Job Description

The Role Responsibilities
Technology powers Standard Chartered Bank's vision and strategic agenda through the provision of innovative and efficient technology solutions; we will deliver greater value to our business stakeholders; we will improve the skills and flexibility of our people and work more effectively with our internal and vendor service partners.
Enterprise Technology (ET) is responsible for providing application and Infrastructure services to all business lines within the bank namely CCIB, CPBB, Data and Global Functions. The Cloud function lies within ET and is responsible for engineering, building and supporting the Global IaaS and PaaS platforms for Public Cloud as well as Private Cloud in Standard Chartered's footprints across the globe. The global team spans across the United Kingdom, India, Malaysia, China and Singapore.
We are looking for a Cloud Assurance Lead who will be responsible for defining and operating a control environment for Cloud process and technology that enables the domain to reduce operational and technology risk to a level within the Group's risk appetite while satisfying control objectives defined in relevant Group policies and external regulations. This includes Proactive Controls Assessment, Issue Management, Audit and Regulatory Inspection Facilitation and other related tasks. You'll be working within a global team on innovative technology.

Strategy
This role will partner closely with Group Risk & Controls Team and will be required to manage all aspects of initiatives emanating from same for Cloud. Additional responsibilities include Proactive Controls Assessment, Issue Management, Audit and Regulatory Inspection Facilitation and other related tasks.

Business

• Identify, assess, manage and govern risk through the application of the Bank's Enterprise Risk Management Framework with consideration given to industry standards and best practices.

• Responsible for continuing improvements in Cloud Team's approach to risk identification and mitigation, control management and audit engagement within the framework set out by the relevant authorities.
• Lead cloud risk, operational resilience, and regulatory compliance audit engagements in partnership with Group Risk & Control Teams.
• Lead risk-based audits and addressing cyber-security risks, operational resilience, and regulatory requirements with a primary focus on Cloud Platforms and operating environment.
• Ensure a constant state of preparation, readiness and continuous improvement across process, risk management and reduction, audit success, documentation, MIS systems and reporting.
• Build long-term, value-added relationships with key leadership stakeholders, typically in risk and compliance organizations across all lines of defence, to retain and enhance continuous trust in Cloud Platforms and services.
• Collaborate across Cloud engineering, SRE, and other teams to prepare and execute audit engagements and educate on ongoing compliance postures to meet business and regulatory requirements.
• Gain and maintain an in-depth understanding of Cloud platform risk and control environment, common infrastructure, application services, and operating environment in support of the audit engagements.
• Document & Maintain (review periodically for applicability, improvement and efficiency) the Risk Management process at Risk Meetings, MOM Templates, Audit Engagements, Risk Approvals, Risk Extensions, Risk Assessments and Risk reviews done by UORM.
• Advise and assist the Cloud Team in driving and directing effective compliance with the prescribed Enterprise risk management framework
• Implement effective and efficient controls to minimise / mitigate operational impact
• Ensure proper management of risk and timely resolution of issues
• Promote understanding, practice and culture of Enterprise Operational Risk within Cloud.

People and Talent

• Be a role model and build the appropriate culture and values. Set appropriate tone and expectations from their team and work in collaboration with risk and control partners.
• Ensure the provision of ongoing training and development of people and ensure that holders of all critical functions are suitably skilled and qualified for their roles ensuring that they have effective supervision in place to mitigate any risks.
• Employ, engage and retain high quality people.
• Work with internal business teams, cross-functional engineering/architecture teams, and external vendors.
• Effective conflict resolver and strong leadership skills to deliver on commitments and knowing when to say No to stakeholders

Risk Management

• Ensure a full understanding of the risk and control environment within the Cloud organisation
• Ensure onboarding of technologies are done properly with Legal, Compliance and Security Teams
• Act quickly and decisively when any risk and control weakness become apparent and ensure they are addressed within an appropriate timeframe and, if necessary, escalated through the relevant committees

Governance

• Understand and comply with, in letter and spirit, all applicable laws, and regulations, including those governing anti-money laundering, terrorist financing, and sanctions; the Group's policies and procedures; and the Group Code of Conduct.
• Effectively and collaboratively identify, escalate, mitigate and resolve risk and compliance matters.
• Embed the Group's values and code of conduct to ensure that adherence with the highest standards of ethics, and compliance with relevant policies, processes, and regulations among employee's form part of the culture.

