Senior Manager, ICS Risk Framework Awareness and Board ICS Awareness

Job Description

The Role ResponsibilitiesAbout Group CISRO The Group Chief Information Risk Security Officer (Group CISRO) organisation is instrumental in protecting and ensuring the resilience of Standard Chartered Bank s data and IT systems by managing information and cyber security (ICS) risk across the enterprise. As a critical function reporting into the Group Chief Risk Officer (CRO), the Group CISRO serves as the second line of defence for assuring ICS controls are implemented effectively and in accordance with the ICS Risk. The Group CISRO s responsibilities include ICS governance, policy, oversight, red teaming and industry partnerships. In addition, the team of Information Security Risk Officers (ISROs) reports to the Group Chief Information Security Risk Officer (CISRO) and performs a pivotal role as an extension of the CISRO in supporting the ICS risk management to face off to the Client Services, Regions, and Functions. The Group CISRO function is central to ensuring the Bank s ability to meet its ICS commitments to internal and external stakeholders, including regulators, as well as maintaining an acceptable ICS risk profile that is regularly reported to the Board.Within Group CISRO s Cyber Partnerships and Third Party Security Risk Oversight function, the Senior Manager, ICS Risk Framework Awareness and Board ICS Awareness is a new, permanent role that will be responsible for managing the following scope of work:ICS Risk Type Framework Awareness and Board ICS Awareness and ICS Culture and ICS Training

• The primary purpose of this position is to raise awareness of the ICS Risk Type Framework, project managing and delivering ICS RTF communications to key internal stakeholders to support the embedding of this critical Principal Risk Type throughout the Bank. The role holder will liaise with appropriate stakeholders, particularly within TDR, Risk and Learning regarding the delivery of key ICS RTF Training programmes.
• The role holder will also project manage and develop the content of the Bank s ICS Orientation and Development for the Group Board to support Board members in their oversight ICS role, including managing strategic ICS updates, communications and reporting initiatives to the Board.
• Furthermore, the position will manage and assist in the oversight of the 1st Line development and delivery of programmes to embed an effective ICS risk culture in the Bank.

Chapter 3 C3

• The role will lead on specific aspects and monitor the progress of specific Chapter 3 targeted initiatives within CISRO and ensure that opportunities to link with other departments in cross-cutting initiatives are exploited.

Communications and Engagement

• The incumbent will work closely with Group CISRO, Group Risk colleagues, Group CISO Training and Awareness, Regional ISROs, Group/Risk Communications, Mandatory Learning and CABM, as well as other key stakeholders to identify and communicate key expectations as outlined in ICS Risk Type Framework, policies, and standards.
• More broadly, they will deliver the CISRO Communications and Engagement strategy, to drive impactful stakeholder communications and engagement initiatives to bolster the CISRO and SC brand profile amongst internal and external stakeholders (e.g. media) respectively.

ProcessesThe major functional activities that the Head will lead and manage are:

• Create content within the Group Board ICS Orientation and Development programme, to continue to support the Board members in their challenge and oversight role;
• Collaborate with 1 st Line in embedding an ICS Risk Culture, including overseeing continuous improvement within this discipline;
• In close collaboration with relevant stakeholders, including TDR, Risk and Learning, deliver and support selected aspects on key training programmes of the ICS Risk Type Framework;
• Lead ICS Risk training and awareness for CISRO colleagues;
• Support in the creation and delivery of Group CISRO communications, promulgating the ICS RTF internally, and SC s approach externally through relevant thought leaderships publications. Deliver impactful internal and external communications on behalf of Group CISRO;
• Support CISRO s Chapter 3 portfolio implementation as we continue to embed targeted initiatives in support of SC s Chapter 3 goals.

People and Talent

• Lead through example and build the appropriate culture and values.
• Set appropriate tone and expectations from team and work in collaboration with internal and external partners driving tangible outcomes and achieving through others.
• Ensure the provision of ongoing training and development of people, and ensure that holders of critical functions within their team are suitably skilled and qualified for their roles ensuring that they have effective supervision in place to mitigate any risks.
• Employ, engage, develop, coach and retain high quality people, with succession planning for critical roles.
• Responsibility to review team structure/capacity plans.
• Set and monitor job descriptions and objectives for direct reports and provide feedback and rewards in line with their performance against those responsibilities and objectives.
• Uphold and reinforce the independence of the second line ICS Risk function.
• Ensure CISRO communications engage and inspire confidence from the immediate CISRO team and broader Group stakeholders.

Risk Management

• Ensure lessons learnt in ICS Risk Culture are shared with relevant Group stakeholders, to continuously improve overall Group culture.
• Ensure that the role is managed in accordance with the defined CISRO views on policies and standards, and that issues are identified, escalated, and addressed as appropriate.

Governance

• Work with CISRO Policy, Standards and Reporting team, Cyber Strategy and Resilience teams and ISROs to provide ICS risk culture input into the ICS RTF, policy and standards; and develop ICS risk training content as stipulated in the RTF
• Collaborate with 1 st TDR, Risk and Learning for delivery of ICS Risk training to Bank stakeholders.

Key Stakeholders

• Board Members
• Heads of, within Training and Awareness, Trust, Data and Resilience
• CISRO LT
• Global Head, Cyber Partnerships and Third Party Security Risk Oversight Team
• Head of ISROs, Regions and Countries
• Operational Risk Senior Management

Other Responsibilities

• Establish strong relationships with identified stakeholders across the regions and countries and understand their strategic goals, in order to ensure ICS alignment.
• Build trusted working relationships with other security functional heads, risk and compliance counterparts, and region and country stakeholders.
• Perform other duties as assigned, including authoring white papers, giving presentations, and developing briefings and other materials for senior executives and policy makers.
• Maintain sufficient and appropriate evidence of work performed for review by Group Internal Audit and others as necessary.

Our Ideal Candidate

• Outstanding communication skills with at least seven years proven experience in ICS training and communications roles
• Experience working in or with the financial services industry, or with ICS risk, brand/ organisational culture, training and education organisations in other industries with keen understanding of business and operational environments.
• Strong, negotiation and collaboration skills, and ability to work effectively and drive rapid outcomes from teams in a complex multicultural and multi-time zone organization.
• Strong programme management skills.
• Experience in working within a geologically dispersed organization.
• Strong ability to collect and analyse data and make recommendations in written form.
• Strong ability to liaise with all parts of the Bank, including senior security, risk and business stakeholders.
• Solve Problems
• Take the Lead
• Build Resilience
• Collaborate
• Deliver Sustainably
• Technical Competencies
• Manage Conduct
• Manage Risk
• Manage People
• Stakeholder Management
• Communications Verbal and Written
• Project Management
• Deep ICS Experience

,

Keyskills :
salesltdred teamingaccountancyrisk managementboard of directorssecurity riskfinanceinternal auditcyber securitywork effectivelyfinancial marketsmisinformation riskwhite papersclient services