Manager, Application Security

Job Description

The Role ResponsibilitiesStrategy

• Security Technology Services (STS) is a critical function within Standard Chartered Bank operating under the overall purview of Enterprise Technology (ET). ET is accountable for enterprise wide infrastructure, data centres, Cloud, network, end-user services (EUS) and security (STS).
• The STS team is made up of cyber security thought leaders, who are accountable for the provision of a global set of cyber security services and products to maintain and continuously improve Bank s cyber security posture in today s ever evolving cyber security landscape.

Business

• The STS team protect the Bank from cyber security threats by delivering effective information security technology services, managing, and responding to security incidents to ensure, and support the continuity and growth of Bank s business operations; and meet the both internal and external stakeholders expectations across 70+ countries and territories, in which SCB operates.
• STS Operations function is a transversal service with a primary objective of managing operational activities for all STS owned products and services.
• This technical SME role is responsible for operational activities (service requests, change requests etc.) of Authentication and PIM function (listed later in the document). This role manages 24x7 BAU operational activities for existing services/technologies and automating routine with a key focus on end-user experience and self-service.

Processes

• This role is accountable for ensuring the STS services are adherent to all relevant Group standards, processes, and policies. The criticality of services provided by STS means there is emphasis, diligence and rigor on process adherence and risk management. The performance of STS services is audited and often reported to regulators.

Risk Management

• This role is responsible for ensuring all Authentication and PIM services adhere to Group Risks Management Standards and all services are audit ready at any given time.

Governance

• This role is responsible for ensuring all Authentication and PIM STS services adhere to Group standards and all services are audit ready at any given time.

Regulatory & Business Conduct

• Display exemplary conduct and live by the Group s Values and Code of Conduct.
• Take personal responsibility for embedding the highest standards of ethics, including regulatory and business conduct, across Standard Chartered Bank. This includes understanding and ensuring compliance with, in letter and spirit, all applicable laws, regulations, guidelines and the Group Code of Conduct.
• Help the Authentication and PIM operations team with specific technologies to achieve the outcomes set out in the Bank s Conduct Principles: [Fair Outcomes for Clients; Effective Financial Markets; Financial Crime Compliance; The Right Environment.] *
• Effectively and collaboratively identify, escalate, mitigate and resolve risk, conduct and compliance matters.

Key Stakeholders

• Architecture, Site Reliability Engineering and Service heads who own the strategy and roadmap for STS
• Project teams that deliver new services or improve existing services via projects or initiatives
• Infrastructure support teams (servers, databases, networks, etc.)
• Service Management team (change management team, major incident management team, support teams locally in countries where we operate, and STS services are consumed)
• Application support teams (other application teams that rely on STS services)
• Internal Risk Management teams and auditors
• Technology and Innovation (CIO Function) team

Other Responsibilities

• Accountable for supporting 24x7 operations for Authentication and PIM services provided by Security Technology Services. The primary focus of this role will be help our end-users/customers by addressing their requests (service requests, change requests and other BAU activities) swiftly and to their satisfaction. Success in this role is defined by the ability to improve the services for our end-users through automation or self-service.
• Responsible for managing BAU operational tasks for some of the below services:
  • Authentication and PIM technologies BeyondTrust, ForgeRock, HashiCorp Vault. Secret Double Octopus
• Identify tasks with repetitive nature and automate wherever feasible
• Align and adopt SRE practices in day-to-day operations
• Work closely with related teams, viz. platform, infra, SCM on a day to day basis
• Able to Provide artefacts from the service when required.
• Work closely with business and other stakeholders to deliver their security requirements
• Participate in security incident response activities.
• Be a subject matter expert within security production support by providing solutions to complex problem statements
• Adoption of standard tools and techniques for support management including event monitoring, batch management for routine activities, resiliency, capacity and for other standard core support processes like Incident, Problem and Change
• Ensure IT assets of STS are appropriately recorded and recertified; This includes maintaining list of security services, service and support ownership, assets servers, software and relationship with upstream and downstream systems
• Proactive review of production platform related risks or non-compliances like resiliency, capacity, obsolescence, event monitoring and reporting controls, and ensure full risks awareness is in place
• Take part in on-boarding newer capabilities/products into production support by reviewing all non-functional requirements, service validation and ensuring compliance to technology delivery assurance
• Contribute to product strategy and lifecycle, wherever applicable; Also ensure there are no redundancies of services within STS products and services
• Conduct production service level reviews with all key stakeholders with STS
• Contribute in security product roadmap and strategy
• Support on-boarding of all newer capabilities into STS
• Engage with other transversal technology services teams like data centre, database and platform support, ensuring there is adequate awareness of security tools, products and services, its significance to the security ecosystem for the bank
• Establish and govern all service reviews with suppliers/vendors providing support services for STS
• Plan and manage the financials (budget, forecasts, actuals) for Security Production Support and ensuring the spends do not overrun
• Adoption of DevOps and industry standards and practices for Security Production support

Our Ideal CandidateTechnical Skills

• Minimum 10 years of deep technical experience in Cybersecurity design, architecture, and operations.
• Must have hands on experience in designing, delivering, or managing (operations) in more than one of the following
  • Authentication and PIM BeyondTrust, ForgeRock, HashiCorp Vault. Secret Double Octopus.
• Hands-on knowledge of Java, Python and related tools (bitbucket, antifactory, etc.) with ability to automate manual tasks is preferred.
• Should have knowledge of SRE practices and has hands-on experience with managing production as per SRE standards and best-practices.
• Good knowledge and understanding on the below.
• Understanding on Linux/UNIX basics
• Understanding of networking concepts
• Working knowledge on Windows OS
• Understanding of Information Security concepts
• Basic understanding of Web Applications
• Have good understanding of ITIL practices and ITSM tools

,

Keyskills :
major incident managementsecurity incident responsewindows osdata centerservice levelcyber securitysecurity toolsrisk managementchange requestsenterprise datasupport servicesproduct strategy