Director ICS Technical Controls Testing

Job Description

*About Standard Chartered We are a leading international bank focused on helping people and companies prosper across Asia, Africa and the Middle East. To us, good performance is about much more than turning a profit. Its about showing how you embody our valued behaviours - do the right thing, better together and never settle - as well as our brand promise, Here for good. Were committed to promoting equality in the workplace and creating an inclusive and flexible culture - one where everyone can realise their full potential and make a positive contribution to our organisation. This in turn helps us to provide better support to our broad client base.Make an impact every day with Trust, Data and Resilience (TDR)Our TDR team sits within the Group Operations function and is responsible for mission-critical areas including cyber, information, data, privacy and resilience. These are challenges that impact our clients globally. Our TDR team develops the platforms, drives the processes and builds partnerships to benefit millions of people every day. They thrive in providing solutions to complex issues, devote time and energy to designing new and innovative solutions, and all in an environment that demands being risk-aware, not risk-averse. TDR chooses progress over perfection and aims to always participate with a constructive purpose. The team makes an impact wherever they are based, be it in our offices around the world, our Global Business Solution centres in China, India, Malaysia and Poland, or even from our home.Now you have an opportunity to make a meaningful impact with a diverse and passionate team of creators, innovators and achievers. With us, you ll learn, be inspired, and make an impact every day. The success of our work hinges on how we use the unique diversity of our people to realise the effects we seek to achieve: Always on. Always safe. Always Simple.The Role ResponsibilitiesSignificant transformation is underway within the Operations function to rapidly improve the Cyber, Data, Privacy and Automation control environment, along with digitization and innovation. A new function, TDR (Trust, Data & Resilience), has been formed by pulling together Cyber Security Services, TPSR, ICS Operations, Data Management & Privacy, Automation and Resilience into one function to:

• Grow trust with clients and regulators
  • Best practice cyber security solutions; protection of data and privacy; improve resilience; reduce risk
• Leverage analytics and insights to enable data monetisation
  • Real time analytics; process automation; customer insights; eco-system partnerships; disruptive business practices
• Be an enabler to journeys
  • Steer the Bank using trust, innovation and data; supply real time information for actionable measures

To help grow trust with clients and regulators and maximize risk reduction, a Director of ICS Technical Controls Testing role has been created to lead the testing of key ICS controls across the bank s critical IT systems.This new team will provide planning, execution, reporting, governance, as well as advocating and imparting lessons and good practice to shape the design and implementation of ICS key controls testing across all of the bank s critical IT systems. In addition, determining whether these key controls are operating effectively via an evidence-based testing process.Key responsibilities include:

• Support the functional head in leading a team of ICS technical control testing SMEs to plan and execute on key controls testing across the bank s critical IT systems.
• Lead the execution of a consistent, sustainable and re-performable technical control testing framework/methodology for the bank s critical IT systems.
• Support the provision of timely and accurate control testing MI to the respective risk forums across business and functions.
• Drive compliance with the Bank s risk framework and policies (e.g. ERMF, ORTF and ICS RTF)
• Support stakeholders in defining remediation actions to address identified control weaknesses and issues across critical IT systems, and associated processes.
• Track issue remediation, check and challenge delivery status and escalate delays.
• Identify opportunities for automation of controls testing.

Strategic

• Maintain effective relationships with leaders to facilitate:
  • Effective ICS key controls testing;
  • The provision of timely, expert advice and assurance; and
  • Partnerships with other functions to provide professional advice and assurance;

Processes

• Support the continuous improvement of risk and control processes, aligning to and avoiding duplication with other assurance functions.

People and Talent

• Provide leadership, management and coaching over colleague(s).
• Provide proactive self-orienting and self-motivating leadership, and work with limited direction
• Lead through example and build the appropriate culture and values. Set appropriate tone and expectations, and work in collaboration with risk and control partners.
• Build the right mix of SME and risk & control skills.

Risk Management

• Adopt an anticipatory approach to risk assessment through stakeholder engagement and monitoring of the external environment.
• Work with other control assurance teams to drive efficiency, effectiveness and reduce duplication.
• Provide thought leadership on ICS technical control design, assessment, testing processes and drive continuous improvement in ORFT and ICS RTF.
• Provide robust challenge and escalation to senior management to ensure activities achieve risk reduction.
• Manage and drive continuous improvement of the ICS technical control environment through proactive risk management.

Governance

• Tracking and reporting of risk assessments (e.g. audits, risk assessments etc) and their outputs to ensure oversight and escalation mechanisms are in place to provide MI on obligations.
• Work with the Application/Service Owners of critical IT systems to identify emerging ICS risks and ensure they are appropriately addressed by relevant technical controls.

Regulatory & Business Conduct

• Display exemplary conduct and live by the Group s Values and Code of Conduct.
• Take personal responsibility for embedding the highest standards of ethics, including regulatory and business conduct, across Standard Chartered Bank.
• Lead the Controls team to achieve the outcomes set out in the Bank s Conduct Principles: The Right Environment.
• Effectively and collaboratively identify, escalate and resolve conduct and compliance matters.
• Provide timely and accurate risk & control information to support regulatory meetings and RFIs.

Key Stakeholders

• Head of ICS Technical Controls Testing
• Head of Regulatory Attestations & Central Controls Testing
• Group Operational Risk
• Group CISRO
• Group Internal Audit T&I and Operations and Cyber

Our Ideal CandidateDesired:

• Tertiary qualifications in Computer Science, Economics, Law or other relevant areas.
• 8-15 years in IT/Cyber Audit and/or Cyber Risk Management.

Apply now to join the Bank for those with big career ambitions. To view information on our benefits including our flexible working please visit our career pages . We welcome conversations on flexible working.,

Keyskills :
internal auditcyber securityrisk reductioncontrol designdata managementrisk assessmentcontrol testingcomputer scienceequipment supplysenior managementsecurity servicesbusiness solutionprocess automation