• Providing Expert Technical Advisory, Assessment and Assurance
• Execute assessments or assurance against controls that underpin an organisation’s Cyber/Information Security Management System including, but not limited to, the following domains:
o Data protection;
o Information loss prevention;
o Information classification and handling;
o Endpoint and network security;
o Cryptography, PKI and centralized key management;
o Application security;
o Security Information and Event Management (SIEM);
o Vulnerability management; and
o Identity and access management;
• Lead and execute deep-dive assurance testing over the organisation’s third party cyber security assessments capability to ensure continuous effectiveness of design and operation.
• Support sound security architecture and design.
• Support and influence organisational alignment to security principles and best practise (i.e. ISO27001 and ISF Standards of Good Practice for Information Security.
• Partnerships with other functions to provide professional advice and assurance;
• Grow trust with clients and regulators by delivering best practice cybersecurity solutions and protecting data and privacy; and
• Provide cutting-edge technology for AI, Robotics and Automation for improving Scalability, Efficiency and Time to Market.
• Drive the continuous improvement of the risk and control methodology, aligning to and avoiding duplication with key controls and control tests performed across other functions.
• Support liaison with Group Internal Audit, External Audit and any third party or regulatory inspections. This will include obtaining clarity of scope, defining engagement models, supporting business / function stakeholders throughout the processes and driving for clarity of issues and actions.
• Adopt an anticipatory approach to risk assessment through stakeholder engagement and monitoring of the external environment.
• Work with other control assurance teams to drive efficiency, effectiveness and reduce duplication.
• Provide timely and accurate reporting to appropriate committees.
• Ensure appropriate oversight and facilitate resolution of high impact risk and issues
• Display exemplary conduct and live by the Group’s Values and Code of Conduct.
• Take personal responsibility for embedding the highest standards of ethics, including regulatory and business conduct, across Standard Chartered Bank. This includes understanding and ensuring compliance with, in letter and spirit, all applicable laws, regulations, guidelines and the Group Code of Conduct.
• Bachelor / Honours Degree in Information Technology, Computer Science, Cyber Security or other technology related qualifications or 8-15 years of experience in cyber/IT security, technology audit or assurance, which must include some element of experience in a ‘first line’ security or assurance team.
• Background in the information and cyber security domain within international financial services organisations.
• Demonstrated ability to support a ‘first line’ function in responding to external/regulatory audits.
• Up to date with key regulation / developments in Information and Cyber Security Management Framework (including Technology Risk Management), Data, Privacy and Automation.
• Experience in SWIFT, MAS TRM and PCI DSS attestations preferred.
• Qualifications (i.e. CISSP, CCNA and CCNP).
• A certification in security domain (i.e. CISA, CRISC).
• Risk & control, assurance or audit experience.
• Ability to challenge the status quo.
• Ability to commit up to 10% business travel.
• Excellent organisation skills with ability to manage multiple deadlines and effectively prioritise workload.
• Strong interpersonal skills to foster positive relationships with internal and external stakeholders.
• Highly effective oral and written communication skills, with an ability to influence and to gain the respect of senior stakeholders and peers.
• Ability to exercise good judgment and objectivity.
• Demonstrates ability to work with limited direction and multi-task without loss of quality.
• Confident and courageous to raise/escalate issues in a pro-active, professional and timely manner.
• Demonstrate understanding of and commitment to the Group’s core values.
Interested candidates please email to firstname.lastname@example.org.
Kalyn Kong (EA Reg no: R1110919)
Company Reg No.: 201131609D, Licence No.: 11C4684
It’s easy to get pompous about what we do. To name drop our global clients or wax lyrical about ‘pioneering psychometric testing’. But if you’re not careful, you lose sight of what’s really important; relationships and people.
Without relationships, you don’t truly understand the client, their business culture and who they really need. You miss the nuances of each candidate, the human behind the CV and what makes them tick. And the ‘right fit’ slowly starts to blister.
Since 1999, LMA has supplied great candidates to blue-chip businesses in London and Singapore. We draw on in-depth market intelligence and use industry-leading tools to search, screen and select. We have specialist consultants and a global network. And we’re professional beyond measure.
But we never lose sight of what matters; how important the right people are to businesses, and the right careers are to people.