Information Security Senior Manager

  • Competitive
  • Kuala Lumpur, Malaysia
  • Permanent, Full time
  • Standard Chartered Global Business Services Sdn Bhd
  • 22 Apr 19

Information Security Senior Manager

About Standard Chartered
We are a leading international bank focused on helping people and companies prosper across Asia, Africa and the Middle East.

To us, good performance is about much more than turning a profit. It's about showing how you embody our valued behaviours - do the right thing, better together and never settle - as well as our brand promise, Here for good.

We're committed to promoting equality in the workplace and creating an inclusive and flexible culture - one where everyone can realise their full potential and make a positive contribution to our organisation. This in turn helps us to provide better support to our broad client base.


The Role Responsibilities
Security Technology Services (STS) is a critical function within Standard Chartered Bank. It is the STS mission to protect the Bank from information and cyber security threats by delivering effective information and cyber security services, responding to security incidents and educating staff. The STS function is instrumental in ensuring the Bank soundly meets its commitments to internal and external stakeholders and maintain an appropriate cyber security defence posture. Furthermore, the STS team plays a significant part in the Bank's 'Here for Good' vision and brand promise.

The importance of our mission has strengthened over time and is a principle concern for shareholders, clients, regulators and the communities we operate in. Our Bank's success depends on the STS function to maintain the correct balance of security capabilities and risk management across all businesses and functions across our global footprint.

The Function:
The Application and Infrastructure Vulnerability Management domain is responsible for identifying, responding and remediating security vulnerabilities to protect the Bank from evolving and sophisticated cyber threats. This is done through periodic assessments of infrastructure, applications and services in the Bank.

Main Purpose of Job:
Reporting to the Vice President of Operations Management, AIVM, and as part of the AIVM-Operations Management team, the requirement is to promote and embed effective and robust governance (audit & regulatory) controls and risk management processes that support STS objectives; to provide support and added value through proactively reviewing the processes to improve the functional control environment, and to ensure that the balance between risk and control is appropriate to business objectives.

The role requires strong Audit, Risk and Control skills; a strong interpersonal and engagement skill at all internal level is essential, along with the ability to engage with external partners.

Key Roles & Responsibilities:

Provide Audit support to the function including:

  • Point of contact for the service line in handling audit observations, including refuting, where valid
  • Responding to Audit RFIs and providing all required data, within the given timeframe
  • Track, manage, report and remediate, where required, all associated risks and audit findings
  • Carry out internal reviews of the function to proactively ensure adherence to policies
  • Provide advice and guidance to the team on responding to audit queries

Manage Operational Risks within the function:
  • Record all risks in the appropriate channels
  • Carry out monthly reviews and reporting on the functional risks
  • Represent the function in Risk Assurance forums and address queries arising from the reviews
  • Define, report and track Key Controls Indicators (KCIs) and Key Risk Indicators (KRIs)
Manage Business Continuity Planning for the function, including planning, testing and participating in Business Continuity Plans

Manage Service Readiness and Delivery:
  • Ensure new services transitioning into the function meet the acceptance criteria and land in a stable manner
  • Manage changes and enhancements to existing service catalogue for the function
  • Responsible for compiling and submitting the monthly operational updates (including recruitment, finance and reporting metrics)
  • Support the relevant reporting function within STS with data to enable accurate reporting for STS
  • Track service performance through metrics, and identify remediation plans for service improvements, where required.
  • Manage delivery of service improvement programmes for the function
Process Management:
  • Develop and maintain processes and procedures, while ensuring adherence to relevant guidelines, e.g. the process governance framework
  • Document and review processes to identify areas of improvement on risks and controls
Our Ideal Candidate


Qualifications & Skills:
  • Degree Educated, established work experience in risk, control, compliance or technology banking regulatory environments
  • Intermediate understanding in IT risk, control and compliance process frameworks, tools and standards such as ISO 27001, CobiT, ITIL
  • IT controls and governance expertise - CISA, CGEIT, CRISC qualification or equivalent - is desirable
  • Good analytical and problem solving skills.
  • Strong interpersonal and team skills
  • Ability to collect and analyze data, establish facts and make recommendations in written and oral form
  • Possess strong analytical and decision making skills

Apply now to join the Bank for those with big career ambitions.