Talent.com
VP, ICS Threat Scenarios (India, Malaysia)

VP, ICS Threat Scenarios (India, Malaysia)

Standard Chartered BankBengaluru, Karnataka, India
2 days ago
Job description

This job is with Standard Chartered Bank, an inclusive employer and a member of myGwork – the largest global platform for the LGBTQ+ business community. Please do not contact the recruiter directly.

Job Summary

  • This role could be based in India and Malaysia. When you start the application process you will be presented with a drop down menu showing all countries, Please ensure that you select a country where the role is based.
  • The Group Chief Information Security Officer (CISO) organisation is instrumental in protecting and ensuring the resilience of Standard Chartered Bank's data and IT systems by managing information and cyber security (ICS) risk across the enterprise. As a critical function reporting into the Group Chief Technology, Operations and Transformation Officer, the Group CISO serves as the first line of defence for assuring ICS controls are implemented effectively and in accordance with the ICS Risk Framework, Policy and Standard, and for instilling a culture of cyber security within the Bank.
  • The VP, ICS Threat Scenarios will support the Threat Scenario-led Risk Assessment (TSRA) team, specifically TSRA Threat Scenario Subject Matter Experts (SME). This includes designing, implementing, and maintaining creation and amendment of new threat scenarios, working on Sentinel / MSTR / PEGA / ATOM architecture based on ICS RTF framework, driving digitisation, automation, and innovation; performing Data quality checks / recon; collaborating with different stakeholders, GTM, ESA, Purple Team, Control Owners, Risk Managers, Cyber Functions and Board engagement, where needed.
  • This role reports directly to the Director, ICS Threat Scenarios.

Key Responsibilities Strategy

  • This is a global role that requires strong cybersecurity and technical knowledge, business acumen and good organisation skills with ability to manage multi-disciplinary group, knowledge of Cybersecurity Risk Management, and process controls.

    • Business

  • The role will work closely with TSRA Threat Scenario Library team, TSRA Operations, Group Threat Management (GTM) and control owners to support sustainability of TSRA threat scenario library and provide skills needed to deliver against the ICS, R&C strategic goals. The role is expected to seamlessly blend in with the existing SMEs in a multi-location set up - providing expertise while analysing the evolving threat landscape, contextualize with SCB's business priorities and identify scenarios for risk assessments, while also suggesting mitigation to minimize risks from the evolving threats. The role will develop into an SME in the future, working closely with the various CISO and 2LoD teams to help the bank reduce exposure to the external threat landscape.

    • Processes

    The candidate will :

  • Drive creation of a central project plan for uplifting TSRA Threat Scenarios to become more data driven - supporting residual risk assessments, investment planning and benefits management.
  • Directly work with senior stakeholders to chart out yearly objectives, identify key milestones and dependencies.
  • Coordinate Working Group meetings, prepare agenda, meeting packs and minutes. Help squad leads to identify and follow through actions for closure.
  • Work with different product teams towards the best possible implementation - be the subject matter expert on policy requirements and guide technology teams throughout the delivery lifecycle.
  • Participate in design discussions and propose solutions by balancing the policy requirements with technical implementation.
  • Participate in UAT, prepare user documentation and training material where required
  • Collaborate with GTM, Security Architecture and R&C teams to plan and prepare training materials for the unified delivery.
  • Proactively identify areas of opportunity and continuous improvement in the implementation of an end-to-end threat led risk management.
  • Develop ICS Threat Scenarios :
  • Source and analyse for key insights from the Bank's approved Threat Intel reports / bulletins and Threat Intel tools,
  • Gather business contexts from requestors and collect threat characteristics from stakeholders,
  • Craft scenario narrative to articulate ICS threat and adversary techniques (including mapping of MITRE TTPs and mitigating controls) and,
  • Seek alignment with stakeholders for Threat Working Group endorsement and inclusion into the Bank's Strategic Threat Library
  • Perform annual refresh of the Bank's Threat Scenario Library by reviewing / identifying for obsolete / similar threat scenarios for retirement, enhancement, or amendment with the object to maintain an evergreen and highly relevant threat library for business function consumption and adoption.
  • Perform control efficacy assessment of outputs produced by Purple Team's BAS / atomic testing on selected threat scenarios and provide assessment view / summary in the form of MITRE Heat Map format.
  • Collaborate with key stakeholders in the areas of key threat parameters (e.g., plausibility, adversary behaviors, TTP), testing of high priority scenarios and mitigating controls alignment.
  • Develop, maintain, and adhere to Guiding Principle for mitigating controls mapping to the Bank's standard control statements.
  • Provide Threat SME support to stakeholders and projects as and when requested.
  • Provide Threat SME support to the CISO, 1st Line Defence (1LOD), and 2nd Line of Defence (2LOD) of the Bank during the annual Risk and Control Self-Assessment (RCSA) cycle.
  • Participate and provide support in the content delivery of the communication deck for the Bank's Monthly ICS Threat Working Group and Stakeholder Engagement Forums.

