This job has expired

Project Manager (Risk Policy and Cybersecurity)

Standard Chartered Bank
Closing date
26 Jun 2022

View more

Contract Type
Full Time
You need to sign in or create an account to save a job.

The Group Chief Information Security Risk Officer (CISRO) organization is instrumental in protecting and ensuring the resilience of Standard Chartered Bank's data and systems by managing information and cyber security (ICS) risk across the enterprise. As a critical function reporting into the Group Chief Risk Officer (GCRO), the Group CISRO team serves as the second line of defense for assuring ICS controls are implemented effectively, in accordance with the ICS Risk Type Framework, and for instilling a culture of cyber security within the Bank. The Group CISRO is responsible for ICS governance, strategy, policy, awareness, training, risk assessments, cyber stress testing, third party security risk, industry partnerships, and regulatory engagement.

The ICS Risk Type Framework (ICS RTF) is a core component of the Group's Enterprise Risk Management Framework (ERMF) which sets out overall risk management for ICS within Standard Chartered.

The Group ICS Risk team is responsible for developing, maintaining and supporting first line of defense with the operationalization of the ICS RTF on behalf of the Risk Framework Owner (CISRO).

It outlines the overall approach for the Group Chief Risk Officer (GCRO), internal and external stakeholders, including Board members, external auditors and regulators.


The Senior Information and Cyber Security (ICS) Risk Manager is a 6 month contract role (possibility to extend an other 6 months) that requires knowledge and experience in ICS risk management, and information and cyber security risk. This role reports directly to the Head of ICS Risk.

The team is based in the second line of defense (challenge work) in the bank. The right candidate will be the owner of second line responsibilities.


The primary purpose of this position is to support the embedding of ICS Risk management across the Group while also managing and coordinating responses to regulatory requests in line with the ICS RTF across the Group.

The successful candidate will work closely with the Head of ICS Risk and the wider Group CISRO team to lead the interaction with relevant stakeholder groups across the organization to ensure the effective discharge of the Group CISRO's obligations as defined within the ICS RTF.


  • Receive and understand regulatory requirements and ensure all relevant stakeholders have a clear understanding on delivery status
  • Assist in drafting regular reports to the CISRO Leadership Team and others as required.
  • Supports regulatory requests pertaining to the embedding of ICS RTF
  • Builds awareness and understanding of the regulatory framework, in which the Group operates, and the regulatory requirements and expectations relevant to the role
  • Provide support to the maintenance of the ICS Risk Type Framework (RTF)
  • Provide SME input to support operationalization and ensure adherence to the RTF's risk management methodology
  • Day to day : Utilizing and improving the end to end risk and governance framework. Make sure that they are aligned and compliant to SCB's framework. Plans in place to fulfil obligation.

People and Talent

  • Lead through example and build the appropriate culture and values locally
  • Leads through example by upholding high standards of excellence, ethics & code of conduct, governance and risk awareness, and stakeholder partnership & collaboration
  • Collaborate with the wider CISRO team and share knowledge where relevant

Risk Management

  • Ensure that all activities are in line with and support of the ICS principal risk type under the Bank's ERMF
  • Review and assimilate the Information & Cyber Security Risk Type Framework and Policy, including its key domains, controls and key roles and responsibilities
  • Ensure early identification and escalation of risks, issues, trends and developments to CISRO and relevant stakeholders


  • Ensure compliance with relevant operational risk controls.
  • Builds awareness and understanding of the regulatory framework, in which the Group operates, and the regulatory requirements and expectations relevant to the role
  • Support the creation of reports as required relating to the management of information and cyber security risk in the bank

Regulatory & Business Conduct

  • Display exemplary conduct and live by the Group's Values and Code of Conduct.
  • Take personal responsibility for embedding the highest standards of ethics, including regulatory and business conduct, across Standard Chartered Bank. This includes understanding and ensuring compliance with, in letter and spirit, all applicable laws, regulations, guidelines and the Group Code of Conduct.
  • Effectively and collaboratively identify, escalate, mitigate and resolve risk, conduct and compliance matters.
  • Demonstrate leadership ability to ensure that the team achieves the outcomes set out in the Bank's Conduct Principles.

Key Stakeholders

  • Group CISRO Leadership team
  • Head of ICS Risk
  • Heads of ICS (Business, Function, Country level)
  • Information & Cyber Security Risk Officers
  • Wider Risk Framework & Policy Team
  • Global Process Owners

Other Responsibilities

  • Embed "Here for Good" and Group's brand and values in the Group CISRO team
  • Perform other responsibilities assigned under Group, Country, Business or Functional policies and procedures
  • Ability to create effective work relationships across functions & borders
  • Understanding of the regulatory environment and developments related to the financial services industry
  • Strong stakeholder and relationship management experience, ideally from within financial services industry
  • Sound knowledge of risk governance frameworks & processes
  • Analytical / critical thinking skills

Why this role?

  • Model building - building new framework.
  • Part of a change in an international team.
You need to sign in or create an account to save a job.

Get job alerts

Create a job alert and receive personalised job recommendations straight to your inbox.

Create alert