Head Cyber Defence Center

Job Description

Cyber Defence Center team is made up of cyber security thought leaders, who are accountable for provisioning and monitoring and response, Digital Forensics, Threat Hunting and Data breach response services that play key role in improving Bank s cyber security posture by preventing, detecting and minimizing the impact of developing cyber threats.The teams collaborate and provide complementary services in order to allow efficient management and timely response to information and cyber security incidents, and therefore ensure and support the continuity and growth of Bank s business operations and meet the both internal and external stakeholders expectations across 70+ countries and territories, in which SCB operates.This position requires a strong leadership and prior management experience in operating a full-featured Cyber Defence Center using a wide variety of security tools for a large-scale global enterprise environment. This role requires a highly motivated candidate who possesses a strong leadership background and the ability to manage a diverse team of cyber security services analysts in a 24x7x365 operating model, responsible for plan, build and operations of cyber security technologies of a large-scale network.The successful candidate reports to the Global Head Cyber Defence and Threat Management.A fine balance between technical, business and leadership skills is a key, not limited to:Strategic planning for emerging cyber and information security risks through technologies, standards, and processes.Develop, implement, and manage action plans for responding to emerging threats and cyber security incidents in close collaboration with bank stakeholders.Manage an effective and intelligence-led Cyber Security Operations function that operates 24 hours a day, seven days a week. This includes security monitoring, incident response, data breach response, and threat hunting.Enhance the incident response life cycle, security tools, SOAR playbook, IR Readiness, and daily security operations processes.Organizational Safety and Soundness management of change, incidents, and problemsStakeholder management Collaborate/partner with global business and technology stakeholders on cyber security technology deployment, ensuring defined business objectives are met.To best perform this role the candidate will be required to stay up to date with emerging information & cyber risk landscape (including regulatory) which is a must for planning, implementing & operating controls (process & technology).The ideal candidate will be a technically experienced and innovative security professional who has the ability and experience to lead a team of security professionals and execute broad security goals within a global team. Candidates should be experienced in coaching team members at all levels (analyst, team lead, manager).High level responsibilities:Managing the banks cyber security operations 24/7/365. This includes incident response, digital forensics, threat hunting, and data breach response.Cybersecurity incident point of contact for the group.Collaborate closely with the cyber monitoring and analytics and malware protection teams to improve and deploy cyber security technologies and related use cases.Manage cyber security services processes, identify and monitor key performance indicators, and continuously improve the efficiency and effectiveness of all core services. Supervise the creation and maintenance of standard operating procedures.Oversee all aspects of the Cyber Defense Center, including hiring, staff development, performance management, diversity, equity, and inclusion.Consult with and advise stakeholders on security matters.Risk Management:Risk Management assessing and addressing gaps with control design & implementation under defined corrective action plans.Collaborate with sector and business risk and controls teams to resolve internal and external auditing issues.Lead through example and promote the appropriate conduct, culture and values.Financial Management:Plans, monitors, reports and forecasts the finances of the Cyber Defence Center service lines (run, change and continuous improvement).Governance:Jointly ensure that book of work progress continuously meets business needs, changing requirements and leads to defined goal achievement while following Bank s established processes as well as technical standards.Provide reporting to Global Head on the achievement of committed benefits and strategic goals.Regulatory & Business Conduct:Display exemplary conduct and live by the Group s Values and Code of Conduct.Take personal responsibility for embedding the highest standards of ethics, including regulatory and business conduct, across Standard Chartered Bank. This includes understanding and ensuring compliance with, in letter and spirit, all applicable laws, regulations, guidelines and the Group Code of Conduct.Effectively and collaboratively identify, escalate, mitigate and resolve risk, conduct and compliance matters.Key Stakeholders:Cyber Security Services Service Heads, Service ManagersCDC Programme Directors, Project ManagersCDC Risk and Control function2 nd line of defenceHICS heads and business functionsOur Ideal Candidate:Proven experience managing 24x7 cyber security services and incident response capabilities.Significant incident management experience, including post mortem and root cause analysis.Extensive experience governing defined business service level agreements (SLAs) and managing Key Performance Indicators.Demonstrated leadership and managerial abilitiesSuperior communication skills when interacting with customers and coworkersStrong written and verbal communication skills necessary to convey security event details and technical analysis to audiences within the cybersecurity organization and other technology groups.Demonstrated threat hunting experience on a large enterprise network, both as an individual and as a leader of hunting exercises with other team members.Comprehensive skill set that encompasses both offensive and defensive security.Experience leading the development, implementation, and management of processes that ensure the effectiveness and sustainability of security countermeasures and monitoring across all applicable systems.Demonstrated leadership experience in the development, implementation, and management of incident response plans and activities.Demonstrated leadership, communication, problem-solving, and performance management abilitiesThe ability and willingness to think creatively and innovatively in order to find cost-cutting measures that have a minimal impact on reliability.Superior planning/time management abilities.Outstanding interpersonal skills.Extensive knowledge of the trade-offs between reliability, efficiency, and cost.Qualifications:A bachelors/university degree is required; a masters degree is preferred; managerial experience is required.15+ years of experience in engineering or operations related to information/cyber security.Preferably CISSP, CISM, CRISC, CGEIT, CDPSE, or GCIH certifications.Self-motivated and results-driven with the ability to take the initiative, garner consensus, and develop and implement an effective strategy.Exhibits a high degree of analytical rigor in developing strategies, setting goals, and evaluating results.A sense of urgency when it comes to implementing programs and prioritizing; decisive, action-oriented, and pragmatic.Willingness to challenge and question the status quo, recommending alternative and optimal solutions.Demonstrated ability to think strategically.Organizational savvy, with strong interpersonal, collaborative, and communication skills.Personal presence, intellect, vitality, and determination to succeed in a high-performance environment.Capable of analyzing and reasoning through extremely complex issues, but then seamlessly executing and implementing against a well-thought-out framework.Regulatory & Business Conduct:Display exemplary conduct and live by the Group s Values and Code of Conduct.Take personal responsibility for embedding the highest standards of ethics, including regulatory and business conduct, across Standard Chartered Bank. This includes understanding and ensuring compliance with, in letter and spirit, all applicable laws, regulations, guidelines and the Group Code of Conduct.Effectively and collaboratively identify, escalate, mitigate and resolve risk, conduct and compliance matters.Our Ideal CandidateA bachelors/university degree is required; a masters degree is preferred; managerial experience is required.15+ years of experience in engineering or operations related to information/cyber security.Preferably CISSP, CISM, CRISC, CGEIT, CDPSE, or GCIH certifications.,

Keyskills :
keeping things simplekey performance indicatorslife cycleroot causeoperating aservice levelcyber defenseservice linescyber securitycontrol design