Information Cybersecurity Senior Risk Manager (Third Party Assurance)
Standard Chartered
Warsaw, Poland
3 d. temu

About Standard Chartered

We are a leading international bank focused on helping people and companies prosper across Asia, Africa and the Middle East.

To us, good performance is about much more than turning a profit. It's about showing how you embody our valued behaviours - do the right thing, better together and never settle - as well as our brand promise, Here for good.

We're committed to promoting equality in the workplace and creating an inclusive and flexible culture - one where everyone can realise their full potential and make a positive contribution to our organisation.

This in turn helps us to provide better support to our broad client base. The Role Responsibilities

Strategy

  • The main responsibilities will be to support the Regional Head, Third Party Security Risk in delivering the third party security risk program within the Bank.
  • Business

  • Effectively perform third party security reviews and ensure quality and timely execution (remote assessments and onsite assessments)
  • Interact with all levels of management within the Bank while performing third party security reviews of service providers across Europe, Americas and Africa
  • Effectively communicate the Information and Cyber Security (ICS) risks to internal and external stakeholders.
  • Effectively communicate and manage relationships with stakeholders globally.
  • Processes

  • Diligently provide weekly and ad hoc reporting on status of reviews.
  • Make timely and sound judgments, and identify clear solutions from broad, complex or ambiguous situations to improve vendor’s Information Security control framework
  • Support any training and awareness initiatives relating to third party security risk.
  • Support and assist in third party program improvement initiatives
  • Assist in the development of new / amended processes, innovative ways of working and reviewing risk and control assessments.
  • Assist in the forward planning and prioritisation of vendor assessments or requests from business stakeholders, and resource allocations
  • Risk Management

  • Maintain a register of third party security risks and ensure that deficiencies are mitigated.
  • Support the Global Head of TPSR to ensure compliance with relevant regulations covering third party security risk.
  • Monitor and report on third party security risk compliance to stakeholders.
  • Remain current on industry trends and regulatory requirements related to third party information security.
  • Governance

  • Diligently provide weekly and ad hoc reporting on status of reviews
  • Regulatory & Business Conduct

  • Display exemplary conduct and live by the Group’s Values and Code of Conduct.
  • Take personal responsibility for embedding the highest standards of ethics, including regulatory and business conduct, across Standard Chartered Bank.
  • This includes understanding and ensuring compliance with, in letter and spirit, all applicable laws, regulations, guidelines and the Group Code of Conduct.

  • Follow the Leadership of Global Head of TPSR to achieve the outcomes set out in the Bank’s Conduct Principles : Fair Outcomes for Clients;
  • Effective Operation of Financial Markets, Financial Crime Prevention; Creating the Right Environment.

  • Effectively and collaboratively identify, escalate, mitigate and resolve risk, conduct and compliance matters.
  • Key Stakeholders

  • Global Head TPSR
  • Group Supply Chain Management / Global Sourcing
  • Business Unit stakeholders
  • Group Compliance
  • Group Legal
  • Head of ICS Policy
  • Information and Cyber Security Risk Officers
  • Other Responsibilities

  • Embed Here for Good and Group’s brand and values in the TPSR Team
  • Perform other responsibilities assigned under Group, Country, Business or Functional policies and procedures.
  • Establish strong relationships with identified stakeholders across the regions and countries and understand their strategic goals, to ensure ICS alignment.
  • Ensure that Process Owners are escalating risk, control, and process deficiencies appropriately in accordance with the relevant risk frameworks.
  • Our Ideal Candidate

  • Bachelor degree or above from an accredited college / university in an appropriate field.
  • Strong communication skills in English
  • Ideally 5 years of experience in information security / IT auditing, with Big 4 and / or Banking & Financial services experience
  • Experience in third party audits is a plus, but understanding of auditing standards, compliance, risk assessment and internal control frameworks is a requirement.
  • Relevant certificates (e.g. CISSP, CISA, CRISC, CIA) is a plus
  • Excellent written and interpersonal skills.
  • Strong time management skills.
  • Ability to draft reports that clearly communicate observations and risks would be required.
  • Strong stakeholder engagement skills, and ability to interact at all levels across an organisation.
  • Strong audit project organisation and management skills.
  • Ability to multitask and ensure that all key priorities are delivered as per agreed timelines.
  • Knowledge of security frameworks (e.g. COBIT, ISF, COSO), standards (e.g. ISO, NIST, CIS), information security principles, security architecture and regulatory requirements will be a plus.
  • Competency with Microsoft Office Suite (Word, PowerPoint, Excel, Visio, SharePoint).
  • Aplikuj
    Mój adres email
    Klikając przycisk "Kontynuuj", wyrażam zgodę neuvoo na przetwarzanie moich danych i wysyłanie powiadomień e-mailem, zgodnie z zasadami przedstawionymi przez neuvoo. W każdej chwili mogę wycofać moją zgodę lub zrezygnować z subskrypcji.
    Kontynuuj
    Formularz wniosku