Head, ICS, Centre of Excellence

Job Description

• Leverage Artificial Intelligence and Machine Learning to automate day to day processes, and management reporting,
• Build self-service and scalable model to offer more with less and diverse capabilities to offer higher and complex skill-set offerings,
• Laser focus on Customer centricity (including Client, Regulator and internal) to create long term value proposition for them,
Ensure Regulatory Compliance and Contribute to the ICS Risk reduction
• Ensure timely and quality delivery of e2e ICS regulatory commitments (including submission and non-submission),
• Ensure Reverse TPSA queries from the clients are properly responded to with quality output and in a timely manner.
• Lead Control Assessment of Masking, Access & Retention of Prod PII data migrated to test environment,
• Effectively identify, assess, and manage the ICS risk by helping in establishing robust treatment plans to achieve risk reduction,
• Conduct Annual CCSS (Cyber Control Security Self-assessments) for countries
• Effectively track, monitor and report various ICS related issues, ICS CEO objectives,
• Ensure timely remediation of higher risk issues including external regulators and Group Internal Audit through proper visibility and appropriate escalation,
• Responsible for speaking out on emerging risks, issues, blockages, challenges, and trends in the appropriate forums,
• Driving End-to-End responses for Client Due Diligence Questionnaires
Regulatory Engagement
• Driving End-to-End LRM Pre-submissions review,
• Driving Gap Assessment of Operating Effectiveness for past regulations (Non-submissions),
• Support Regulatory Inspections for countries,
• Scope RFIs and review the quality of response from on-going submissions / Non-submissions for quality review managed by COE,
Audit & Certification Support
• Orchestrate SOC 2 Type II assessment involving Engagement with External Assessor, HICS and other LODs, as required
• Orchestrate complex organization wide gap assessments emanating from group regulators like Prudential Regulatory Authority, FCA, etc.
• Solicit & validate ICS data for facilitating Cyber Insurance underwriting
• ISO 27001 and 22301 assessment for countries
• ICS RFI support for Internal & External audits (e.g. Financial Audits)
People and Talent
• Responsible for driving appropriate culture and values within the teams by setting the right tone and expectations to support the Group CISO fulfil the Senior Manager Regime (SMR) responsibilities,
• Working in close collaboration with HICS, risk and control partners across all functions to effectively embed a strong culture of risk awareness and good conduct,
• Improve client centricity through increased delivery velocity,
• Spread and sustain a continuous improvement and innovation culture,
• Support a culture of diversity and inclusion to bring the best out of our people,
Adopt Foundational ICS Controls
• Mature the Bank s ability to proactively identify and manage cyber threats through implementation of robust, integrated risk framework (the ICS RTF and Threat Scenario Risk Assessment (TSRA) Standard),
• Support establishing governance to enable Secure & Resilient by Design solutions, supporting the Group s cloud first and digital transformation agenda,
• Drive effective and timely treatment of ICS foundational control adoption on Group s Crown Jewels to help improving Group s security risk posture,
• Become the trusted cybersecurity advisor to Business, Functions, Regions, Countries to directly support the delivery of the Bank s ICS strategy,
Deliver best in class change management including transition to New Ways of Working (NWOW)
• Provide opportunities to build the right mindsets, nurture our talent and develop capabilities as we adopt the New Ways of Working (NWOW) through QPRs/MPRs and agile delivery approach,
• Regularly identify and implement opportunities for efficiency (via A3s) across processes, systems, and infrastructure,
• Ensure standardisation and best practice migration across regions, segments, and functions by working closely with the HICS,
Regulatory & Business Conduct
• Display exemplary conduct and live by the Group s Values and Code of Conduct.
• Take personal responsibility for embedding the highest standards of ethics, including regulatory and business conduct, across Standard Chartered Bank. This includes understanding and ensuring compliance with, in letter and spirit, all applicable laws, regulations, guidelines and the Group Code of Conduct.
• Lead the Centre of Excellence team to achieve the outcomes set out in the Bank s Conduct Principles : Fair Outcomes for Clients; Act responsively and within your authority; Comply with laws, regulations and group standards; Be open and co-operate with regulators; Protect confidential information; Treat colleagues fairly and with respect *
• Effectively and collaboratively identify, escalate, mitigate and resolve risk, conduct and compliance matters.
Key Stakeholders
• Regional, Segment and Function HICS; ISRO and CISRO team; GIA, Business & Country Compliance teams; Control owners in ET, CCIB, CSS etc; Regulators (where applicable)
Our Ideal Candidate
• Someone with proven track record of managing Cyber Security related assessments for various countries, knowledge in Cyber Security and data privacy related concepts and relevant certifications eg CISSP, CISM, CISA, CRISC, ISA, PCIP, CIPP etc will be preferred
,

Keyskills :
data privacydue diligencesecurity riskinternal auditcyber securityexternal auditrisk reductionrisk assessmentmachine learning