Job Description

The Role Responsibilities

Job Role

• Ensures the timely and effective identification, triage, containment, remediation, and recovery of security incidents, leveraging process improvisation to address novel situations.
• Analyses lessons learned from previous incidents, tracks remediation actions to closure, and ensures that relevant findings are addressed, and playbooks updated accordingly.
• Responsible for strategic planning, leadership, organization, and governance for the team, and accountable for organizational performance and human capital management.
• Responsible for People and Operations Management for a Security Operations Centre (SOC) providing 24x7 Defensive Cybersecurity Operations with global coverage.
• Acts as hiring manager for new employees and trains and evaluates existing employees to improve performance and foster professional development.
• Liaises with vendors, suppliers, and service providers to optimize existing solution implementations and ensure ongoing currency of analyst skills.
• Acts as a central point of contact for the Cyber Threat Response team to manage security event monitoring and incident response.
• Liaises with relevant support groups to coordinate cybersecurity incident response within a collaborative working environment.
• Develops, maintains and continuously improves service delivery processes and Incident Response and Automation playbooks.
• Develops, implements, and maintains Security Operations policies, procedures, and service documentation for the team.
• Ensures that operational objectives are met in compliance with Service Level Agreements (SLAs), process adherence.
• Liaises with Operations Management and other stakeholders to furnish evidence for relevant regulatory requirements.
• Ensures that processes in scope integrate with related processes and generate such evidence.
• Directs and controls Service Operation and Continual Service Improvement.

Strategy

• Monitor, detect and respond to any potential security threats across the Bank to ensure all events are acted on in a timely manner.

Business

• Support senior incident handlers during cybersecurity incident response activities.
• Work closely with the other support groups to assess risk and provide recommendations for improving the Bank\xe2\x80\x99s security posture.
• Conduct research on attack patterns, techniques, and develop creative solutions to detect / prevent adversarial tools, techniques and procedures.
• Collaborate with key stakeholders to continuously enhance playbooks as new products, logs, and capabilities are introduced to the organization.
• Collaborate with key stakeholders in improving the Bank\xe2\x80\x99s detection posture.
• Identify opportunities to improve detection and response capabilities of the team.
• Work with content engineering team to monitor and tune alerts.

Processes

• Ensure adherence to all internal and external policies, procedures and regulations.

Risk Management

• Be aware of, identify and escalate all risk issues and concentrations in accordance to the firm\xe2\x80\x99s Group Information and Cyber Security Policy. Where appropriate, direct remedial action and/or ensure adequate reporting to Risk Committees.

Governance

• Promote an environment where compliance with internal control functions and the external regulatory framework is a central priority of the service.

Regulatory and Business Conduct

• Display exemplary conduct and live by the Group\xe2\x80\x99s Values and Code of Conduct.
• Take personal responsibility for embedding the highest standards of ethics, including regulatory and business conduct, across Standard Chartered Bank. This includes understanding and ensuring compliance with, in letter and spirit, all applicable laws, regulations, guidelines and the Group Code of Conduct.
• Lead to achieve the outcomes set out in the Bank\xe2\x80\x99s Conduct Principles: [Fair Outcomes for Clients; Effective Financial Markets; Financial Crime Compliance; The Right Environment].
• Effectively and collaboratively identify, escalate, mitigate and resolve risk, conduct and compliance matters.
• Exercise authorities delegated by the Board of Directors and act in accordance with Articles of Association.

Key Stakeholders

• Tech, Transform and Operations
• Cyber Security
• Cyber Defence and Operations Technology
• Cyber Defence Centre
• Security Monitoring and Analytics
• Group Threat Management

Other Responsibilities

• Work within a 24x7 shift model
• Provide after-hours rotational coverage when required

Our Ideal Candidate

• Diploma or higher educational qualification in Engineering, Computer Science / Information Technology or an equivalent qualification in a relevant discipline.
• At least 9 years of experience in Information Security, preferably in the Banking and Financial Services sector with 4 years of hands-on experience working in a Security Operations Centre (SOC)

The following certifications are desirable but not mandatory

• ISC2 Certified Information Systems Security Professional (CISSP), ISACA Certified Information Security Manager (CISM), EC Council Certified Ethical Hacker (CEH), EC Council Certified Security Analyst (ECSA), SANS GIAC Certified Incident Handler (GCIH), CERT Certified Computer Security Incident Handler (CSIH), Axelos Information Technology Infrastructure Library (ITIL) v3 Foundation