    • People & Talent Management

  • Working in close collaboration with TSRA Threat SMEs, GTM, ESA risk and control partners across all functions to effectively embed a strong culture of risk awareness and good conduct,
  • Improve client centricity through increased delivery velocity,
  • Spread and sustain a continuous improvement and innovation culture

    • Risk Management

  • Work closely with senior stakeholders to drive an effective security risk management culture and compliance mindset,
  • Mature the Bank's ability to proactively identify and manage cyber threats through implementation of robust, integrated risk processes (the ICS RTF and Threat Scenario Risk Assessment (TSRA) Standard),

    • Governance

  • Provide timely and accurate reporting to appropriate committees (risk governance committees, QPR / MPR and associated Refinement Forums, where applicable)
  • Support assurance activities, external and external audits and provide the timely feedback
  • Support appropriate oversight and facilitate resolution of high impact risk and issues

    • Regulatory & Business Conduct

  • Display exemplary conduct and live by the Group's Values and Code of Conduct. Including tracking and remediation of conduct issues
  • Effectively and collaboratively support to identify, escalate, mitigate, and resolve risk, conduct and compliance matters.

    • Key Stakeholders

  • Head, ICS Risk Mgmt Ops-Business, Mkts & Functions
  • Director, ICS Threat Scenarios
  • TSRA Threat SMEs
  • Group Threat Management (GTM)
  • Enterprise Security Design & Architecture (ESA)
  • Head, ICS Risk Management Ops - Business, Markets and Functions
  • Chief Information Security Officers (CISOs)
  • Information Security Risk Officers

    • Other Responsibilities

  • Embed Here for good and Group's brand and values in ICS R&G; Perform other responsibilities assigned under Group, Country, Business or Functional policies and procedures; Multiple functions (double hats);

    • Qualifications Required Qualifications, Capabilities, And Skills :

  • Bachelor's degree in computer science or cyber-security or a related field of study
  • More than 15 years of experience in technology, risk and controls, preferably in Banking & Financial Services.
  • At least 5 years of working experience as a practitioner in the fields of Cybersecurity, Networking Security, Cloud Security, Red / Blue / Purple Team activities, Threat Intelligent Analysis or Threat Hunting
  • Demonstrable knowledge on MITRE Methodology / Framework, threat intelligence, key adversary techniques and mitigation
  • Strong written or verbal communication skill and ability to articulate threat / security findings to both technical and non-technical audiences.
  • Practical proficiency in MS Excel, Words, PowerPoints, Visio / Griffy

    • Preferred Qualifications, Capabilities, And Skills :

  • Good understanding of networking concepts including OSI model, TCP / IP
  • Good general knowledge on the applicability of cyber defensive / detection technologies / solutions / tools as mitigation / safeguard against cyber threat
  • Good understanding on industry standard control statements (NIST, CIS) compliance is a plus.
  • Certification in CISSP, CCSP, CISA, CEH, GSEC, CISM, CompTIA Security+

    • Skills and Experience

  • Change Management
  • MITRE Methodology / Framework
  • Industry standard (NIST, OSI, CIS)
  • Regulatory Environment - Financial Services
  • Cybersecurity tools / technologies

    • About Standard Chartered We're an international bank, nimble enough to act, big enough for impact. For more than 170 years, we've worked to make a positive difference for our clients, communities, and each other. We question the status quo, love a challenge and enjoy finding new opportunities to grow and do better than before. If you're looking for a career with purpose and you want to work for a bank making a difference, we want to hear from you. You can count on us to celebrate your unique talents and we can't wait to see the talents you can bring us.

