Associate Director, OTCR, ICS & Tech Risk Assurance

The Operational, Technology and Cyber Risk (OTCR) organisation is instrumental in protecting and ensuring the resilience of Standard Chartered Bank’s operations, data, and IT systems by managing operational, technology and cyber risk across the enterprise.

The Associate Director, OTCR, ICS & Tech Risk Assurance is a permanent role that requires good business acumen and a detailed knowledge of risk assessment, audit execution and control testing. The successful candidate will have key skills in critical thinking, problem solving, industry specific technical and regulatory knowledge, and stakeholder management, and be able to respond in a flexible and collaborative manner to evolving business, regulatory and threat demands.

This is a senior level role, and the individual will be required to engage with senior stakeholders across the business, technology, governance, CISO and other risk functions to act as an independent trusted advisor, providing key insights from testing to enable effective risk decisions making

The successful candidate will be able to support the Head of Assurance, a high performing team to identify and focus reviews on the areas of highest Technology and Cyber Risk risks, providing insights which enable uplift of the OTCR risk posture.

• Support the Head of Assurance to define, develop and operationalise the OTCR ICS & Tech Risk Assurance team to align with the risk management strategy and wider enterprise risk management strategy for the Bank Enterprise Risk Management Framework (“ERMF”).
• Support the Head of Assurance to define and develop structured Assurance capabilities and to lead/ execute risk-based independent reviews of control efficacy by assessing the design and operating effectiveness of key controls.
• Provide the management and validation of findings identified in Assurance ICS & Tech risk reviews.
• Work with the wider OTCR Assurance & Testing team to support and deliver a risk-based plan to focus testing on areas of highest risk.
• Communicate complex risks, issues and testing insights precisely and effectively to management and regulators as required.

• Degree level education or equivalent
• Industry related qualification in Operational Risk Management or Information & Cyber Security, such as CISSP, CISM(P), and/or CRISC.
• Industry related qualification in Assurance/Audit such as CISA, IIA, CIA and/or CRMA
• Personal authority based on established trusted relationships and ability to provide advice and functional direction which is expected at senior levels of the Group and respected by peers

• Competitive salary and benefits to support your mental, physical, financial and wellbeing.
• Core bank funding for retirement savings, medical and life insurance, with flexible and voluntary benefits available in some locations.
• Time-off including annual leave, parental/maternity (20 weeks), sabbatical (12 months maximum) and volunteering leave (3 days), along with minimum global standards for annual and public holiday, which is combined to 30 days minimum.
• Flexible working options based around home and office locations, with flexible working patterns.