About Standard Chartered
We are a leading international bank focused on helping people and companies prosper across Asia, Africa and the Middle East.
To us, good performance is about much more than turning a profit. It's about showing how you embody our valued behaviours - do the right thing, better together and never settle - as well as our brand promise, Here for good.
We're committed to promoting equality in the workplace and creating an inclusive and flexible culture - one where everyone can realise their full potential and make a positive contribution to our organisation.
This in turn helps us to provide better support to our broad client base.
Cyber Security Services (CSS) is a critical function within Standard Chartered Bank operating under the overall purview of "Chief Operating Office".
The CSS team is made up of cyber security thought leaders, who are accountable for the provision of a global set of cyber security services and products in order to maintain and continuously improve Bank's cyber security posture in today's ever evolving cyber security landscape.
The CSS team protect the Bank from cyber security threats by delivering effective information security technology services, managing and responding to security incidents to ensure, and support the continuity and growth of Bank's business operations;
and meet the both internal and external stakeholders' expectations across 70+ countries and territories, in which SCB operates.
TEAM : You will be joining an exciting Security Strategy and Transformation program with motivated talents, collaborating with various cyber security services teams & cloud infrastructure teams, and delivering strategic Cloud & Container Security projects to uplift the Bank’s global cloud security capabilities, reduce attack surface and build a world-class cyber organization. RESPONSIBILITIES :
Lead Tooling Engineer for critical projects that design and implement a new service capabilities in the space of Cloud & Container Security
Solution Design and Evaluation : Propose, design and evaluate new technologies / integration pattern against established requirements and validate the security of the technology
Project Implementation : oversee and responsible for e2e implementation for all technical aspects, such as integration of Cloud Security tool into SCB landscape, integration across existing systems in SCB
Stakeholder Engagement : ensure buy-in from relevant counterparts and manage dependencies across the project delivery lifecycle KEY STAKEHOLDERS / RELATIONSHIPS :
INTERNAL : 1.Cyber Security Services domain heads2.Cloud Security Management Team3.Security Transformation Programme Managers and Project Managers4.
Cloud Infrastructure Services, Cloud Engineering and Cloud Operations Teams5.Technology Services Portfolio Manager6.Managers in key support functions (e.g. CIOs)
EXTERNAL : 1.Cloud Service Providers2.Product vendors COMPETENCIES (KNOWLEDGE & SKILLS) :
Bachelor’s Degree in Computer Science, Information Technology or related field
8+ years of Security Tooling experience with deep technical knowledge and hands-on experience in Cloud & Container Security Space
A highly analytical, process oriented, collaborative and creative individual
An individual that is willing to take ownership for driving change and challenge existing concepts
Experience in managing large scale deployments of Cyber Security products
Experience in Network / Security architecture development and definition
Practices and methods of IT strategy, enterprise architecture and security architecture
Expert knowledge and strong experience of Cloud infrastructure i.e. Amazon Web Services, Azure and GCP
Experience in integration for DevOps and DevSecOps, tooling, and techniques, particularly evidence of leading organisational and cultural change to adopt CI / CD practises (Jira, Confluence, Bitbucket, git;
Jenkins, Artifactory, Terraform, Packer, Rundeck, Ansible, AWS, OpenShift, Splunk, ELK, AppDynamics)
Proficient in one of the following languages : Python, Golang, PowerShell Scripting, Bash, Java, Nodejs etc
Experience in the configuration and implementation of Cloud Security management tooling products, e.g. RedLock, TwistLock, Azure AD P1 / P2
Knowledge in Cyber Security management tooling products, e.g. Qualys, Tanium
Integration of IaaS and PaaS security logs for centralized security monitoring using solutions like Splunk SIEM Good to have :
ITIL and COBIT IT practices frameworks.
Any of the these certifications will be a plus : Associate or Professional level of GCP, Azure, AWS Certifications with a focus on security, CCSP, CISSP, CISM