Regulatory & Business Conduct

• Display exemplary conduct and live by the Group's Values and Code of Conduct.
• Take personal responsibility for embedding the highest standards of ethics, including regulatory and business conduct, across Standard Chartered Bank. This includes understanding and ensuring compliance with, in letter and spirit, all applicable laws, regulations, guidelines and the Group Code of Conduct.
• Effectively and collaboratively identify, escalate, mitigate and resolve risk, conduct and compliance matters.
• Embed Here for good and Group's brand and values in the team
• Perform other responsibilities assigned under Group, Country, Business or Functional policies and procedures.
• Responsible for building a culture of good conduct
• Lead the data team to achieve the outcomes set out in the Bank's Conduct Principles: Fair Outcomes for Clients; Effective Operation of Financial Markets; Financial Crime Prevention; The Right Environment.

Key Stakeholders

• Key stakeholders include Enterprise Technology, CSS, GOR, CISRO and other T&I UORMs and ORMs. In addition, the role will be required to liaison with the broader community of technologists within T&I to help advocate the mission of the domain.

Other Responsibilities

• Support ad-hoc tactical and strategic risk initiatives to meet business and operational demands through thoughtful leadership or partnership.

Our Ideal Candidate

• 10-15 years of experience in Technology Risk Management, Information Security, Technology Governance, Internal Audit (Technology) or other related roles.
• 3 years of experience in managing multiple cross-organizational engagements and drive results by influencing stakeholders and working matrixed organizations.
• Experience in Financial Services or other heavily regulated industries (e.g. Pharmaceuticals, Healthcare, etc.).
• Relevant industry certifications (e.g. CIA, CRISC, CISA, ITIL, CISSP, GRCP / CRCM)
• Professional Cloud Certification in AWS, Azure, or Google Cloud.
• Experience with Technology Implementation or Operation
• Hands on experience with Control Design and Implementation
• Understanding of the Audit Lifecycle
• Knowledge of relevant Technology and Business Regulations; ideal candidate has direct experience of interface with Regulators (principally PRA, MAS and HKMA).
• Knowledge of and/or hands-on experience of Technology Architecture
• Clear, concise and articulate communication of complex and conceptual topics is required for success.
• Comfortable with ambiguity and able to make decisions in spite of this
• Process Design and Analysis
• Documentation and Textual Analysis
• Data Analytics
• Experience negotiating with and influencing technical and/or senior stakeholders
• Assertive & good problem-solving skills with common sense

Role Specific Technical Competencies

• Experience with Technology Implementation or Operation
• Understanding of the Audit Lifecycle
• Process Design and Analysis
• Technology Risk Management

About Standard Chartered
We're an international bank, nimble enough to act, big enough for impact. For more than 160 years, we've worked to make a positive difference for our clients, communities, and each other. We question the status quo, love a challenge and enjoy finding new opportunities to grow and do better than before. If you're looking for a career with purpose and you want to work for a bank making a difference, we want to hear from you. You can count on us to celebrate your unique talents. And we can't wait to see the talents you can bring us.

Our purpose, to drive commerce and prosperity through our unique diversity , together with our brand promise, to be here for good are achieved by how we each live our valued behaviours . When you work with us, you'll see how we value difference and advocate inclusion. Together we:

• Do the right thing and are assertive, challenge one another, and live with integrity, while putting the client at the heart of what we do
• Never settle, continuously striving to improve and innovate, keeping things simple and learning from doing well, and not so well
• Be better together, we can be ourselves, be inclusive, see more good in others, and work collectively to build for the long term

In line with our Fair Pay Charter, we offer a competitive salary and benefits to support your mental, physical, financial and social wellbeing.

• Core bank funding for retirement savings, medical and life insurance, with flexible and voluntary benefits available in some locations
• Time-off including annual, parental/maternity (20 weeks), sabbatical (12 weeks maximum) and volunteering leave (3 days), along with minimum global standards for annual and public holiday, which is combined to 30 days minimum
• Flexible working options based around home and office locations, with flexible working patterns
• Proactive wellbeing support through Unmind, a market-leading digital wellbeing platform, development courses for resilience and other human skills, global Employee Assistance Programme, sick leave, mental health first-aiders and all sorts of self-help toolkits
• A continuous learning culture to support your growth, with opportunities to reskill and upskill and access to physical, virtual and digital learning
• Being part of an inclusive and values driven organisation, one that embraces and celebrates our unique diversity, across our teams, business functions and geographies - everyone feels respected and can realise their full potential.

Recruitment assessments - some of our roles use assessments to help us understand how suitable you are for the role you've applied to. If you are invited to take an assessment, this is great news. It means your application has progressed to an important stage of our recruitment process.
Visit our careers website www.sc.com/careers