Role Specific Technical Competencies

• Excellent oral and written communication skills, with English at ILR Level 4 or better. Basic familiarity with Microsoft Office or similar productivity software, with the ability to produce documents, spreadsheets, and presentations of high complexity
• Strong understanding of core Enterprise Information Technology and Computer Networking concepts (Desktop / Laptop, Mobile Device, Server, Network Device, LAN and WAN)
• Knowledge in breadth and reasonable depth of Cybersecurity Incident Analysis and Response and Cybersecurity Defensive Operations (Blue Team) in complex organizations
• Strong understanding of enterprise directory management solutions (e.g., Active Directory, LDAP) and related functions such as Group Policy and Single Sign On
• Demonstrated ability to solve multiple, interconnected problems of high complexity and come up with innovative, forward-thinking solutions
• Comprehensive knowledge of IT Service Management (ITSM) processes within a recognised framework (ITIL, COBIT)
• Self-motivated and able to work independently. Comfortable with working remotely for extended periods if required
• Exposure to Security Orchestration, Automation, and Reporting (SOAR) solutions, preferably Splunk Phantom
• Strong understanding of the current cyber threat landscape as well as current risks, vulnerabilities, and threats
• Exposure to working with Managed Security Service Providers (MSSPs) and third party vendors and suppliers
• Exposure to Endpoint Security and Endpoint Detection and Response solutions, preferably Symantec
• Exposure to Security Information and Event Management (SIEM) solutions, preferably Splunk ES
• Working understanding of application security within the OWASP framework
• Demonstrated ability to work with a diverse, geographically-dispersed team
• Exposure to Network and Email Security solutions, preferably Symantec
• Strong understanding of Audit, Compliance, Governance, and reporting
• Exposure to WAN traffic management and DDoS mitigation solutions
• Exposure to Privileged Session Management solutions
• Exposure to Database Activity Monitoring solutions
• Working understanding of digital forensics
• Exposure to case management solutions

\xc2\xadAbout Standard Chartered

We\'re an international bank, nimble enough to act, big enough for impact. For more than 160 years, we\'ve worked to make a positive difference for our clients, communities, and each other. We question the status quo, love a challenge and enjoy finding new opportunities to grow and do better than before. If you\'re looking for a career with purpose and you want to work for a bank making a difference, we want to hear from you. You can count on us to celebrate your unique talents. And we can\'t wait to see the talents you can bring us.

Our purpose, to drive commerce and prosperity through our unique diversity, together with our brand promise, to be here for good are achieved by how we each live our valued behaviours. When you work with us, you\'ll see how we value difference and advocate inclusion. Together we:

• Do the right thing and are assertive, challenge one another, and live with integrity, while putting the client at the heart of what we do
• Never settle, continuously striving to improve and innovate, keeping things simple and learning from doing well, and not so well
• Be better together, we can be ourselves, be inclusive, see more good in others, and work collectively to build for the long term

In line with our Fair Pay Charter, we offer a competitive salary and benefits to support your mental, physical, financial and social wellbeing.

• Core bank funding for retirement savings, medical and life insurance, with flexible and voluntary benefits available in some locations
• Time-off including annual, parental / maternity (20 weeks), sabbatical (12 weeks maximum) and volunteering leave (3 days), along with with minimum global standards for annual and public holiday, which is combined to 30 days minimum
• Flexible working options based around home and office locations, with flexible working patterns
• Proactive wellbeing support through Unmind, a market-leading digital wellbeing platform, development courses for resilience and other human skills, global Employee Assistance Programme, sick leave, mental health first-aiders and all sorts of self-help toolkits
• A continuous learning culture to support your growth, with opportunities to reskill and upskill and access to physical, virtual and digital learning
• Being part of an inclusive and values driven organisation, one that embraces and celebrates our unique diversity, across our teams, business functions and geographies - everyone feels respected and can realise their full potential.

Recruitment assessments - some of our roles use assessments to help us understand how suitable you are for the role you\'ve applied to. If you are invited to take an assessment, this is great news. It means your application has progressed to an important stage of our recruitment process.

Visit our careers website

Standard Chartered