• Manager , Information & Cyber Security , Country Technology Management Jobs in Hong Kong - 23778288

  • Standard Chartered Bank Ltd
  • Hong Kong
  • Save Job
  • 8 - 11 Years
  • Posted : above 1 month

Job Description:

Manager, Information & Cyber Security, Country Technology Management - ( 1900015874 )

Job Technology

Primary Location Greater China and North Asia-Hong Kong-Hong Kong

Schedule Full-time

Employee Status Permanent

Posting Date 07/Aug/2019
Unposting Date Ongoing

About Standard Chartered

We are a leading international bank focused on helping people and companies prosper across Asia, Africa and the Middle East

To us, good performance is about much more than turning a profit Its about showing how you embody our valued behaviours - do the right thing, better together and never settle - as well as our brand promise, Here for good

Were committed to promoting equality in the workplace and creating an inclusive and flexible culture - one where everyone can realise their full potential and make a positive contribution to our organisation This in turn helps us to provide better support to our broad client base

The Role Responsibilities

As the 1st line of Information & Cyber Security (ICS) management function within CTM, the responsibilities will include

ICS Risk Governance, Assessment and Mitigation

BAU management of ICS governance, assessment, and mitigation processes as the First Line of Defense
Assess technology and ICS risks and ensure adequate controls and procedures are in place in the First Line of Defense and in compliance with of Group Technology Risk and IT Security policies, guidelines and standards
Support strategic alignment with Office of the CISO (CISO) and Security Technology Services (STS)
Establish, implement and monitor ICS initiatives in accordance with SCB ICS policies and procedures as well as regulatory supervisory policies, such as TM-E-1, TM-G-1, and regulatory framework such as C-RAF
Drive and manage ICS risk mitigation initiatives, including facilitating Risk Control Self-Assessments and KRI
Prepare updates and risk acceptance documentation for relevant governance forums
Lead forums to address risk, service and quality initiatives and improvements

Regulatory Reporting

Conduct regular review of the Regulatory Reporting requirements and ensure timely preparation and submission of the reports to regulators related to ICS perspective
Communicate with business units in relation to new or revised regulatory or internal guidelines and to ensure staff awareness on ICS control and compliance areas
Facilitate ICS regulatory review with Group and In-Country stakeholders and regulators
Manage follow-ups with Group and In-Country stakeholders to ensure ICS queries are resolved and actions taken Stakeholders include Group Technology Heads and senior management in Compliance, Chief Information Security Officer, Security Technology Services, Operational Risk and ITO Risk & Control Heads in country

Continuous improvement to enhance ICS risk controls and operational efficiency

Monitor and track remediation of specific gaps identified
Proactively assess and review the Banks IT infrastructure and application to ensure that the confidentiality, availability, and integrity issues are addressed properly
Identify thematic issues by gathering and evaluating ICS data from multiple sources including testing, risk indicators, incidents, losses, audit findings, etc
Agree, verify and track ICS remediation plans with the responsible parties
Support the implementation of ongoing ICS training programmes in collaboration with Compliance, Operational Risk and other 2nd line stakeholders
Develop and maintain ICS dashboard to keep track of ICS KPI and identify trends and thematic root cause of ICS incidents

ICS Solution Evaluation from Technology Risk Perspective

Build key relationships with the various IT departments and technology teams Work in partnership in identifying and developing solutions to address key technology risk areas for ICS
Provide consultancy to business units in terms of the ICS risk control, control monitoring and compliance assurance procedures

Outsourcing & Vendor Management

Engage outsourcing vendors related the assessment, assurance and mitigation of ICS risk, such as iCAST
Set up ICS related KPI and SLA and ensure the good quality of the deliverables by outsourcing vendors

The Role Requirements

Technical literacy and knowledge

University degree holder, preferably in IT or Computer Science major Master or other advanced professional degree preferred
At least 8 years of working experience with 5 years within the Cyber or Information Security space either within a Bank or consulting firms, preferably with information security solutions implementation experience
Experience in conducting vulnerability assessments and penetration testing (application and/or infrastructure) and articulating security issues to technical and non-technical audience
Good experience in ICS governance, assessment, assurance, operations control, security management and/or audit in banks or financial institutions and related ISO standard (ISO 27001)
Good experience in Security Incident Response and handling of the threats in all aspects of ICS domains
In-deep knowledge in the following topics
Network protocols and network connectivity concepts, firewall, IDS, DMZ and Internet technologies
Virtualization, infrastructure & network architecture, data centre architecture, ICS architecture
Application security, secure access control mechanisms, encryption, key management techniques
Technical proficiency in
Unix / Linux, Windows O/S, Mainframe, relational Database Systems, Endpoint security, Security tools
Development of Python or shell script
Professional Certification preferred CRISC, CGEIT, CISSP, OSCP, CREST

Communication and influencing skills

Capable of engaging key stakeholders and building alliances through active conversations including peer or more senior stakeholders who have no direct reporting relationships
Welcomes different opinions and treats every complaint as an opportunity for improvement
Good interpersonal relationship with business and support partners
Strong analytical sense, ability to adapt and drive changes and take ownership of the initiatives
Flexible, innovative and self-motivated with continuous drive for quality

People and change management

At least 5 years experience of directly managing teams of managerial and/or operational staff
Knowledge of ICS management tools, processes, best practices inclusive of the ability to effectively use these in the context of a complex programme
Demonstrable understanding of resource management, and the ability to create and implement a ICS risk management framework for a solutions programme
Possesses an approachable style, with a proven ability to manage and motivate staff
Demonstrable understanding and experience in solution provision, skills identification and development team leadership

Profile Summary:

Employment Type : Full Time
Eligibility : Any Graduate
Industry : Banking
Functional Area : IT Software : Software Products & Services
Role : System Security
Salary : As per Industry Standards
Deadline : 07th Apr 2020

Key Skills:

All rights reserved © 2018 Wisdom IT Services India Pvt. Ltd DMCA.com Protection Status