- Permanent, Full time
- Standard Chartered Bank Singapore
- 28 Feb 18
Principal Cyber Security Consultant
- Location: Singapore
- Salary: Negotiable
- Job Type: Full time
Technology Information Security (TIS) is a critical function within Standard Chartered Bank operating under the overall purview of "Technology Services" . The TIS team is made up of cyber security thought leaders, who are accountable for the provision of a global set of cyber security services and products in order to maintain and continuously improve Bank's cyber security posture in today's ever evolving cyber security landscape.RESPONSIBILITIES
- Provide deep consulting expertise on complex projects, delivering workable and risk/threat-driven solutions;
- Conduct various threat modelling techniques at an application, system and enterprise level;
- Create and harvest reusable Security Patterns through projects and larger Security team;
- Provide thought leadership on emerging technologies and how they can be secured;
- Work in an Agile environment to drive continuous improvement (efficiency and effectiveness) of Security in the System Delivery Framework (SDF);
- Maintain and grow a centralised knowledge repository of Security Requirements, Patterns, Threat Models and Capabilities;
- Grow a community/'Guild' (i.e. extended) team of Secure by Design Champions across CIO delivery teams.
- CIOs, Delivery Heads and Teams;
- ITO, Governance & Change - Risk & Control, Technology Governance & Assurance
- SC Ventures/eXellerator;
- Business Information Security Officers - Business and Functions;
- Security Technology Service Heads and Management Team.
COMPETENCIES (KNOWLEDGE & SKILLS)
- Proven experience identifying solutions for complex problems in enterprise environments.
- Proven ability to do research and documentation on emerging trends and how they impact the Group and assigned strategies
- Strong technical knowledge and confidence in communicating with highly technical audiences.
- Highly meticulous and detail oriented.
- Excellent analytical and problem solving skills.
- Proven experience and desire to operate as a self-starter and be comfortable working in an ambiguous, yet fast-paced, environment.
- Superb speaking, writing and influencing skills are required as the opportunity often presents or interacts verbally or in written form to ITO, CISO/CIS, and business leadership.
- Proven ability to identify and develop clear and understandable security capabilities and strategic views from high-level business objectives and technology constraints.
- A developing knowledge of information security principles, frameworks and best practices and how those principles support the Group's Information & Cyber Security Strategy and Vision.
- Proven ability to pull a diverse group of individuals with different goals together to facilitate, moderate, and influence productive discussions driving towards results
- Strong business acumen to quickly learn new business processes and understand how information security can support the business in achieving revenue and profit goals
- Superior communication and collaboration skills, ability to explain complex concepts in plain language and graphics.
- Proven ability to map and understand complex relationships and interactions between Enterprise Architecture, business direction, emerging trends, emerging technologies, and legacy systems
- Demonstrated relevant security expertise in designing security solutions for a mix of technology areas, with a focus on application, network and cloud security.
- Demonstrated ability to develop expertise on the job and supporting security programs in a mix of technology areas including:
- Open Banking/PSD2, APIs
- Big Data Platform/Security Components (Hortonworks/Apache)
- Cloud Service, Provider, and Platform Security (SaaS, FaaS, PaaS & IaaS)
- Advanced Identity & Access Management
- Application Security (Secure SDLC, DevSecOps, and Automation)
- Next Generation Network Security (Software Defined Perimeter, Zero Trust/BeyondCorp, SDWAN)
- End User Technology, Productivity & Collaboration Security
- Bachelor's degree in Computer Science or related field, or equivalent work experience
- Minimum 10 years' experience in information security or information technology disciplines
- At least 5 years of Information Security architecture and / or strategy
* CISSP / GSEC / SABSA / TOGAF certifications highly beneficial