Head, Cloud Security
About Standard Chartered
We are a leading international bank focused on helping people and companies prosper across Asia, Africa and the Middle East.
To us, good performance is about much more than turning a profit. It's about showing how you embody our valued behaviours - do the right thing, better together and never settle - as well as our brand promise, Here for good.
We're committed to promoting equality in the workplace and creating an inclusive and flexible culture - one where everyone can realise their full potential and make a positive contribution to our organisation. This in turn helps us to provide better support to our broad client base. The Role Responsibilities
Our Ideal Candidate
- Provide leadership and oversight by setting the direction, strategy, defining deliverables and the operating model of Cloud Security within Security Technology Services function.
- Drive strategic direction of Cloud Security to protect the Bank's critical assets from various cyber threats - to avoid the financial loss and reputation damage by implementing the technology and controls
- Lead complex and Bank wide cloud security improvement efforts that work across security, infrastructure service and Business domains
- Drive cloud security capability uplift to ensure an appropriate toolset, technologies and processes are in place to optimise, automat and achieve effective and resilient cloud security service supporting the team's operational objectives.
- Ownership of the STS Cloud Security service catalog content (including service fact sheets, service descriptions, service level objectives, total cost of ownership etc.)
- Defines and maintains the STS Cloud Security service and products strategy based on the evaluation of internal and external threat trends, business needs, regulatory and corporate drivers.
- Plans and manages the financing of the STS Cloud Security service (RtB, Continuous Improvement budget, CtB) within the applicable financial framework.
- Manage and coordinate the effective delivery of high quality, cost effective, pragmatic and threat driven Cloud Security Service.
- Work with stakeholders such as Networks, Cyber Defense Center, Security Monitoring & Analytics, CISO, IT Risk, Cloud Governance to ensure the continuous improvement of the bank's Cyber Security capabilities
- Performs thorough assessment and analysis on new and existing changes to cloud security service capability, ensuring fit for purpose solutions and appropriate service components are implemented.
- Act as the thought leader for Cloud Security and ensure the service stays ahead of competitive and industry trends,
- Proactively engage with stakeholders to obtain buy-in for the service and manage the escalations and expectations accordingly.
- Act as the SME during regulatory engagements when discussing Cloud Security topics.
- Manage a team of 15+ FTE's.
- Ownership of budget 5M - 20M
- Industry certifications will be a plus e.g. CISSP, CCNA Security, CCIE, CCNP Security, Azure & AWS professional level certifications, SANS certifications
- 15 years' experience in Cyber security domains with at least 5 years of Cloud Security experience
- Should have had "Hands On" experience in architecting/implementing Cloud Security in at least one major Cloud Service provider environment
- Experience with assessment, development and implementation of a broad set of security technologies and processes in areas of Access and Identity management Cryptography and network security in SaaS, IaaS, PaaS environments.
- Working knowledge of common and industry standard cloud-native/cloud-friendly authentication and authorization mechanisms (SAML, OAuth, OpenID, etc).
- Strong understanding of compliance (PCI-DSS, GDPR and data localization) requirements
- Should have Experience with automation & orchestration around security
- Highly entrepreneurial with a high level of energy, dedication and an unrelenting drive to deliver value.
- Strong sense of personal ownership and responsibility in accomplishing the organisation's goal. Is confident and will roll-up his/her sleeves to drive success
- Able to get things done in a quick-paced environment. Be transparent and open around what doesn't work and what does
- Strong understanding of the cyber-attack vectors and able to articulate the cyber kill chain and relevant controls to protect and detect events.
- Excellent organizational and leadership skills (successfully lead and managed end-to-end technology services and or technology operations) with ability to manage multiple deadlines and effectively prioritise
- Experience of developing a people strategy, influencing relevant stakeholders and decision makers, and executing decisions efficiently and consistently
- Ability to lead and control programme and/or project management in the context of a significant amount of change
- Excellent communication skills - oral, written and presentation; technical reporting writing across various types of target audiences.
- Experience engaging directly with regulators desirable
Apply now to join the Bank for those with big career ambitions.
To view information on our benefits including our flexible working please visit our career pages . We welcome conversations on flexible working.