    Our purpose, to drive commerce and prosperity through our unique diversity, together with our brand promise, to be here for good are achieved by how we each live our valued behaviours. When you work with us, you'll see how we value difference and advocate inclusion.

    Together we :

    Do the right thing and are assertive, challenge one another, and live with integrity, while putting the client at the heart of what we do

    Never settle, continuously striving to improve and innovate, keeping things simple and learning from doing well, and not so well

    Are better together, we can be ourselves, be inclusive, see more good in others, and work collectively to build for the long term

    What we offer In line with our Fair Pay Charter, we offer a competitive salary and benefits to support your mental, physical, financial and social wellbeing.

    Core bank funding for retirement savings, medical and life insurance, with flexible and voluntary benefits available in some locations.

    Time-off including annual leave, parental / maternity (20 weeks), sabbatical (12 months maximum) and volunteering leave (3 days), along with minimum global standards for annual and public holiday, which is combined to 30 days minimum.

    Flexible working options based around home and office locations, with flexible working patterns.

    Proactive wellbeing support through Unmind, a market-leading digital wellbeing platform, development courses for resilience and other human skills, global Employee Assistance Programme, sick leave, mental health first-aiders and all sorts of self-help toolkits

    A continuous learning culture to support your growth, with opportunities to reskill and upskill and access to physical, virtual and digital learning.

    Being part of an inclusive and values driven organisation, one that embraces and celebrates our unique diversity, across our teams, business functions and geographies - everyone feels respected and can realise their full potential.

    ]]>

    Create a job alert for this search

    Threat • Bengaluru, Karnataka, India

    Related jobs
    • Promoted
    JP Morgan Chase - Vice President - Fraud Strategy Analytics

    JP Morgan Chase - Vice President - Fraud Strategy Analytics

    JP Morgan ChaseBangalore, India
    As a part of Fraud Strategy, you are at the center of keeping JPMorgan Chase strong and resilient.You help the firm grow its business in a responsible way by anticipating new and emerging risks, an...Show moreLast updated: 3 days ago
    • Promoted
    Lead Plant Security

    Lead Plant Security

    Tata ElectronicsHosur, Tamil Nadu, India
    Head of Security (Corporate) TEPL.Electronics Manufacturing Services, Semiconductor Assembly & Test, Semiconductor Foundry, and Design Services. Established in 2020 as a greenfield venture of the Ta...Show moreLast updated: 25 days ago
    • Promoted
    Guidewire Policycenter dveloper

    Guidewire Policycenter dveloper

    PwC Acceleration Center IndiaBangalore Rural, Karnataka, India
    Minimum of 4 to 10 years of experience.Role : Policy Center Configuration developer.Willingness to work Second Shift (2 pm IST to 11 pm IST) to support US based clients. Demonstrates abilities soluti...Show moreLast updated: 25 days ago
    • Promoted
    Strategic Sourcing- Procurement Services

    Strategic Sourcing- Procurement Services

    WNS ProcurementBangalore Rural, Karnataka, India
    Position : Strategic Sourcing– Procurement Services.Plot 8A, RMZ Centennial, Kundalahalli Main Road, Whitefield, Bangalore, India. The Senior Associate will manage and execute.This role requires stro...Show moreLast updated: 4 days ago
    • Promoted
    SAP Consultant

    SAP Consultant

    Tata ElectronicsKolar, Karnataka, India
    SAP PS Consultant – OPEX / NPI Support.Electronics Manufacturing Services, Semiconductor Assembly & Test, Semiconductor Foundry, and Design Services. Established in 2020 as a greenfield venture of the...Show moreLast updated: 4 days ago
    • Promoted
    Director of Cyber Threat Intelligence

    Director of Cyber Threat Intelligence

    CloudSEKBengaluru, Republic Of India, IN
    We are a bunch of super enthusiastic, passionate, and highly driven people, working to achieve a common goal! We believe that work and the workplace should be joyful and always buzzing with energy!...Show moreLast updated: 22 days ago
    • Promoted
    Functional Consultant

    Functional Consultant

    KPMG IndiaBangalore Rural, Karnataka, India
    Big Four” professional services firms.KPMG India has grown into a major player in the consulting, audit, and advisory landscape, with its. Microsoft Dynamics AX Functional.Experience in implementing...Show moreLast updated: 4 days ago
    • Promoted
    Risk and Control, VP

