The purpose of the Technology Risk Governance role is to help deliver an independent, effective and lean second line of defence for Technology Risk. The role brings together all the required activities under our parent Risk Type Framework and will ensure effective prioritisation and delivery through strong governance.
The role is part of a wider Group Operational Risk Function which oversees a number of different non-financial risk types. Group Operational Risk is positioned within the bank\xe2\x80\x99s Risk Function which is led by the Group\xe2\x80\x99s Chief Risk Officer.
The candidate would be joining at an exciting time, as the team looks to continually strengthen our second line approach, help the organisation safely adopt new technologies safely and support first line risk management and transformation activities. The nature of the role delivers at a Group level, positioning the candidate to have an outsized impact on risk management.
Join a growing team that is recently empowered to deliver full independent second line technology risk coverage and challenge. Help shape the future of the new team and provide support for teammates who are performing the complementary second line technology risk-coverage roles for each line of business and function.
The role will focus on planning and backlog management for the following activities, in supporting the Governance Lead:
Group Risk Committees \xe2\x80\x93 Analyse and collate themes and escalations, write report(s) as required to document risk insight and challenge, ensure risk committees have appropriate attendance and challenge for technology risk. Challenge submissions made by first line colleagues by providing an OR opinion.
Risk Appetite \xe2\x80\x93 Challenge Risk Appetite for Technology Risk and monitor Risk Appetite exceptions and breaches escalation.
Scenario Analysis \xe2\x80\x93 Provide support for the wider Operational Risk ICAAP Scenario Analysis activities, if they relate to technology risk.
Risk Management Information \xe2\x80\x93 Enrich existing OR risk information reports to support teammates performing coverage roles and drive remediation of data quality exceptions for technology risk information.
Policy and Standard(s) \xe2\x80\x93 Perform the annual Policy Effectiveness Review for the Technology Policy, maintain Policy change control, Challenge-Approve dispensations, plan and execute policy communication and education.
Control Requirements \xe2\x80\x93 Challenge first line control requirements to ensure traceability back to the second line owned policy and monitor conformance through the outputs of risk activities performed by teammates.
Regulatory - Review first line inputs for the policy and standard backlog, perform regulatory change management through existing Group workflows and where feasible maintain traceability of regulatory requirements to controls, monitor material first line identified gaps.
Horizon Scanning \xe2\x80\x93 Perform or arrange for the delivery of horizon risk research.
Backlog Management \xe2\x80\x93 Maintain a prioritised backlog of commitments across the range of risk management activities, appropriately prioritised for delivery either by the Governance team or by teammates performing Coverage roles for each line of business and function.
Other: Provide support or act as an advocate for the wider Group Operational Risk activities.
Strategy
Awareness and understanding of the Group\xe2\x80\x99s and Function\xe2\x80\x99s business strategy and model appropriate to the role
Business
Awareness and understanding of the wider business, economic and market environment in which the Group operates
Processes
Responsible for executing risk management responsibilities of the second line of defence as defined within the Operational Risk Policy and Standard, and Group Technology Policy
People and Talent
Responsible for individual training and familiarisation of knowledge relevant to the role and subject matter areas of work that is assigned
Risk Management
Understanding the role\xe2\x80\x99s responsibilities with respect to the relevant risk policies/standards, risk framework owner role, and second line operational risk role.
Governance
Responsible for supporting the maintenance of the Group Technology Policy and relevant documents owned by the CRO Technology team. Responsible for executing activities associated with assessing the effectiveness of the Group Technology Policy. Awareness and understanding of the technology regulations for key markets in in which the Group operates.
Regulatory and Business Conduct
Display exemplary conduct and live by the Group\xe2\x80\x99s Values and Code of Conduct.
Take personal responsibility for embedding the highest standards of ethics, including regulatory and business conduct, across Standard Chartered Bank. This includes understanding and ensuring compliance with, in letter and spirit, all applicable laws, regulations, guidelines and the Group Code of Conduct.
Effectively and collaboratively identify, escalate, mitigate and resolve risk, conduct and compliance matters.
