Senior Manager Cloud Security

Job Description

• Security Technology Services (STS) is a critical function within Standard Chartered Bank operating under the overall purview of Technology Services .
• The STS team is made up of cyber security thought leaders, who are accountable for the provision of a global set of cyber security services and products to maintain and continuously improve Bank s cyber security posture in today s ever evolving cyber security landscape.

Business

• The STS team protect the Bank from cyber security threats by delivering effective information security technology services, managing, and responding to security incidents to ensure, and support the continuity and growth of Bank s business operations; and meet the both internal and external stakeholders expectations across 70+ countries and territories, in which SCB operates.
• Security Production Support within STS, is a transversal service with a primary objective to provide Production Support Services (PSS) for all STS owned products and services. The PSS function requires an experienced leader to setup a production support team, Run and Govern the minimum production support controls defined by the bank across all security products and services. This includes managing all day-to-day producton support operations covering event, incident, problem, release and change activities. In addition to business-as-usual activities, the role is also expected to drive support improvement initiatives for all the security service domains

Regulatory & Business Conduct

• Display exemplary conduct and live by the Group s Values and Code of Conduct.
• Take personal responsibility for embedding the highest standards of ethics, including regulatory and business conduct, across Standard Chartered Bank. This includes understanding and ensuring compliance with, in letter and spirit, all applicable laws, regulations, guidelines and the Group Code of Conduct.
• Lead to achieve the outcomes set out in the Bank s Conduct Principles: [Fair Outcomes for Clients; Effective Financial Markets; Financial Crime Compliance; The Right Environment.] *
• Effectively and collaboratively identify, escalate, mitigate and resolve risk, conduct and compliance matters.

Key Stakeholders

• Services Domain Heads within Security Technology Services and Cybersecurity Services
• Other relevant functions with Technology Services including Infrastructure Services (AIVM, database, network, servers), In-Country Technology teams and End user services

Other Responsibilities

• Cloud (AWS, Azure, GCP) Security expert with extensive knowledge of SaaS security and resilience. Ability to work with application engineering hives as squad to enhance SaaS resilience and security.
• Must be well versed in CCSK, CCSP publications and security standards.
• CCSK/CCSP certification is a plus
• Extensive knowledge in policy / procedure/ pattern / process development, process design, optimization, and enhancing process efficiency / value outcome.
• Drive SDF/TDA controls adherence, record exceptions, exception consolidation, enhancement of process, feed into Central governance teams
• Manage capacity related actionable
• Drive Cloud initiatives - Cloud security (Vulnerability Management and remediation), Cloud resilience, support Cloud Migration projects, deliver standards and patterns Is aware of SRE concepts
• Is aware of cloud technologies, operations, vulnerability remediation in multi-cloud environment
• Operate in fast-paced, SRE driven teams
• Role doesn t demand 24x7 availability or rotational shifts, however, role requires ability to drive remediation of critical vulnerabilities in non-stop manner until closure. This may require alignment with various 24x7 teams and during/after-hours engagement. Be a subject expert within security production support by providing solutions to complex problem statements

Our Ideal Candidate

• Minimum 8 to 12 years experience in Data Protection services
• Able to get things done in a quick-paced environment. Be transparent and open around what doesn t work and what does
• Hands-on knowledge of Java, Python, scripting and related tools (bitbucket, antifactory, etc.) with ability to automate manual tasks and reports is a plus
• Must be able to operate with senior management and extract, process and present data accordingly.
• Excellent working knowledge of software application: Outlook (advance), Word (advance), PowerPoint (advance), Excel (advance)
• Extensive experience in Cloud security engineering and resilience. cloud migration, development of patterns and policies/procedures to enhance cloud security and resilience.
• Good understanding of resilience pillars. Ability to drive resilience initiatives with respect to on-Prem and cloud applications and infrastructure.
• Should have knowledge of SRE practices
• Strong hands on knowledge in managing vulnerabilities and driving remediation of
• Various off-shelf and in-house developed applications
• Infra Physical assets, Virtual assets, etc.
• Cloud applications and AMIs
• Has excellent knowledge of cloud environment and cloud security
• Excellent communication skills oral, written and presentation; technical reporting writing across various types of target audiences.
• Having adequate knowledge in Information security basics and hands on Encryption tools.
• Having demonstrated ability in managing any of the Certificate Authority Services and its related systems/tools is an added advantage
• Diploma or bachelor s degree in engineering, Computer Science/Information Technology or its equivalent

,

Keyskills :
financesalesltdmisaccountancyprocess designcyber securitycloud securitysupport servicessenior managementsecurity servicesfinancial marketsproduction supportprocess efficiencycloud applications