    Risk and Control, VP

    ConfidentialBengaluru / Bangalore, India
    Job Title : Risk and Control, VP.Oversee and monitor daily risk and control activities across the SES department.Partner with co-VPs and the Head of Securities Services to escalate and resolve risk-...Show moreLast updated: 8 days ago
    • Promoted
    SAP Consultant

    SAP Consultant

    YASH TechnologiesBangalore Rural, Karnataka, India
    Bangalore Rural, Karnataka, India (Hybrid).Dear Connection Yash Technologies is looking for Senior SAP FSCM Consultant.Our SAP Service Line is currently looking for industry-leading seasoned SAP FS...Show moreLast updated: 17 days ago
    • Promoted
    RMS (Reliability Monitoring System) Technical Expert – OSAT

    RMS (Reliability Monitoring System) Technical Expert – OSAT

    Tata ElectronicsKolar, Karnataka, India
    Tata Electronics (a wholly owned subsidiary of Tata Sons Pvt.India’s first AI-enabled state-of-the-art Semiconductor Foundry. This facility will produce chips for applications such as power manageme...Show moreLast updated: 30+ days ago
    • Promoted
    Senior AI Engineer – Cybersecurity (Prevention-First Approach)

    Senior AI Engineer – Cybersecurity (Prevention-First Approach)

    SecPodBengaluru, Karnataka, India
    Job Title : Senior AI Engineer – Cybersecurity (Prevention-First Approach).AI / ML development with a focus on cybersecurity or any technical domain. Our flagship product, empowers enterprises with aut...Show moreLast updated: 25 days ago
    • Promoted
    VP, Treasury COO - People, Process & Technology

    VP, Treasury COO - People, Process & Technology

    The Edge Partnership - The Edge in AsiaBengaluru, Republic Of India, IN
    Our client, a global financial institution, is looking to hire a Vice President – Treasury COO professional to join their Treasury Operations team in Bangalore / Chennai. This role will play a key p...Show moreLast updated: 30+ days ago
    • Promoted
    VP of Cybersecurity Strategy

    VP of Cybersecurity Strategy

    The Edge Partnership - The Edge in AsiaBengaluru, Republic Of India, IN
    Our client is a leading global investment and advisory firm known for its deep expertise in private equity, real estate, and alternative asset management. The ideal professional will lead regional c...Show moreLast updated: 4 days ago
    • Promoted
    eTrading Oversight Manager, VP

    eTrading Oversight Manager, VP

    ConfidentialBengaluru / Bangalore, India
    Our people work differently depending on their jobs and needs.From hybrid working to flexible hours, we have plenty of options that help our people to thrive. This role is based in India and as such...Show moreLast updated: 8 days ago
    • Promoted
    IPB AML Investigations Asia Pacific, VP

    IPB AML Investigations Asia Pacific, VP

    ConfidentialBengaluru / Bangalore, India
    IPB AML Investigations Asia Pacific, VP.The purpose of Anti-Financial Crime / Financial Crime Operations (AFC / FCO) is to monitor transactions and identify potentially unusual or suspicious activity...Show moreLast updated: 8 days ago
    • Promoted
    VP / CVP - Compliance Monitoring

    VP / CVP - Compliance Monitoring

    Credit Saison IndiaBengaluru, Karnataka, India
    Established in 2019, Credit Saison India (CS India) is one of the country’s fastest growing Non-Bank Financial Company (NBFC) lenders, with verticals in wholesale, direct lending and tech-enabled p...Show moreLast updated: 1 day ago
    • Promoted
    • New!
    VP, ICS Threat Scenarios (India, Malaysia)

    VP, ICS Threat Scenarios (India, Malaysia)

    ConfidentialBengaluru / Bangalore, India
    This role could be based in India and Malaysia.When you start the application process you will be presented with a drop down menu showing all countries, Please ensure that you select a country wher...Show moreLast updated: 5 hours ago
    • Promoted
    VP, Treasury COO – People, Process & Operating Model

    VP, Treasury COO – People, Process & Operating Model

    The Edge Partnership - The Edge in AsiaBengaluru, Karnataka, India
    Our client, a global financial institution, is looking to hire a Vice President – Treasury COO professional to join their Treasury Operations team in Bangalore / Chennai. This role will play a key p...Show moreLast updated: 30+ days ago