About Standard Chartered
We are a leading international bank focused on helping people and companies prosper across Asia, Africa and the Middle East.
To us, good performance is about much more than turning a profit. It's about showing how you embody our valued behaviours - do the right thing, better together and never settle - as well as our brand promise, Here for good.
We're committed to promoting equality in the workplace and creating an inclusive and flexible culture - one where everyone can realise their full potential and make a positive contribution to our organisation.
This in turn helps us to provide better support to our broad client base.
This role is part of the Trust, Data, and Resilience Function led by the Group Chief Information Security Officer ( CISO ).
You will be a member of the Information Asset Management team which has been set up to secure the Group’s information by enabling the identification, assessment, and prioritisation of the Group’s Information Assets.
Your primary responsibilities will be to partner with business stakeholders to assess the business impact of their Information Assets and systems from an Information & Cyber Security ( ICS ) perspective.
Your responsibilities will include :
Security Business Impact Assessment
Support the review and challenge of the security business impact assessments submitted by Information Asset / System Owners to ensure accurate assessment of ICS impact.
Support the review the mapping of information assets and systems to identify concentrations of ICS risks and subsequently recommend changes to impact ratings.
Review business control metrics. Take actions to remediate overdue assessments and escalate control issues.
Make recommendations for the continuous improvement of the security business impact assessment process.
Provide advice and assistance to business end users on the process, methodology, and systems used to calculate the security business impact assessment.
Support the development and maintenance of training materials to support business stakeholders
Support the delivery of training to business stakeholders on security impact assessment covering ICS fundamentals and system functionality
Provide responsive customer focussed support for business stakeholders carrying out the assessment
Information Asset Assessment System Maintenance
Day to day management of the Information Asset Security Assessment system
Raise and track system issues and their resolution by development teams
Perform the role of super user’ of the Information Asset Security Assessment system
Perform data quality checks
Perform System User Acceptance Testing
Management Information & Reporting
Lead the production of insightful Management information for senior executives and operational stakeholders
Provide draft commentary and explanation for periodic variance
Produce ad hoc reports to support management initiatives to reduce ICS risk
Regulatory and Business Conduct
Display exemplary conduct and live by the Group's Values, Valued Behaviours, and Code of Conduct
Take personal responsibility for embedding the highest standards of ethics, including regulatory and business conduct, across the Bank.
Effectively and collaboratively identify, escalate, mitigate, and resolve risk, conduct and compliance matters.
Business / Function / Country information asset owners
Business / Function / Country information system owners
Business / Function / Country information process owners
Security Technology Services and teams
Preferred related working experience in either operational risk, information & cyber security, IT governance, or business continuity function and experience of business impact assessments
Preferred experience in MI production or User Acceptance Testing
Client centric mindset and delivery focus
Good communication skills, and ability to work with multiple stakeholders
Strong problem-solving skill and ability to manage multiple tasks
Strong knowledge of the businesses, markets and operations of Banks / Financial Service
Ability to foster positive relationships with internal and external stakeholders at appropriate level ensuring open cooperative environment