Job Description

The Role Responsibilities
Technology powers Standard Chartered Bank's vision and strategic agenda through the provision of innovative and efficient technology solutions; we will deliver greater value to our business stakeholders; we will improve the skills and flexibility of our people and work more effectively with our internal and vendor service partners.
Enterprise Technology (ET) is responsible for providing application and Infrastructure services to all business lines within the bank namely CCIB, CPBB, Data and Global Functions. The Cloud function lies within ET and is responsible for engineering, building and supporting the Global IaaS and PaaS platforms for Public Cloud as well as Private Cloud in Standard Chartered's footprints across the globe. The global team spans across the United Kingdom, India, Malaysia, China and Singapore.
We are looking for a Head of Cloud Security who will be responsible for managing and developing teams, as well as building secure infrastructure that runs our security products in the Cloud. This includes evaluating, designing, developing, and implementing high quality engineering solutions for the bank. You'll be working within a global team on innovative technology.
We are looking for a result oriented, self-starter who can dive deep into core engineering solutions and think innovatively, but in a pragmatic way to engineer a highly available Multi-Cloud Platform. You love to Build, Test, Deploy and Manage things with new Technologies in the Cloud. We eat, breathe and sleep Agile methodologies and best DevSecOps Practices!
Strategy

• Set security strategy and best practices for cloud security working with the Cloud Security Architects.
• Provide advice on security best practices, and guide teams in developing, adopting and enforcing security standards within the organisation.

Business

• Head a team that would design and implement security best practices across all Cloud platforms.
• Implement the latest security tools and techniques that improve the security posture of the organization. Perform periodic reviews and monitor networks, analyze logs and systems in order to prohibit unauthorized use, prevent loss of critical information, and maintain service availability.
• Guide the team to identify and remediate security gaps using industry best practices and automated solutions.
• Be recognised as a trusted partner for business application owners and other technology teams who seek to make use of Cloud based infrastructure.
• Oversee build out of Compliance automation by developing in-house tools as well as evaluating and deploying third party products.
• Introduce & support emerging technology and best market practices to ensure consistent and state of the art systems are built, and business achieves enhanced benefits
• Identify technology bottlenecks in Cloud and specify optimization/automation to be implemented.
• Be involved in the design and subsequent implementation of software and service infrastructure
• Participate in external and internal audits and bring them to successful completion.
• Manage stakeholder communication at all levels of the organisation.

Processes

• Identify processes that are manual, and improve through automation.

People and Talent

• Be a role model and build the appropriate culture and values. Set appropriate tone and expectations from the team and stakeholders.
• Ensure the provision of ongoing training and development; make sure that the team members are suitably skilled and qualified for their roles, ensuring that they have effective supervision in place to mitigate any risks.
• Set and monitor job descriptions and objectives for direct reports and provide feedback and rewards in line with their performance against those responsibilities and objectives.
• Scouting, hiring, inspiring and managing the best technology talents in the field of Cloud, and emerging technologies both internally and externally.
• Provides mentorship and guidance for our team around software architecture and enterprise platform integrations
• Is open-minded, a team player, and excited by Cloud technology challenges in an innovative working environment

Risk Management

• Ensure a full understanding of the risk and control environment within the Cloud organisation
• Ensure onboarding of technologies are done properly with Legal, Compliance and Security Teams
• Act quickly and decisively when any risk and control weakness become apparent and ensure they are addressed within an appropriate timeframe and, if necessary, escalated through the relevant committees

Governance

• Understand and comply with, in letter and spirit, all applicable laws, and regulations, including those governing anti-money laundering, terrorist financing, and sanctions; the Group's policies and procedures; and the Group Code of Conduct.
• Effectively and collaboratively identify, escalate, mitigate and resolve risk and compliance matters.
• Embed the Group's values and code of conduct to ensure that adherence with the highest standards of ethics, and compliance with relevant policies, processes, and regulations among employee's form part of the culture.

Regulatory & Business Conduct

• Display exemplary conduct and live by the Group's Values and Code of Conduct.
• Take personal responsibility for embedding the highest standards of ethics, including regulatory and business conduct, across Standard Chartered Bank. This includes understanding and ensuring compliance with, in letter and spirit, all applicable laws, regulations, guidelines and the Group Code of Conduct.
• Effectively and collaboratively identify, escalate, mitigate and resolve risk, conduct and compliance matters.
• Embed Here for good and Group's brand and values in the team
• Perform other responsibilities assigned under Group, Country, Business or Functional policies and procedures.
• Responsible for building a culture of good conduct
• Lead the data team to achieve the outcomes set out in the Bank's Conduct Principles: Fair Outcomes for Clients; Effective Operation of Financial Markets; Financial Crime Prevention; The Right Environment.