Key stakeholders
Team colleagues \xe2\x80\x93 Coverage officers in our team and roles performing dedicate assurance.
Enterprise Risk Management and the wider Group and Country Operational Risk Teams
First Line Technology Process Owners and Teams
First Line Technology Risk Management
CIO Domain teams (via coverage officers)
Control Owners
Owners of technical standards
Risk Framework Owners, Policy Owners and SMEs for other risk types (Compliance, Information & Cyber Security, Third Party, Change Management, Resilience).
Our Ideal Candidate
Relevant Professional Certifications (e.g. CRISC, CISA, CGEIT, CISM, ITIL) an advantage.
3+ years of experience in financial institutions and/or highly regulated technology dependent industries.
Previous experience in technology risk roles (First or Second Line) or technology audit (Third Line of Defence). Candidates from technology-related disciplines (e.g. project management, software delivery lifecycles, technology operations) are welcome to apply if they can demonstrate transferable skills and a passion to become a risk professional
Experience in advisory, audit, or consulting roles that require strong stakeholder management an advantage.
Profession Certifications related to project management, software delivery lifecycles, technology processes (e.g. ITIL) an advantage or equivalent practical \xe2\x80\x9con the job\xe2\x80\x9d experience.
Familiarity with modern and emerging technology techniques and an interest to stay abreast of industry developments (e.g. Agile development, DevOps, Cloud, APIs, etc).
Comfortable working in a small team challenging risk-decisions made by more senior staff.
Able to demonstrate a risk-based approach to focus attention on the key risks and sound judgement on matters that can be dealt with autonomously versus matters that require escalation.
Comfortable looking beyond a purely task-driven approach and able to take ownership of the wider objective, while seeking for support when required.
Passionate about keeping abreast of industry developments in technology risk and keen to advance their own subject matter expertise by seeking personal growth opportunities.
Demonstrates competency in Critical Thinking, Non-Financial Risk Management, managing change and Stakeholder Management.
Strong business writing skills
Role Specific Competencies
Operational Risk
Business Partnering
Manage Risk
Business Writing
IT Audit and Control
About Standard Chartered
We\'re an international bank, nimble enough to act, big enough for impact. For more than 160 years, we\'ve worked to make a positive difference for our clients, communities, and each other. We question the status quo, love a challenge and enjoy finding new opportunities to grow and do better than before. If you\'re looking for a career with purpose and you want to work for a bank making a difference, we want to hear from you. You can count on us to celebrate your unique talents. And we can\'t wait to see the talents you can bring us.
Our purpose, to drive commerce and prosperity through our unique diversity, together with our brand promise, to be here for good are achieved by how we each live our valued behaviours. When you work with us, you\'ll see how we value difference and advocate inclusion. Together we:
Do the right thing and are assertive, challenge one another, and live with integrity, while putting the client at the heart of what we do
Never settle, continuously striving to improve and innovate, keeping things simple and learning from doing well, and not so well
Be better together, we can be ourselves, be inclusive, see more good in others, and work collectively to build for the long term
In line with our Fair Pay Charter, we offer a competitive salary and benefits to support your mental, physical, financial and social wellbeing.
Core bank funding for retirement savings, medical and life insurance, with flexible and voluntary benefits available in some locations
Time-off including annual, parental/maternity (20 weeks), sabbatical (12 weeks maximum) and volunteering leave (3 days), along with minimum global standards for annual and public holiday, which is combined to 30 days minimum
Flexible working options based around home and office locations, with flexible working patterns
Proactive wellbeing support through Unmind, a market-leading digital wellbeing platform, development courses for resilience and other human skills, global Employee Assistance Programme, sick leave, mental health first-aiders and all sorts of self-help toolkits
A continuous learning culture to support your growth, with opportunities to reskill and upskill and access to physical, virtual and digital learning
Being part of an inclusive and values driven organisation, one that embraces and celebrates our unique diversity, across our teams, business functions and geographies - everyone feels respected and can realise their full potential.
Recruitment assessments - some of our roles use assessments to help us understand how suitable you are for the role you\'ve applied to. If you are invited to take an assessment, this is great news. It means your application has progressed to an important stage of our recruitment process.