Job Vacancy at Standard Chartered Bank South Africa – Information Security Risk Manager

 JOIN OUR WHATSAPP GROUP. CLICK HERE

Information Security Risk Manager – (2000009610) 
Job: Risk
Primary Location: Africa & Middle East-South Africa-Johannesburg 
Schedule: Full-time
Employee Status: Permanent 
Posting Date: 28/Jul/2020
About Standard Chartered
We are a leading international bank focused on helping people and companies prosper across Asia, Africa and the Middle East.
To us, good performance is about much more than turning a profit. It’s about showing how you embody our valued behaviours – do the right thing, better together and never settle – as well as our brand promise, Here for good.
We’re committed to promoting equality in the workplace and creating an inclusive and flexible culture – one where everyone can realise their full potential and make a positive contribution to our organisation. This in turn helps us to provide better support to our broad client base.


Function Overview:
The Group Chief Information Security Risk Officer (CISRO) organisation is instrumental in protecting and ensuring the resilience of Standard Chartered Bank’s data and IT systems by managing information and cyber security (ICS) risk across the enterprise. As a critical function reporting into the Group Chief Risk Officer (CRO), the Office of the CISRO serves as the second line of defence for assuring ICS controls are implemented effectively and in accordance with the ICS Risk Framework and for instilling a culture of cyber security within the Bank.

The Group CISRO is responsible for ICS governance, strategy, policy, awareness, training, risk assessments, red teaming, third party security risk, industry partnerships, and regulatory engagement. In addition, the team of Information Security Risk Officers (ISRO) reports to the CISRO and performs a pivotal role as an extension of the CISRO in supporting the ICS risk management strategy, governance, advisory and assurance roles that face off to the Client Services, Regions, and Functions. The Office of the CISRO is central to ensuring the Bank’s ability to meet its ICS commitments to internal and external stakeholders, including regulators, as well as maintaining an acceptable ICS risk profile that is regularly reported to the Board.

The Role:
We are seeking an information and cyber security risk specialist to deliver a range of activities associated with the discharging of CISRO second line responsibilities. These roles will support the Information Security Risk Officers team within the CISRO and play a direct active part in the oversight of effective information and cyber security risk management across the bank. This role will have considerable engagement with all business units, risk committees, and other stakeholders across the bank. The role holder will report directly to the Regional ISRO Head, Africa & Middle East. The successful candidate will be expected to lead and deliver a range of complex activities in the following fields:
Risk Management:

  • Support the ISRO team in the rollout of the RTF from a 2nd line perspective.
  • Support the reporting of ICS to regional 1st line teams.
  • Raise visibility of ICS weaknesses in order to drive ICS improvements and uplift.
  • Create risk mitigation plans calling out where these are ineffective or insufficiently followed.



Regulatory Management:

  • Maintain a full view of ICS regulatory requirements via the Obligations Register.
  • Highlight gaps or control weaknesses against regulations.

Controls Testing:

  • Participate in ICS controls testing and thematic reviews as required by the ISRO team.

Governance:

  • Lead the preparation of materials for Region’s NFRCs using the material centrally produced by the CISRO Governance team.
  • Ensure consistency of reporting and production of high quality documentation and materials.
  • Brief presenters on the report content highlighting any risks/issues.
  • Regulatory and Business Conduct:
  • Display exemplary conduct and live by the Group’s Values and Code of Conduct.
  • Take personal responsibility for embedding the highest standards of ethics, including regulatory and business conduct, across Standard Chartered Bank. This includes understanding and ensuring compliance with, in letter and spirit, all applicable laws, regulations, guidelines and the Group Code of Conduct.
  • Effectively and collaboratively identify, escalate, mitigate and resolve risk, conduct and compliance matters.

Key Stakeholders:

  • ISRO teams
  • CISRO Governance, Policy and Risk team
  • STS team
  • Testing and Assurance team
  • Education and Awareness team
  • Cyber Partnerships and Government Strategy

 

Identified business stakeholders in country and the regional stakeholders
Experience & Qualifications

  • Proven Information and Cyber Security experience and expertise
  • Cyber Security certifications such as CISM, CISSP, CISA or equivalent
  • Recognized academic qualification in Information and Cyber Security or Technology or equivalent
  • Preferable to have Cyber security audit experience in performing regulatory submissions and evidence validation
  • Able to understand the Banking businesses, markets and operations of Standard Chartered Bank and the policies, procedures and processes through which information and cyber security risks are addressed throughout the Group
  • Proven ability to respond to complex challenges and deliver practical Cyber security proposals and direction which reflect a balanced view of the operation of the bank
  • Ability to both assess priorities and to focus on work in a structured fashion which delivers results
  • Strong integrity, independence and resilience


Apply now to join the Bank for those with big career ambitions.
To view information on our benefits including our flexible working please visit our career pages. We welcome conversations on flexible working.
Deadline: 12/Aug/2020.

 JOIN OUR TELEGRAM CHANNEL. CLICK HERE

Be the first to comment

Leave a Reply