Key Stakeholders

• Cloud Teams, Enterprise/Domain Architecture Teams, Enterprise Technology Team, Technology Standards Team

Our Ideal Candidate

• Degree in Engineering, Computer Science, mathematics, physics or a technical discipline. Higher degree preferred
• 10+ years of experience in the industry with several years of experience in Cloud and Infrastructure Security and managing large scale infrastructure on the cloud.
• Professional Cloud Certification in AWS, Azure, or Google Cloud.
• Strong foundation and in-depth technical knowledge of security engineering, IAM, security protocols and applied cryptography.
• Strong skills in at least one or more scripting/programming language; Perl, Python, Go, Shell, etc.
• Passionate about security, enjoy challenges and maintain up-to-date knowledge of available and emerging security threats and various security technologies.
• Knowledge of Containers, Kubernetes, Docker Swarm or other cluster management software
• Strong awareness of DevSecOps practices and ways of implementing security for a fast paced environment.
• Strong understanding of engineering practices and large scale feature development.
• Strong interpersonal skills with the ability to communicate and work effectively across the organization.
• You would love to be in a high performing team and enjoy working with smart colleagues. We are open to new ideas and embrace collaboration and sharing in our Kanban/Scrum teams. Most of our days consist of Daily's, Sprint planning, Retrospections and most importantly to Getting Things Done.
• Open to working in areas outside of your comfort zone, experimenting with new technologies and techniques

Role Specific Technical Competencies

• 10+ years of experience in the industry with several years of experience in Cloud and Infrastructure Security and managing large scale infrastructure on the cloud.
• with a focus on enabling development teams
• Strong background in Cloud services and automation
• Strong understanding of compliance requirements in a banking regulated organisation
• Delivering of Terraforms
• Passionate about building and delivering APIs
• Experience with Agile software development practice
• Experience with rapid prototyping and testing techniques
• Hands on experience with CI/CD pipelines
• A solid understanding designing, securing solutions and troubleshooting Internet Technologies and protocols such as TCP/IP, HTTPS, DNS, etc.

About Standard Chartered
We're an international bank, nimble enough to act, big enough for impact. For more than 160 years, we've worked to make a positive difference for our clients, communities, and each other. We question the status quo, love a challenge and enjoy finding new opportunities to grow and do better than before. If you're looking for a career with purpose and you want to work for a bank making a difference, we want to hear from you. You can count on us to celebrate your unique talents. And we can't wait to see the talents you can bring us.

Our purpose, to drive commerce and prosperity through our unique diversity , together with our brand promise, to be here for good are achieved by how we each live our valued behaviours . When you work with us, you'll see how we value difference and advocate inclusion. Together we:

• Do the right thing and are assertive, challenge one another, and live with integrity, while putting the client at the heart of what we do
• Never settle, continuously striving to improve and innovate, keeping things simple and learning from doing well, and not so well
• Be better together, we can be ourselves, be inclusive, see more good in others, and work collectively to build for the long term

In line with our Fair Pay Charter, we offer a competitive salary and benefits to support your mental, physical, financial and social wellbeing.

• Core bank funding for retirement savings, medical and life insurance, with flexible and voluntary benefits available in some locations
• Time-off including annual, parental/maternity (20 weeks), sabbatical (12 weeks maximum) and volunteering leave (3 days), along with minimum global standards for annual and public holiday, which is combined to 30 days minimum
• Flexible working options based around home and office locations, with flexible working patterns
• Proactive wellbeing support through Unmind, a market-leading digital wellbeing platform, development courses for resilience and other human skills, global Employee Assistance Programme, sick leave, mental health first-aiders and all sorts of self-help toolkits
• A continuous learning culture to support your growth, with opportunities to reskill and upskill and access to physical, virtual and digital learning
• Being part of an inclusive and values driven organisation, one that embraces and celebrates our unique diversity, across our teams, business functions and geographies - everyone feels respected and can realise their full potential.

Recruitment assessments - some of our roles use assessments to help us understand how suitable you are for the role you've applied to. If you are invited to take an assessment, this is great news. It means your application has progressed to an important stage of our recruitment process.
Visit our careers website www.sc.com/careers