Risk Analyst, TPRM - Technology Risk Management

This job is with Standard Chartered Bank, an inclusive employer and a member of myGwork – the largest global platform for the LGBTQ+ business community. Please do not contact the recruiter directly.

Job Summary

The Third Party Risk Manager is responsible for the oversight and execution of the third party risk management (TPRM) framework, ensuring all external vendor and partner relationships are assessed, monitored and managed in alignment with organisational risk appetite and regulatory requirements. The role requires expertise in risk and control environment, particularly within technology and cyber security domain.

Key Responsibilities

Managed the end to end third party risk lifecycle, including onboarding due diligence, risk assessment, contract reviews, continuous monitoring and offboarding.

Ensure third party engagements operate within established risk tolerance and comply with internal policies and external regulatory obligations.

Provide subject matter expertise on third party risk, advising stakeholders across business and recommending practical risk mitigation strategies.

Partner with Control Owners (SCM) to define and maintain risk management metrics, dashboards, and reporting mechanisms to measure and monitor third party risk exposure.

Support internal and external audits as well as regulatory review by providing documentation, analysis and evidence of TPRM program activities.

Have detailed understanding of technology and third-party regulatory landscape.

Experience with Risk and Control and / or Audit background would be beneficial.

Strategy

Subject matter expert on Technology Resilience, Third Party Risk Management, IT Continuity Management, as well as Contingency and Disaster Recovery

Assess the overall effectiveness of TPCP Testing strategy for Material Technology Arrangements,

Support the implementation internal procedures and training which support the (TPCP) Testing and exercising strategy for Material Tech Arrangements where applicable.

Support the planning, coordination, and facilitation of the simulated test exercises, ensuring alignment across the various Stakeholder Groups.

Support internal and external progress reporting requirements on TPCP Testing for Material Technology Arrangements.

Build relationships with a wide range of senior stakeholders to deliver against the strategies and processes that underpin the TPCP Testing & Exercising strategy.

Business

Have the knowledge and confidence to apply critical thinking to make the necessary decisions to progress and at the same time, understand the limits of his / her responsibility and expertise and know when to solicit decisions from other members of the team.

Liaise with contract managers across Technology & Architecture and CIOs regarding third party risk and controls compliance.

Build strong relationships with internal and external partners to enhance risk management efforts.

Processes

Check test or exercise frequency requirements as part of the TPCP annual review.

Recording of scheduled test dates in the Third-Party register

Actively take part in all exercises

Review exercise outcomes, including any risk escalation.

Review and approve any updates to the TPCP.

Track any updates to the exercise date in the Third-Party register.

Constantly analyse, enhance, and seek to improve testing processes.

People & Talent

Always have an eye for Process Improvements and Innovations with an objective to 'Simplify', while still maintaining the value delivered.

Ensure a cohesive team approach that supports the broader Third-Party Risk Management and Bank wide agenda to build for the long-term

Risk Mitigation and Controls

Support the development and implementation of risk mitigation strategies and action plans.

Ensure the effectiveness of risk controls and compliance with regulatory requirements.

Collaborate with various departments to integrate risk management practices into business processes.

Normalise disparate approvals processes to speed up delivery without increasing the risk.

Governance

Continuously monitor the third-party risk profile and ensure that risk management activities are being carried out effectively.

Reporting on risk exposure and the effectiveness of mitigation efforts to MT and stakeholders

Build, manage and maintain relationships with global and regional teams across the bank across the relevant first, second and third line of defence.

Conduct periodic reviews, control sample testing, and metrics reporting on third party risk.

Identify opportunities for process improvements and implement enhancements.

Regulatory & Business Conduct

Display exemplary conduct and live by the Group's Values and Code of Conduct.

Take personal responsibility for embedding the highest standards of ethics, including regulatory and business conduct, across Standard Chartered Bank. This includes understanding and ensuring compliance with, in letter and spirit, all applicable laws, regulations, guidelines and the Group Code of Conduct.

Effectively and collaboratively identify, escalate, mitigate, and resolve risk, conduct and compliance matters.

Key stakeholders

Global Head, Risk Mgmt, Technology & Architecture and CIOs

T&O TPRM Governance

Head, OTCR, CDO, GTO, (ECM) & 3rd Party.

Head, OTCR, Third Party Risk SME

Technology & Architecture Vendor Governance and Contract Managers

CIO CIB, WRB and Functions Contract Managers

Supply Chain Management

Other Responsibilities

• Perform other responsibilities assigned under Group, Country, Business or Functional policies and procedures

Qualifications

Education

Bachelor's degree in IT, Computer Science, Risk Management or equivalent required

Training

Good understanding and working knowledge of ITIL (ITIL Foundation desired)

Good understanding of compliance requirement meeting regulatory needs.

Certifications

BCP or DR certifications

ITIL Foundation / Intermediate

CISA, CRISC

Languages

English

Others

Strong working knowledge of Third-Party Risk

Strong understanding of IT Service Continuity Management and Disaster Recovery principles, process, procedures, and best practices.

Ability to collaborate with teams across the firm to leverage previous experiences, utilities, and shared capabilities.

Able to contribute to overall governance process to provide suggestion in terms of automation and lean working process.

Knowledgeable about best practices, industry standards, open-source, and emerging trends

Excellent collaborator with ability to communicate effectively with a variety of stakeholders across the Bank

Skills and Experience

Strong influencing and English communication skills - oral, written and presentation.

Risk and Control Management skills

Understanding of Third-Party risks and regulatory requirements

Excellent interpersonal skills and are adept at building relationships with different stakeholders.

Business Continuity Planning and Testing

Recovery Planning and Testing

About Standard Chartered

We're an international bank, nimble enough to act, big enough for impact. For more than 170 years, we've worked to make a positive difference for our clients, communities, and each other. We question the status quo, love a challenge and enjoy finding new opportunities to grow and do better than before. If you're looking for a career with purpose and you want to work for a bank making a difference, we want to hear from you. You can count on us to celebrate your unique talents and we can't wait to see the talents you can bring us.

Our purpose, to drive commerce and prosperity through our unique diversity, together with our brand promise, to be here for good are achieved by how we each live our valued behaviours. When you work with us, you'll see how we value difference and advocate inclusion.

Together we : Do the right thing

and are assertive, challenge one another, and live with integrity, while putting the client at the heart of what we do

Never settle,

continuously striving to improve and innovate, keeping things simple and learning from doing well, and not so well

Are better together,

we can be ourselves, be inclusive, see more good in others, and work collectively to build for the long term

What we offer

In line with our Fair Pay Charter,

we offer a competitive salary and benefits to support your mental, physical, financial and social wellbeing.

Core bank funding for retirement savings, medical and life insurance,

with flexible and voluntary benefits available in some locations.

Time-off

including annual leave, parental / maternity (20 weeks), sabbatical (12 months maximum) and volunteering leave (3 days), along with minimum global standards for annual and public holiday, which is combined to 30 days minimum.

Flexible working

options based around home and office locations, with flexible working patterns.

Proactive wellbeing support

through Unmind, a market-leading digital wellbeing platform, development courses for resilience and other human skills, global Employee Assistance Programme, sick leave, mental health first-aiders and all sorts of self-help toolkits

A continuous learning culture

to support your growth, with opportunities to reskill and upskill and access to physical, virtual and digital learning.

Being part of an inclusive and values driven organisation,

one that embraces and celebrates our unique diversity, across our teams, business functions and geographies - everyone feels respected and can realise their full potential.