Job Description & How to Apply Below
Job Summary
This role could be based in India and Malaysia. When you start the application process you will be presented with a drop down menu showing all countries, Please ensure that you select a country where the role is based.
The Group Chief Information Security Officer (CISO) organisation is instrumental in protecting and ensuring the resilience of Standard Chartered Bank's data and IT systems by managing information and cyber security (ICS) risk across the enterprise. As a critical function reporting into the Group Chief Technology, Operations and Transformation Officer, the Group CISO serves as the first line of defence for assuring ICS controls are implemented effectively and in accordance with the ICS Risk Framework, Policy and Standard, and for instilling a culture of cyber security within the Bank.
The role will work closely with Country CISOs / ISRO / CISRO / ICS / TTO representatives within the bank to ensure the Banks ICS regulatory obligations are met on time.
This includes supporting the PCI DSS, ICS Legal Regulatory Mandatory compliance and ISO assessments for all markets (wherever applicable)
Key Responsibilities
Business
The role will work closely with Country CISOs / ISRO / CISRO / ICS / TTO representatives within the bank to ensure the Banks ICS regulatory obligations are met on time.
Processes
The role will:
The role is responsible to complete regulatory compliance assessments and support all SCB regions in meeting critical and complex ICS regulatory obligations.
Supporting PCI DSS certification/ recertification for various markets and businesses,
The role oversees all ICS regulatory compliance assessment activities (design and operating effectiveness), supports issue remediations and ensures these are performed to quality and submitted to regulators on time.
The role requires technical ICS domain knowledge, SME skills in regulatory compliance assessments / audit / risk & control, and strong senior stakeholder management abilities (RCISO, CISO, ISRO, ICS/Technology/CIO Domains).
Regularly identify and implement opportunities for efficiencies across processes, systems, and infrastructure.
Support the PCI DSS attestation process from a project management perspective.
Track the milestones of the PCI DSS and ISO progress,
Oversee all the regular meetings (i.e., weekly, monthly) to provide update, seek help where needed,
Discuss with QSA, CISOs, 2
LoD OTCR wherever needed,
Escalating wherever there is a potential risk to timelines,
Pro-actively track PCI DSS attestation and ensure communications are sent to all stakeholders well in advance.
Evaluating application / releases for compliance to eSDLC standards
Communicating feedback / improvement areas to stakeholders with ability to document findings in a detailed manner
Stakeholder management, publishing monthly/weekly status reports
Ensure ISMS Activities are performed in country by CISOs as per ISO Standards. Ex:
Circulation of ISMS Policy to country users.
To conduct Preparatory Assessment in respective markets to validate all Clauses and Annex controls in ISO 27001:2022 standards.
Business
Maintain comprehensive and up-to-date documentation of the ISMS, including policies, procedures, and audit records.
Ensure necessary support to CISO during GIA Audit, to stay compliant with the internal process and to assist CISOs in gathering necessary evidence. Based on requirement, need to manage GIA Audit by submitting evidence as an exceptional requirement.
Ensure standby support to CISOs during External Audit. Need to join the External audit call based on requirement from CISO.
People & Talent Management
Working in close collaboration with CISO, PCI & ISO team risk and control partners across all functions to effectively embed a strong culture of risk awareness and good conduct,
Track and sustain a continuous improvement and innovation culture,
Support a culture of diversity and inclusion to bring the best out of our people,
Risk Management
Track the milestones of the PCI and ISO progress,
Work closely with AIC LRM cluster leads to drive an effective risk management culture and compliance mindset,
Mature the Bank's ability to proactively identify and manage cyber threats through quality compliance assessments at a Design and Operating level
Update and Maintain the ISMS Calendar for each market through monthly discussion with respective CISOs'
Governance
Track and follow up for timely and accurate completion of ICS regulatory compliance assessments and ensure all governance metrics are met
Support appropriate oversight and follow-up for resolution of high impact risk and issues
Regulatory & Business Conduct
Display exemplary conduct and live by the Group's Values and Code of Conduct. Including tracking and remediation of conduct issues
Effectively and collaboratively support to identify, escalate, mitigate, and resolve risk, conduct and compliance matters.
Key Stakeholders
VP, RMO
AVP / VP, RMO
Regional and Country - Chief Information Security Officers (CISOs) and delegate
Information…
Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
Search for further Jobs Here:
×