About Standard Chartered We are a leading international bank focused on helping people and companies prosper across Asia, Africa and the Middle East.
To us, good performance is about much more than turning a profit. It's about showing how you embody our valued behaviours - do the right thing, better together and never settle - as well as our brand promise, Here for good.
We're committed to promoting equality in the workplace and creating an inclusive and flexible culture - one where everyone can realise their full potential and make a positive contribution to our organisation. This in turn helps us to provide better support to our broad client base.
As one of the biggest banks in market, we are rapidly expanding by growing a new virtual banking business in Hong Kong. We see ourselves as a fast-growing start-up company where you will enjoy autonomy and teamwork at the same time, solving new and exciting problems in a nimble and agile way. Join us and be part of history making for future banking experience!
The Role Purpose Directly reporting to the Chief Information Security Officer for the new virtual bank, this role is accountable for ensuring and strengthening the bank's control for information & cyber security risk. The successful candidate will manage the second line control environment to protect the Bank from information & cyber security risks. Keeping abreast of market trends and regulatory requirements, the successful candidate will be the agent to continuously manage and improve the information & cyber security risk framework for the bank.
The Role Responsibilities
Direct the design of the Bank's second line of defence in managing information & cyber security risk, encompassing the areas of strategy, governance, business engagement, policy, risk assessment, and awareness.
Understand regulatory requirements for information & cyber security and define control requirements to mitigate relevant risks.
Act as primary coordinator during significant information security events. Work with 1st Line Cybersecurity to oversee incident investigations and ensure security risks are identified and managed.
Support CISO in coordinating firm-wide cyber security programme such as business continuity programme, disaster recovery operations, impact analysis and training programme for different business streams.
Support CISO in representing the Bank on internal and external information & cyber security committees.
Establish & review assessment processes for: 1) new products and services; and 2) the continuous monitoring of existing platforms and infrastructure.
Over 10 years' aggregate industry experience in information & cyber security risk mandatory
Experience of ICS regulation (preferably HKMA) mandatory
Educational background in computer science, information security, or engineering.
Familiarity with information and cyber security regulatory requirements and the three lines of defence risk model
Experience in the following areas important: information security, cyber security, and technology risk management
Experience in the following areas desirable: network and application security, data loss prevention, identity and access management, vulnerability management, business continuity programme and disaster recovery operation.
Experience in Cloud Security Governance and related risk (Desirable).
Proficiency in MacOS environment (Desirable)
Influencing skills and ability to manage relationships with senior management
Qualifications or certifications in ICS areas important: CISM, CRISC, CISA, CISSP, CGEIT.
Apply now to join the Bank for those with big career ambitions.
Relocation expenses are negotiable.
Internal Number: 5910823
About Standard Chartered Bank
eFinancialCareers is a career site specializing in financial services.