Job Description

Want to push the boundaries of traditional technology, finance and operations? At nexus, courage is a defining trait for all team members. Courage to challenge the status quo, to do better, to deliver against the grain and to achieve spectacular results in massive ambiguity. We want to change how ecosystems interact and only have the blueprint for the baby steps - come join us to build out the rest of it! The idea is to do amazing things and have a lot of fun while doing it.

Standard Chartered nexus is looking for a self-starter to join our Enterprise Risk Management (ERM) team as we prepare to spin off our Banking-as-a-Service intellectual property from Standard Chartered nexus into a separate company, Audax. The ERM team\'s remit will include all risk management and compliance matters as the independent second line of defence.

What will you be doing:
Reporting to the Head of Enterprise Risk Management of Audax, you will:

• Help to design and implement frameworks, policies, and standards for a fintech that specialises in banking technology.
• Work with the first line of defence in promoting the understanding of risk requirements.
• Lead and support the implementation of all program management activities in ERM.
• Contribute to the design, challenge and review of risk treatment measures and monitoring from the ERM point of view. Consequently, you will also ensure that identified risks and issues are resolved by the first line of defence in an appropriate and timely manner.
• Be part of the Enterprise Risk Committee Secretariat that will be responsible for organising committee meetings, preparing, and distributing minutes of meetings, and following up on action points.
• Prepare regular reports that speak to the state of Audax\'s risk profile and take the lead in documenting ERM\'s work in Resolver, our Governance, Risk and Compliance system.
• Be part of the journey in preparing Audax for ISO and SOC certification (i.e., ISO 27001, ISO 31000, SOC 2).
• Collaborate with and provide risk management advice to various stakeholders (within the company and/or SC Ventures) and take personal accountability to deliver against planned objectives.
• In general, be continuously on the lookout for opportunities to improve the operational efficiency and effectiveness of risk and compliance processes.

What do you need to be successful in this role?

• Knowledge in penetration testing methodologies across application and infrastructure.
• Ability to connect the dots on identification of incidents (including triage, corelate to past or concurrent incidents/alerts) to post incident recovery activities.
• Good understanding of tactics, techniques, and procedures that could be used in cyber kill chain for recon, persistence, lateral movement, and ex-filtration.
• Ability to develop and operationalised security monitoring capabilities, tooling and use cases for different tech stacks (e.g. APIs, application) including cloud and container set up.
• Familiar with the threat and vulnerability landscape including malware, emerging threats, attacks and vulnerability management

Technical Competencies

• 7+ years of working experience in security operations, penetration testing, red teaming, incident response, and security monitoring activities, ideally from a global set up.
• Hands-on experience reviewing cloud, application, information, and cyber security.
• Experience with Programming and scripting languages, e.g. Perl, Python, PowerShell or shell scripting, as well as Splunk or sumo logic tools.

We are also looking for:

• Undergraduate degree with 4 - 8 years of relevant experience in one or more of the following areas:

• Risk management-related project management
• Compliance (including financial crime management)
• Enterprise or operational risk management (at the first or second line of defence)
• A basic understanding of risk management frameworks, standards, controls, risk measurement and appetite setting.
• Strong technology and process orientation, with a sound understanding of retail lending and banking processes and cloud technologies.
• Strong interpersonal skills with strong ability to influence multiple stakeholders.
• Strong verbal and written communication skills - the ability to translate risk management concepts into actionable points and insights for stakeholders will be key.
• Strong analytical skills with the ability to collect, organise and analyse significant amount of information with attention to detail and accuracy.

About Standard Chartered nexus
Standard Chartered nexus is a white label plug-and-play banking solution powered by Standard Chartered Bank. We take pride in redefining how we bank customers globally by digitally marrying ecosystems to banks. Our Banking-as-a-Service (BaaS) solution is the gateway that enables convenient access to financial services. We believe in challenging the status quo and thinking outside the box to deliver innovative solutions. Let\'s shape the future of banking together.
The Standard Chartered nexus family is made up of a bunch of fun, hardworking and results-oriented individuals. Most importantly, nexaurs value teamwork, and we champion a respectful, open and trusting work environment. If you are interested to be part of the team in re-wiring the DNA of banking, join us today. #YesWeCanLAH
Find out more about nexus and what we do at http://sc.com/scnexus

eFinancialCareers