Head, UORM, STS

Job Description

Role Responsibilities Strategy
• Define and deliver the end-to-end technology risk management strategy, book of work and agenda for Security Technology Services
• Accountable for ensuring that control requirements are clearly understood and embedded in all relevant aspects of technology delivery for Security Technology Services
• Lead the identification of risk within Security Technology Services and ensure that appropriate programs of work are developed to manage it within Group appetite
• Ownership of successful end-to-end delivery of all risk and control activities within Security Technology Services
• Accountable for build out of strong technology risk management teams in Security Technology Services to ensure continued delivery of technology risk outcomes
Business
• Work with partners across CISRO, CISO, GOR and T&I to ensure technology risk management practice is understood and consistently implemented in Security Technology Services
• Partner with CISRO, CISO, T&I G&C and GOR to ensure that technology risk management continues to evolve as a practice in the Bank
Processes
• Accountable for ensuring controls are appropriately embedded in the TPU through oversight of the control standards and design function for processes owned by Security Technology Services
• Lead adoption of best practices, technology standards and methodologies
• Accountable for ensuring that processes operated by Security Technology Services are compliant with relevant policies and standards and documented appropriately
People and Talent
• Attract, employ and retain high quality people such that teams are skilled and experienced to build a competent and fit for purpose risk management organisation, and promote team diversity across technical capability, background, gender and race.
• Lead through example and build the appropriate culture and values. Set appropriate tone and expectations for their team and work in collaboration with risk and control partners.
• Ensure the provision of ongoing training and development of people and ensure that holders of all critical functions are suitably skilled and qualified for their roles.
• Ensure succession planning is in place for critical roles.
• Set job descriptions and objectives for direct reports and provide feedback and rewards in line with their performance against those responsibilities and objectives.
Risk Management
• Proactive in seeking regular assurance that the areas of responsibility and teams are performing to an acceptable risk and control standard within the Group s risk appetite.
• Act quickly and decisively when any risk and control weakness become apparent and ensure they are addressed within an appropriate timeframe and escalated through the relevant committees.
• Include all necessary internal, legal and regulatory controls through participation in the development of ICS, IT and other Policies and Standards
• Balance business performance delivery and cost management constraints with risk and control matters to ensure that they do not materially threaten the Group s ability to remain within risk appetite.
• Ensure a full understanding of the risk and control environment in area of responsibility.
Governance
• Responsible for assessing the effectiveness of the Group s arrangements to deliver effective governance, oversight and controls in the business and, if necessary, oversee changes in these areas
• Awareness and understanding of the regulatory framework, in which the Group operates, and the regulatory requirements and expectations relevant to the role.
• Responsible for delivering effective governance ; capability to challenge fellow executives effectively; and Willingness to work with any local regulators in an open and cooperative manner.
Regulatory & Business Conduct
• Display exemplary conduct and live by the Group s Values and Code of Conduct.
• Take personal responsibility for embedding the highest standards of ethics, including regulatory and business conduct, across Standard Chartered Bank. This includes understanding and ensuring compliance with, in letter and spirit, all applicable laws, regulations, guidelines and the Group Code of Conduct.
• Lead the STS ORMs to achieve the outcomes set out in the Bank s Conduct Principles
• Effectively and collaboratively identify, escalate, mitigate and resolve risk, conduct and compliance matters.
• Exercise authorities delegated by the Board of Directors and act in accordance with Articles of Association
Key Stakeholders
• Global Head, Security Technology Services
• Global Head, Risk and Control, Technology
• Global Head, Risk and Control, Enterprise Technology
• Global Head, Cyber Security Services
• Group CISO
• Service Domain Heads within Security Technology Services
• CISRO Policy and Standards, ISROs and Assurance
• CISO stakeholders and TDR Risk and Control
• Group Internal Audit
• Heads of ICS
• CIO PSS, R&C and Application Teams
Our Ideal Candidate The successful candidate should have at least 15 years of experience in senior / leading positions in Technology Risk, Information Security Risk and / or Technology Audit.Competencies required for the position include:
• Excellent organizational and leadership skills (successfully lead and managed risk & control functions) with ability to manage multiple deadlines and effectively prioritise
• Experience of developing a people strategy, influencing relevant stakeholders and decision makers, and executing decisions efficiently and consistently
• Strong sense of personal ownership and responsibility in accomplishing the organisation s goal. Is confident and will roll-up his/her sleeves to drive success
• Able to get things done in a quick-paced environment. Be transparent and open around what doesn t work and what does
• Strong interpersonal skills at all levels of the organization, including negotiation, influence and strong oral and written communication skills
• Knowledge of relevant Technology and Business Regulations and experience engaging directly with regulators
• Excellent communication and briefing skills at senior executive and board level oral, written and presentation; technical reporting writing across various types of target audiences.
• Highly entrepreneurial with a high level of energy, dedication, and an unrelenting drive to deliver value.
• Hands on experience with Control Design and Implementation & Testing
• Relevant industry certifications desirable (e.g. CISSP, CISA, CRISC etc.)
• Understanding of the cyber threat landscape and mitigating controls/approaches would be desirable.
• Experience engaging directly with regulators
Visit our careers website www.sc.com/careers ,

Keyskills :
board of directorskeeping things simpleboard levelhuman skillsmusic makingsecurity risklife insurancecyber securitycontrol design