AVP - Test Management PCD

Job Description

• In December 2017 the Bank s Chief Information Security Officer ( CISO ) commissioned an independent Enterprise-wide Security Risk Assessment ( ESRA ) which evaluated the Bank s Information and Cyber Security ( ICS ) controls against the National Institute of Standards and Technology ( NIST ) Cyber Security Framework. ESRA has resulted in a multi-year, Board approved ICS Transformation and Remediation Program ( TRP ), fully resourced to uplift the ICS capabilities of the Bank. RB ICS programme team requires resources to manage their Test Governance and Assurance deliverables.

Business

• Our TDR team sits within the Group Operations function and is responsible for mission-critical areas including cyber, information, data, privacy and resilience

ProcessesKey responsibilities includes:

• Independently - Responsible for Managing User Acceptance test planning, execution, scope alignment with all stakeholders, defect tracking, stakeholder dashboard, complete with user sign off and regional spoc consent and maintain evidence / traceability
• Independently - Responsible to ensure every delivery by application teams are aligning to group test standards and SDF guidelines AND any deviations are dispensed / accepted and signed off as agreed with the PO/GPO
• Strengthen and formalise the ICS related test governance and assurance process across applications / initiatives
• Responsible for planning, execution and delivery of test reviews ensure alignment with standards
• Ensure compliance with standard operating policies and procedures, quality management systems and regulatory requirements & Group standards
• Effectively communicate findings to internal and external stakeholders on a regular basis and manage formal closure to the satisfaction of stakeholders
• Monitor and report on findings and security risk aspects to stakeholders and drive them to closure / address or mitigate
• Manage working documents to record and track the control gaps and remediation activities to ensure that any deficiencies in the processes are mitigated
• Act as an advisor on areas of improvements in the processes and operational efficiencies
• Assist in the development of new/amended processes, innovative ways of working and reviewing test management and control assessments
• Provide timely responses on audit and regulatory requests / queries
• Conduct internal training sessions for internal and external team members on test process, documentation standards and evidence retention requirements
• Mandatory test deliverables: Test artefacts/ evidences - keep audit ready all the time
• Responsible for end to end test management for the assigned areas and timely execution and successful completion ;
• support the programme on assuring the test management process deployed by application owners, are aligned to SDF and PMF standards & escalate issues if any with options / solutions and address them on time
• Proactive identification and fixing of issues / defects if any
• Maintain formal plan of action/ road map as required
• Run and Manage Business test cycles and take accountability for successful completion as per Group Standards and Guidelines

People and Talent

• Practice agile way of working with close collaboration with stake holders
• Dynamic with passion towards timely delivery
• Focus on developing capability

Risk Management

• Responsible to identify , manage and mitigate risks on the scope of deliveries
• Oversee, monitor and challenge implementation of controls to mitigate risks;

Governance

• Establish and maintain strong relationships with key stakeholders at all levels, while independently performing own duties;

Regulatory & Business Conduct

• Display exemplary conduct and live by the Group s Values and Code of Conduct.
• Take personal responsibility for embedding the highest standards of ethics, including regulatory and business conduct, across Standard Chartered Bank. This includes understanding and ensuring compliance with, in letter and spirit, all applicable laws, regulations, guidelines and the Group Code of Conduct.
• Lead to achieve the outcomes set out in the Bank s Conduct Principles: [Fair Outcomes for Clients; Effective Financial Markets; Financial Crime Compliance; The Right Environment.] *
• Effectively and collaboratively identify, escalate, mitigate and resolve risk, conduct and compliance matters.

Key Stakeholders

• GPO
• PO
• Scrum masters
• Programme Team
• Country Biz Stakeholders
• Regional Leads
• Project Leads

Other Responsibilities

• Embed Here for good and Groups brand and demonstrate the Valued Behaviours
• Perform other responsibilities as assigned
• Responsible for Managing User Acceptance test planning, execution, scope alignment with all stakeholders, defect tracking, stakeholder dashboard, complete with user sign off and regional spoc consent and maintain evidence / traceability
• Responsible to ensure every delivery by application teams are aligning to group test standards and SDF guidelines AND any deviations are dispensed / accepted and signed off
• Strengthen and formalise the ICS related test governance and assurance process across applications / initiatives
• Responsible for planning, execution and delivery of test reviews
• Ensure compliance with standard operating policies and procedures, quality management systems and regulatory requirements & Group standards
• Effectively communicate findings to internal and external stakeholders on a regular basis and manage formal closure to the satisfaction of stakeholders
• Monitor and report on findings and security risk aspects to stakeholders and drive them to closure / address or mitigate
• Manage working documents to record and track the control gaps and remediation activities to ensure that any deficiencies in the processes are mitigated
• Act as an advisor on areas of improvements in the processes and operational efficiencies
• Assist in the development of new/amended processes, innovative ways of working and reviewing test management and control assessments
• Provide timely responses on audit and regulatory requests / queries
• Conduct internal training sessions for internal and external team members on test process, documentation standards and evidence retention requirements
• Responsible for end to end test management for the assigned areas and timely execution and successful completion
• Proactive identification and fixing of issues / defects if any
• Maintain formal plan of action/ road map as required
• Run and Manage UAT and UVT test cycles and take accountability for successful completion as per Group Standards and Guidelines

Our Ideal Candidate

• Person with 12+ years of experience in SCB Tech Project deliverables+ good exposure to STS/GIS policies and procedures + experience in handling Global SCB projects; experience in apps and infra monitoring tools or IT Network management will be an added advantage;
• Working experience in PCI DSS / PCD Protection projects
• Project experience in either of the following area will be an advantage: MFA SSO, security monitoring, Toxic access management, PCI DSS fixing, monitoring tool, Networking
• Strong senior stakeholder engagement skills
• Industry certifications will be a plus e.g. CISA, CISSP, CRISC and CISM, PMP, CSM, ISA
• Strong knowledge of security frameworks (COBIT, ISF, COSO), standards (ISO, NIST, CIS), information security principles, security architecture and regulatory requirements
• Excellent written, oral communication, reporting and presentation skills
• Strong organisation skills, sound judgement and good critical thinking and analytical skills

,

Keyskills :
pci dssmusic makingtest planningsecurity riskcyber securitytest managementrisk assessmentdefect trackinguser acceptancemicrosoft officequality management systems