethics, including regulatory and business conduct, across Standard Chartered Bank. This includes understanding and ensuring compliance with, in letter and spirit, all applicable laws, regulations, guidelines and the Group Code of Conduct
Lead the SCV to achieve the outcomes set out in the Bank's Conduct Principles : [Fair Outcomes for Clients; Effective Financial Markets; Financial Crime Compliance; The Right Environment.] *
Effectively and collaboratively identify, escalate, mitigate and resolve risk, conduct and compliance matters.
Engage key stakeholders including Legal and Compliance on interpreting local laws and regulations pertaining to information security. Work closely with SCV Heads, Compliance, CISO and ITO to develop reasonable solutions and/or mitigation.
Global Head Operations- Cyber, Data, Privacy and Automation
Accountable Executive, ICS TRP
Head of Investment Delivery Assurance, ICS TRP
Chief Operating Officers
Security Technology Services MT
Technology Services MT
Global Head Governance & Change, CIO
Chief Information Security Office (CISO)
Head, Operational Risk Information Security
Group Operational Risk
Head, Audit - Information Security & Cyber
Our Ideal Candidate
Degree in Engineering, Computer Science/Information Technology or its equivalent.
Experience in Information Security in Banking and Financial services.
One or more of the following certifications or equivalents will be preferred:
Certified Information Security Manager (CISM)
Certified Information Systems Security Professional (CISSP)
SANS Global Information Assurance Certifications (GIAC)
Certified in Risk & Information Systems Control (CRISC)
Certified Information Systems Auditor (CISA)
Exposure or hands-on experience in developing Cyber and Risk Management Strategy
Knowledge of cyber frameworks, ICS principles and architecture
Knowledge of ICS products and operations
Knowledge of cyber regulations, compliance frameworks and legal
Knowledge and exposure to FinTech, RegTech, AML, CTF
Knowledge and exposure to emerging technologies (AI, VR, IoT, Blockchain etc.)
Knowledge and exposure to Banking Systems
Exposure or hands-on experience in penetration testing and vulnerability assessments
Ability to articulate gross and residual risk and communicate complex technology and process risk to non-technical stakeholders in a clear and concise manner
Strong interpersonal and stakeholder management skills, across various levels, including senior leadership teams, in influencing key decisions taken across cross-functional teams
Ability to assess strategic priorities and focus on detailed aspects to drive effective delivery
Lead complex activities through influence and credibility rather than command and control
Must be a self-starter who is able to initiate and successfully drive programs and projects to completion with little or no management supervision
Strong analytical skills and ability to prioritise, make decisions, and work to tight timeframes
Integrity, independence and resilience
Apply now to join the Bank for those with big career ambitions.
To view information on our benefits including our flexible working please visit our career pages .