• Negotiable
  • Singapore
  • Permanent, Full time
  • Standard Chartered Bank Singapore
  • 28 Feb 18

Principal Cyber Security Consultant

  • Location: Singapore
  • Salary: Negotiable
  • Job Type: Full time

Technology Information Security (TIS) is a critical function within Standard Chartered Bank operating under the overall purview of "Technology Services" . The TIS team is made up of cyber security thought leaders, who are accountable for the provision of a global set of cyber security services and products in order to maintain and continuously improve Bank's cyber security posture in today's ever evolving cyber security landscape.

  • Provide deep consulting expertise on complex projects, delivering workable and risk/threat-driven solutions;
  • Conduct various threat modelling techniques at an application, system and enterprise level;
  • Create and harvest reusable Security Patterns through projects and larger Security team;
  • Provide thought leadership on emerging technologies and how they can be secured;
  • Work in an Agile environment to drive continuous improvement (efficiency and effectiveness) of Security in the System Delivery Framework (SDF);
  • Maintain and grow a centralised knowledge repository of Security Requirements, Patterns, Threat Models and Capabilities;
  • Grow a community/'Guild' (i.e. extended) team of Secure by Design Champions across CIO delivery teams.

  • CIOs, Delivery Heads and Teams;
  • ITO, Governance & Change - Risk & Control, Technology Governance & Assurance
  • SC Ventures/eXellerator;
  • Business Information Security Officers - Business and Functions;
  • Security Technology Service Heads and Management Team.

  • Proven experience identifying solutions for complex problems in enterprise environments.
  • Proven ability to do research and documentation on emerging trends and how they impact the Group and assigned strategies
  • Strong technical knowledge and confidence in communicating with highly technical audiences.
  • Highly meticulous and detail oriented.
  • Excellent analytical and problem solving skills.
  • Proven experience and desire to operate as a self-starter and be comfortable working in an ambiguous, yet fast-paced, environment.
  • Superb speaking, writing and influencing skills are required as the opportunity often presents or interacts verbally or in written form to ITO, CISO/CIS, and business leadership.
  • Proven ability to identify and develop clear and understandable security capabilities and strategic views from high-level business objectives and technology constraints.
  • A developing knowledge of information security principles, frameworks and best practices and how those principles support the Group's Information & Cyber Security Strategy and Vision.
  • Proven ability to pull a diverse group of individuals with different goals together to facilitate, moderate, and influence productive discussions driving towards results
  • Strong business acumen to quickly learn new business processes and understand how information security can support the business in achieving revenue and profit goals
  • Superior communication and collaboration skills, ability to explain complex concepts in plain language and graphics.
  • Proven ability to map and understand complex relationships and interactions between Enterprise Architecture, business direction, emerging trends, emerging technologies, and legacy systems
  • Demonstrated relevant security expertise in designing security solutions for a mix of technology areas, with a focus on application, network and cloud security.
  • Demonstrated ability to develop expertise on the job and supporting security programs in a mix of technology areas including:
    • Open Banking/PSD2, APIs
    • Big Data Platform/Security Components (Hortonworks/Apache)
    • Cloud Service, Provider, and Platform Security (SaaS, FaaS, PaaS & IaaS)
    • Advanced Identity & Access Management
    • Application Security (Secure SDLC, DevSecOps, and Automation)
    • Next Generation Network Security (Software Defined Perimeter, Zero Trust/BeyondCorp, SDWAN)
    • End User Technology, Productivity & Collaboration Security
  • Bachelor's degree in Computer Science or related field, or equivalent work experience
  • Minimum 10 years' experience in information security or information technology disciplines
  • At least 5 years of Information Security architecture and / or strategy

* CISSP / GSEC / SABSA / TOGAF certifications highly beneficial
Singapore Singapore Singapore SG