About Standard Chartered
We are a leading international bank focused on helping people and companies prosper across Asia, Africa and the Middle East.
To us, good performance is about much more than turning a profit. It's about showing how you embody our valued behaviours - do the right thing, better together and never settle - as well as our brand promise, Here for good.
We're committed to promoting equality in the workplace and creating an inclusive and flexible culture - one where everyone can realise their full potential and make a positive contribution to our organisation.
This in turn helps us to provide better support to our broad client base.
THE ROLE RESPONSIBILITIES
The role resides within the second line of defence (risk). And seeks to :
Answer the question Could we be the next victim of cyber threats?
Define what good looks like What capabilities and properties do we need to sustain cyber resilience.
This will require an individual who can work across the lines of defence and bring thought leadership in the area of cyber resilience architecture and strategy :
Understand current cyber threats and the technical aspects of the attacks used
Assess the totality of current capabilities and architecture in resisting and recovering from such attacks
Lead the definition of target cyber resilience requirements, principles and architectural capabilities.
Define the required milestones and timelines for progress towards the target.
In addition, own the architecture and tooling strategy to support robust cyber risk oversight and challenge.
OUR IDEAL CANDIDATE
As a second line of defence role, the candidate will need to collaborate and influence colleagues and architects across 1st line of defence including CISO, COO and CIO. The candidate will need to
Have significant leadership experience within cyber security and enterprise security architecture to be credible and trusted by architects and engineers within the 1st line of defence.
Lead through influence and collaboration supporting constructive input and challenge.
Focus on pragmatic and applied architecture, aligned to risk and threat, not purest architectural ideals.
Be comfortable working at the enterprise security architecture level with the ability to both communicate to non-technical colleagues and drill into technical detail where required.
Not be constrained by boundaries of scope or coverage but focused on the outcome across the full scope of assets and attack surface.
Ideally certified (SABSA or TOGAF)