Lead, Cloud Security Application Onboarding

Job Description

The STS team protect the Bank from cyber security threats by delivering effective information security technology services, managing and responding to security incidents to ensure, and support the continuity and growth of Bank s business operations; and meet the both internal and external stakeholders expectations across 70+ countries and territories, in which SCB operates.The importance of our mission has strengthened over time and is a principle concern for shareholders, clients, regulators and the communities we operate in. Our Banks success depends on the Security Technology Services to maintain the correct balance of security capabilities and risk management across the all businesses and functions across our global footprint.As part of the Security Transformation within SCB, the Lead, Cloud App onboarding will be an interface between technology teams, support teams, and business partners to identify and define solutions to maximize the value delivered by an organization to its stakeholders. This role is to work across all levels of an organization and participate in defining the goals and requirements for programs and projects or supporting continuous improvement in its technology and processes. Business

• 8+ years of work experience with a minimum of three years architecting security controls for public/hybrid clouds and applications.
• Experience with Security assessment, security design, implementation, and operation of a broad set of security technology and processes, such as data security, cryptography, identity and access management, application security, public/private cloud and container environments.
• Working knowledge of common industry standard for security controls and protocol e.g. SAML, OAuth, PKCS, OWASP etc.
• Experience with enterprise application technology stacks such as web applications, APIs, microservices, mobile applications and modern frameworks.
• Experience performing threat modelling and design reviews to assess security implications and requirements for introduction of new technologies.
• Strong interpersonal and communication skills. Experience in presenting technical viewpoints to diverse audiences and in making timely and prudent technical risk decisions. Good technical writing skills.
• Experience with enterprise architecture governance and has worked as part of a cross-functional team to implement solutions.
• Industry certifications will be a plus e.g. TOGAF, SABSA, CISSP, Azure & AWS related certifications, or SANS certifications.
• High level of integrity takes accountability of work and good attitude over teamwork.
• Takes initiative to improve current state of things and adaptable to embrace new changes.
• Design and develop security architecture for cloud computing systems and applications. The security architecture should enable agile business service delivery with appropriate security controls to maintain a defensible and resilient architecture, and in compliance to technology regulations.
• Represent the Group IT Security team in development and implementation of Enterprise Architecture. Act as the senior technical representative for IT Security and engage with other technology leads to design and implement security architecture and solutions for cloud and applications.
• Drive initiatives to share knowledge and industry better practices across Security and Technology teams and provide timely updates on developments in security technology space that can mitigate risk of new threats.
• Evaluate Security solutions that can refresh and strengthen the security posture of the enterprise and maintain oversight on the standardization and implementation of security solutions across all entities.
• Takes accountability in considering business and regulatory compliance risks and takes appropriate steps to mitigate the risks.
• Maintains awareness of industry trends on regulatory compliance, emerging threats and technologies in order to understand the risk and better safeguard the company.
• Highlights any potential concerns /risks and proactively shares best risk management practices.
• Experience with ForgeRock will be a big plus.

Regulatory & Business Conduct

• Display exemplary conduct and live by the Group s Values and Code of Conduct.
• Take personal responsibility for embedding the highest standards of ethics, including regulatory and business conduct, across Standard Chartered Bank. This includes understanding and ensuring compliance with, in letter and spirit, all applicable laws, regulations, guidelines and the Group Code of Conduct.
• Lead the [country / business unit / function/ [team] to achieve the outcomes set out in the Bank s Conduct Principles: [Fair Outcomes for Clients; Effective Financial Markets; Financial Crime Compliance; The Right Environment.] *
• Effectively and collaboratively identify, escalate, mitigate and resolve risk, conduct and compliance matters.

Key Stakeholders

• Security Technology Service Security Transformation Programmes
• Business CIO domains
• HICS - COO domains

Our Ideal Candidate

• Self-starter, ability to work independently without direct supervision.
• Working knowledge of MS-Office, MS excel, MS Powerpoint.
• Excellent analytical, problem-solving, negotiation and organizational skills.
• Demonstrable ability to engage with business teams across technology teams and provide remotely located management with confidence that priorities are well attended to
• Degree in Computer Science or related field.

Apply now to join the Bank for those with big career ambitions. To view information on our benefits including our flexible working please visit our career pages . We welcome conversations on flexible working.,

Keyskills :
ms officeit securitymusic makingdata securitycyber securitycloud computingrisk managementproblem solvingcomputer scienceservice deliveryweb applications