Job ID: 36703
Location: Bukit Jalil KL, MY
Area of interest: Technology
Job type: Regular Employee
Work style: Office Working
Opening date: 11 Aug 2025
Job Summary
The role is to perform risk and control activities for the Cyber Operations domain. This team provides risk management, risk governance and assurance services, as well as advocating and imparting lessons and good practice to shape the design and implementation of cyber security controls.
This role will be based at Chennai / Kuala Lumpur
RESPONSIBILITIES
- Perform all risk and control activities related to all people, processes and assets within the Cyber Operations function.
- Act as the confidant to the ‘Process Owner(s)’ responsible for developing, prioritizing and implementing controls.
- Drive compliance with the Bank’s risk frameworks and policies
- Deliver risk focused, timely and re-performable deep dive reviews
- Support design and maintenance of internal processes that allow to dynamically monitor risk as well as effectively mitigate identified gaps.
- Maintain Cyber Operations controls and corresponding metrics.
- Provide timely and accurate risk & control MI to the management within risk management systems and repositories.
- Support stakeholders in defining remediation actions to address identified control weaknesses as well as track remediation, check and challenge delivery status.
- Support the delivery of the Conduct Risk Management plan.
Strategy
Awareness and understanding of the Group's business strategy as well as Transformation, Technology & Operations (TTO) strategy and model appropriate to the role.
Awareness and understanding of the Group's business strategy as well as Transformation, Technology & Operations (TTO) strategy and model appropriate to the role.
Risk Management
- Support Process owners in the execution of their risk management accountabilities.
- Work with other control assurance teams to drive efficiency, effectiveness and reduce duplication
- Perform review of the control self-assessment outcomes, control testing results and adequacy of the related remediation actions.
- Provide robust challenge and escalation to senior management to ensure activities achieve risk reduction.
- Support activities related to control design, assessment, testing processes and drive continuous improvement.
- Support liaison with Group Internal Audit and any third party or regulatory inspections.
Governance
Awareness and understanding of the regulatory requirements and expectations relevant to the role.
Awareness and understanding of the regulatory requirements and expectations relevant to the role.
Regulatory & Business Conduct
- Display exemplary conduct and live by the Group’s Values and Code of Conduct.
- Take personal responsibility for embedding the highest standards of ethics, including regulatory and business conduct, across Standard Chartered Bank. This includes understanding and ensuring compliance with, in letter and spirit, all applicable laws, regulations, guidelines and the Group Code of Conduct.
- Lead the [not applicable] to achieve the outcomes set out in the Bank’s Conduct Principles: The Right Environment.
- Effectively and collaboratively identify, escalate, mitigate and resolve risk, conduct and compliance matters.
Key stakeholders
- Global Head Cyber Security
- Cyber Security MT and Cyber Security Service Heads
- Operational, Technology and Cyber Risk (OTCR)
- Group Internal Audit
- Internal Control Testing teams
Other Responsibilities
Embed Here for good and Group’s brand and values in CS Risk&Control Team ; Perform other responsibilities assigned under Group, Country, Business or Functional policies and procedures;
Skills and Experience
- Minimum 10+ years of experience in managing risk related the Threat detection and Prevention, Malware Analysis in a banking or Financial Institute environment.
- A very good knowledge and hands on experience in network security, encryption, intrusion detection, and incident response
- Deep understanding of endpoint, server, network and data security technologies and controls.
- Experience in Cybersecurity Risk Management
- Excellent written and oral and presentation and communication skills
- Experience in writing assurance / risk assessment reports is an added advantage
- Good understanding of regulatory compliance, information and cyber security risk and controls
- Ability to collect and analyse data, establish facts and make recommendations in written and oral for
Optional Skills:
- Certified Information System Auditor (CISA)
- Certified Information Systems Security Professional (CISSP)
- Systems Security Certified Practitioner (SSCP)
- Certified Cloud Security Professional (CCSP)
About Standard Chartered
We're an international bank, nimble enough to act, big enough for impact. For more than 170 years, we've worked to make a positive difference for our clients, communities, and each other. We question the status quo, love a challenge and enjoy finding new opportunities to grow and do better than before. If you're looking for a career with purpose and you want to work for a bank making a difference, we want to hear from you. You can count on us to celebrate your unique talents and we can't wait to see the talents you can bring us.
Our purpose, to drive commerce and prosperity through our unique diversity, together with our brand promise, to be here for good are achieved by how we each live our valued behaviours. When you work with us, you'll see how we value difference and advocate inclusion.
Together we:
- Do the right thing and are assertive, challenge one another, and live with integrity, while putting the client at the heart of what we do
- Never settle, continuously striving to improve and innovate, keeping things simple and learning from doing well, and not so well
- Are better together, we can be ourselves, be inclusive, see more good in others, and work collectively to build for the long term
What we offer
In line with our Fair Pay Charter, we offer a competitive salary and benefits to support your mental, physical, financial and social wellbeing.
- Core bank funding for retirement savings, medical and life insurance, with flexible and voluntary benefits available in some locations.
- Time-off including annual leave, parental/maternity (20 weeks), sabbatical (12 months maximum) and volunteering leave (3 days), along with minimum global standards for annual and public holiday, which is combined to 30 days minimum.
- Flexible working options based around home and office locations, with flexible working patterns.
- Proactive wellbeing support through Unmind, a market-leading digital wellbeing platform, development courses for resilience and other human skills, global Employee Assistance Programme, sick leave, mental health first-aiders and all sorts of self-help toolkits
- A continuous learning culture to support your growth, with opportunities to reskill and upskill and access to physical, virtual and digital learning.
- Being part of an inclusive and values driven organisation, one that embraces and celebrates our unique diversity, across our teams, business functions and geographies - everyone feels respected and can realise their full potential.
www.sc.com/careers