Head of Technology Risk & Control, HK, Taiwan and Macau
About Standard Chartered
We are a leading international bank focused on helping people and companies prosper across Asia, Africa and the Middle East.
To us, good performance is about much more than turning a profit. It's about showing how you embody our valued behaviours - do the right thing, better together and never settle - as well as our brand promise, Here for good.
We're committed to promoting equality in the workplace and creating an inclusive and flexible culture - one where everyone can realise their full potential and make a positive contribution to our organisation. This in turn helps us to provide better support to our broad client base. The Role Responsibilities
As a business partner, Head, Risk & Control is responsible to ensure that Technology and Innovation ("T&I") teams to operate in full compliance with all Country and Group policies as well as local regulatory requirements
- Ensuring business strategies, standards and roadmap abide by T&I operating principles, policies and procedures of Country and Group and the Enterprise Risk Management Framework ("ERMF")
- Ensuring that the executions of T&I functions are fully compliant with statutory regulations, laws, guidelines and industry practises for Technology Risk Management, Information & Cyber Security covering T&I Security Technology Services ("STS") and Technology Governance
- Support the Regional CIO in the overall effective and proactive management of all T&I risks, governance and controls
The following responsibilities are applicable to both Country and Cluster market (covering Hong Kong, Taiwan and Macau). Oversight and Governance
- Support the country CIO as one of the 1 st line Risk Owner related to Operational Risk, Information and Cyber Security Risk, Compliance Risk, Conduct Risk and Reputational Risk, in accordance with the ERMF.
- Responsible for the preparation, communication, implementation, delivery and expansion of T&I risk management plans, and work closely with relevant stakeholders including Operational Risk, Compliance, and CISRO at the country and Group level.
- Represent T&I to liaise with regulators on technology risk governance.
- Oversee the implementation of Group T&I Policies and Standards in country and/or Region.
- Oversee effective risk management practice implementation in T&I including Risk Identification, Assessments, Measurements, Acceptance and Monitoring.
- Provide timely and accurate management reporting to the CIO and relevant senior stakeholders for proper manage of technology and ICS risks.
- Drive proactive risk management culture in T&I.
- Support the country CIO in providing oversight over the country Data Governance Committee.
- Support the country CIO to formulate the strategic plan in enhancing the system stability from a risk point of view.
- Review and provide oversight on the root cause analysis and follow-up on the closure of remediation plans.
- Provide oversight on the performance of the T&I service providers.
- Oversee the ongoing treatment of obsolescence risk.
- Review and provide oversight on effective contingency and resilience of Technology Service Delivery.
- Oversee internal and external/ regulatory audit exercises and the progress of remediation plans for the identified gaps, and ensure relevant risk incurred is properly managed through ERMF.
- Represent T&I in various risk forums and committees (such as Technology and Innovation Risk Forum ("TIRF"), Third-Party Risk Management Sub-Committee, Hong Kong Data Governance Committee, Technology & Innovation Regional Risk Forum
- Drive effective risk discussions within monthly TIRF and regional T&I RRF and oversee timely remediation of identified risks.
- Represent T&I R&C in Project Steering Committee and identify and address any technology and ICS risks during project lifecycle.
- Oversee service providers who deliver technology services to SCBHK and ensure all relevant policy, standard and control requirements are followed.
- Be responsible for the local implementation of Group EUC Policy and perform regular governance oversight for all HK EUCs in meeting relevant control requirements.
- Oversee the risk management practice for managing the technology risks timely identified in various sources.
- Oversee regular residual risk assessment and risk acceptance for TRM processes.
- Support business projects and timely address any technology risks identified.
- Facilitate regulatory approvals for e-Banking and technology outsourcing initiatives.
- Ensure T&I relevant ICS policy is well circulated amongst Bank's businesses, functions, geographies and subsidiaries.
- Ensure applicable controls are identified, assessed and implemented by the business owners.
- Collaborate with Group Security Technology Services on local governance, if needed.
Our Ideal Candidate
- Lead through example and build the appropriate culture and values. Sets appropriate tone and expectations for the team and work in collaboration with risk and control partners.
- Employ, engage and retain high quality (skill and experienced) people to deliver its obligations.
- Ensure the provision of ongoing training and development; ensure that direct reports are suitably skilled and qualified for their roles and that they have effective supervision in place to mitigate any risks.
- Set and monitor job descriptions and objectives for direct reports and provide feedback and rewards in line with their performance against those responsibilities and objectives
- Facilitate the Fair Accountability Review for relevant cases that require consequence management within T&I.
- Very good level of understanding of operations and technology
- Compliance, Audit and/or Operational Risk background
- Results driven with strategic qualities
- Visionary leader able to engage and motivate performance in others
- High degree of independence, responsibility and integrity
- Strong project management skills with demonstrable track record in a dynamic environment
- Knowledge of quality tools, procurement, and logistics planning
- Bachelor's degree in technology/finance. Business Administration or related disciplines
- Relevant managerial experience
- Excellent communication capability - good command of written English
- Ability to work within a multi-function, multi-discipline team environment with strong influencing and stakeholder management skills
Apply now to join the Bank for those with big career ambitions.
To view information on our benefits including our flexible working please visit our career pages . We welcome conversations on flexible working.