Senior Manager – Governance & Risk Practice
About Standard Chartered
We are a leading international bank focused on helping people and companies prosper across Asia, Africa and the Middle East.
To us, good performance is about much more than turning a profit. It's about showing how you embody our valued behaviours - do the right thing, better together and never settle - as well as our brand promise, Here for good.
We're committed to promoting equality in the workplace and creating an inclusive and flexible culture - one where everyone can realise their full potential and make a positive contribution to our organisation. This in turn helps us to provide better support to our broad client base.
The Role Responsibilities
- Manage and Strengthen the Governance of GBS T&I in-line with Enterprise Risk Management Framework (ERMF) and ensure the associated Primary Risk Types related to Operations and Information Cyber Security risks are fully embedded, communicated and are working effectively across GBS T&I locations.
- Ensure adherence and compliance to Group IT Policy, ICS Policy and its related Standards across GBS T&I.
- Organise trainings, workshops to enhance knowledge of the technology staffs on the processes and create awareness to staffs though various communication channels.
- P articipate in CTM functional risk forums along with CIO Reps. to discuss and review open issues, implementation of mitigation plans to meet the defined targets.
- Review Residual Risk Assessment (RRA) in EORP for Country Technology Controls.
- Prepare the monthly compliance snapshot for GBS CIO representatives to review the control measures to address uncertainty.
- Manage the risk reporting for GBS Country Technology Management .
- Perform Cyclical Assurance Tests on Projects executed by teams within GBS T&I.
- Work with application delivery teams and support teams to collect artefacts/ evidences supporting the control requirement and identify gaps (if any).
- Provide regular metrics reporting on Control Test compliance and escalate issues related to Non-compliance to the respective CIO teams and the GBS T&I management.
- Note : Control Test Assurance does not replace the T&I Test Governance or the TDA reporting but compliments and works with these functions to obtain evidences and corroborates with other controls test requirements before publishing a consolidated report to the senior management. The CIO teams will continue to engage 'Technology Delivery Assurance' teams for evaluating compliance against specific SDF mandatory controls for projects and system delivery changes.
- Create Risk Awareness and organize GBS NFRC meetings to apprise the senior management on the technology risks and effectiveness of the controls.
- Ensure sustainable controls are in place to mitigate risks, driving risk remediation where required and ensure controls tested to operate as intended and remain fit for purpose.
- Ensure Risks are assessed, tracked and mitigations in place; residual risks are accepted by relevant authorities / GOR / RFO.
- Proactively engage Second Line of Defence and the OR teams to discuss and highlight potential process failures and the required changes/updates to the OR Controls on the potential failures.
- Ensure GBS practices are aligned to the existing RTFs, Group Policies & Standards and ensure adoption and adherence to ERMF.
- Manage country regulatory agencies inspections to GBS technology facilities to review technology controls and compliance with the applicable laws, rules and regulations.
- Track regulatory evidences requests and organize process walk-throughs to provide overview of control environment.
- Manage and facilitate the Due Diligence Visits from Countries
- Ensure effective communication of changes in regulatory requirements from countries are communicated to all CIO teams and the respective T&I GBS teams.
- Provide Audit support and coordination for GBS T&I and be a focal point for all external audits.
- Coordinate with respective SPOCs & application/ functional SMEs and validate the evidences to ensure precision of each RFI before submission to the Auditor or to the Audit teams.
- Organise presentations of the Audit reports and actions to the GBS T&I management and ensure that comments / advice, if any, from the management are incorporated.
Our Ideal Candidate
To be successful in this role, the candidate must be prepared to work in a challenging environment providing senior management with an overview of key risk indicators (current and future metrics) covering risk and governance related information from various sources.
The successful candidate will help to oversee and manage technology governance and assurance within a fast-paced environment, ensuring that the practices comply to the stated processes and are in-line with the Bank's IT Policy and Process. And as a specialist in Technology Governance, build a strong assurance framework within the fast-paced technology banking environment. The ideal candidate will be someone who:
- Possesses excellent communication and engagement skills, and can operate at a variety of levels
- Provides strong thought leadership and communication skills to influence global colleagues, stakeholders and staff and highlighting key issues related to policy and process compliance.
- Bachelor's degree in Computer Science, Computer Engineering or related field. MBA or MS degree preferred.
- Overall 8+ years of experience in IT and Financial Service Industry with a minimum of 5+ years of experience in IT Risk Management experience.
- IT Governance, Compliance, Risk, Control Management, Regulatory, Legal and Audit experience preferred.
Specific Job Knowledge and Skills Required:
- Experience in managing, building or implementing IT Governance, Risk and Compliance frameworks.
- Good experience in technology audit management
- Knowledge in industry best practices and standards like ITIL, CMMI, COBIT.
- Good understanding of Agile and Waterfall development methodologies.
- Knowledge on testing and testing practices and experience on test tools will be an added advantage.
- Should possess good knowledge in control assessment and quality assurance for projects.
- Knowledge of Application development and programming languages.
- ITIL Foundations / COBIT 5 certifications will be added advantage.
- Good experience in technology risk management
- Experience in managing, building or implementing operational management framework
- Experience in governance, risk management, or operational risk
- Experience in the three lines of defence risk model
- An in-depth understanding of controls required to manage Technology Risk
- Proficiency in data analysis, i.e. identifying relevant sources of data, performing analysis and report on findings.
- Highly articulate with strong communication skills.
- Consistently able to produce high quality deliverable's while working under pressure to tight deadlines and ambiguity.
- Ability to work in a fast-paced environment where continuous adaptability is required
Apply now to join the Bank for those with big career ambitions.
To view information on our benefits including our flexible working please visit our career pages .