Head, Cyber Threat Intelligence & Counter Measures
About Standard Chartered
We are a leading international bank focused on helping people and companies prosper across Asia, Africa and the Middle East.
To us, good performance is about much more than turning a profit. It's about showing how you embody our valued behaviours - do the right thing, better together and never settle - as well as our brand promise, Here for good.
We are committed to promoting equality in the workplace and creating an inclusive and flexible culture - one where everyone can realise their full potential and make a positive contribution to our organisation. This in turn helps us to provide better support to our broad client base.
The Role Responsibilities
Cyber Security Services (CSS) is a critical function within Standard Chartered Bank operating under the overall purview of COO - Trust, Data & Automation function.
The mission of the team is to "Protect the Bank from Cyber Threats whilst delivering client centric services". The CSS team is made up of cyber security thought leaders based in 7 geographies, who are accountable for the provision of a global set of cyber security services and capabilities to maintain and continuously improve Bank's cyber security posture in today's ever evolving cyber security landscape.
This includes managing and responding to information and cyber security incidents to support the continuity and growth of the Bank's business operations; and meet the both internal and external stakeholders' expectations across 70+ countries and territories, in which SCB operates.
This is an Executive Director role who will report directly to the Global Head, Cyber Security Services. The role will manage a global team based across 6 countries with accountability for the successful execution of the Cyber Threat Intelligence Strategy. On a day to day basis, the role will responsible for providing strategic thought leadership to the C-Suite as well as maintaining and maximising the value from the Banks intelligence relationships to proactively identify potential threats and minimise the potential impact of cyber security threats targeting the Bank. This role is a transformational role that will be accountable for moving the banks CTI capabilities from "fit for purpose" to "best in class" over the next 3 years.
Strategy - Provide leadership and oversight by setting the direction, people strategy, stakeholder engagement and operating model of the Global Cyber Threat Intelligence (CTI) and Counter Measures function within Cyber Security Services (CSSS).
- Drive strategic, tactical and threat focused cyber intelligence to educate and inform senior executives on protecting the Bank's digital assets from known and developing cyber threats at a technology and board level.
- Build global relationships and represent Standard Chartered at trusted forums, regulator briefing and official information exchanges inducing wider industry, law enforcement and government.
- Manage and coordinate the effective delivery of tailored countermeasure intelligence, to influence the implementation and investment prioritisation of technology capabilities, Secure by Design requirements, security architecture and policy that improves the security resilience of the Bank.
- Lead the technical delivery of intelligence into global threat campaigns against the banking and payment sector technology (SWIFT, BACS, FX/FM) and relevant analysis on campaigns and TTPs impacting the Bank.
- Implement industry frameworks for identifying kill chain, control and procedural control gaps that adversaries are exploiting to continually enhance existing security capabilities to detect and stop all types of threats.
- Lead complex and Bank wide intelligence improvement efforts that work across Fraud, Business, Risk and Technology domains.
- Drive the capability uplifting to ensure an appropriate toolset, technologies and processes are in place to optimise, automated and achieve effective CTI service supporting the team's operational objectives.
- Ownership of the CTI service catalog content (including service fact sheets, service descriptions, service level objectives, total cost of ownership etc.)
- Defines and maintain the CTI service and products strategy based on the evaluation of internal and external threat trends, business needs, regulatory and corporate drivers.
- Plan and manages the financing of the CTI service (RtB, Continuous Improvement budget, CtB) within the applicable financial framework.
- Performs thorough assessment and analysis on new and existing changes to CTI service capability and its end-to-end components, ensuring fit for purpose solutions and appropriate service components are implemented.
- Proactively engage with senior stakeholders to obtain buy-in for the service and provide strategic advice.
Risk Processes - Act as the Group Process Owner (GPO) responsible for executing and full front to back control oversight over all CSS CTI controls and processes as defined in the Group's Operational Risk Framework and ICS RTF.
People and Talent - Lead, develop and continuously motivate a globally diverse team
- Lead through example and build the appropriate conduct, culture and values. Set appropriate tone and expectations from their team and work in collaboration with risk and control partners.
- Ensure the provision of ongoing training and development of people and ensure that holders of all critical functions are suitably skilled and qualified for their roles ensuring that they have effective supervision in place to mitigate any risks.
- Employ, engage and retain high quality people, with succession planning for critical roles.
- Continuously review team structure/capacity plans.
- Set and monitor job descriptions and objectives for the department and provide feedback and rewards in line with performance against those responsibilities and objectives
Risk Management - Manage the effective and efficient delivery of these services to the Group; ensure they are appropriately operated, managed and documented; as well as monitored and measured using key performance and risk indicators.
- Appropriately define control framework, continually test and remediate deficiencies, risks and issues and report to senior management as required.
- To liaise with operations risk and audit and provide information and provide relevant and adequate evidence of control design and operating effectiveness where required.
Governance - Ensure effective CSS CTI input into Governance Boards exists providing evidence of high-level and low-level security technical standards being met, stakeholder requirements being met and transparency of critical service metrics.
- Provide reporting to appropriate risk committees on the evolution and progress of the CTI Security Transformation Programmes, and regular status updates for reporting to the Board and Group Management Team.
Regulatory & Business Conduct - Display exemplary conduct and live by the Group's Values and Code of Conduct.
- Take personal responsibility for embedding the highest standards of ethics, including regulatory and business conduct, across Standard Chartered Bank. This includes understanding and ensuring compliance with, in letter and spirit, all applicable laws, regulations, guidelines and the Group Code of Conduct.
- Effectively and collaboratively identify, escalate, mitigate and resolve risk, conduct and compliance matters.
Our Ideal Candidate - 15+ years of cyber threat intelligence experience and direct experience leading a CTI team.
- Experience working with or within intelligence agencies and/or the military
- Deep technical knowledge of the cyber threat landscape including threat actors, attack types, tactics, tools and procedures, and effective countermeasures in a banking environment.
- Extensive experience and understanding of intelligence processes: analytical methods, the intelligence cycle, intelligence collection plans, source and information evaluation etc.
- Experience developing and working with industry capability assessment methodologies and advanced understanding of the cyber kill chain, other attack methodologies and cyber intel fusion capabilities with e.g. Fraud, AML, Financial Crime.
- Excellent communication and briefing skills at senior executive and board level - oral, written and presentation; technical reporting writing across various types of target audiences.
- Significant experience designing, engineering or managing CTI and detection technologies deployed on large scale enterprises across multiple platforms.
- Highly entrepreneurial with a high level of energy, dedication, and an unrelenting drive to deliver value.
- Strong sense of personal ownership and responsibility in accomplishing the organisation's goal. Is confident and will roll-up his/her sleeves to drive success.
- Able to get things done in a quick-paced environment. Be transparent and open around what doesn't work and what does not.
- Excellent organizational and leadership skills (successfully lead and managed end-to-end technology services and or technology operations) with ability to manage multiple deadlines and effectively prioritise
- Experience of developing a people strategy, influencing relevant stakeholders and decision makers, and executing decisions efficiently and consistently.
- Experience engaging directly with regulators.
Apply now to join the Bank for those with big career ambitions.
To view information on our benefits including our flexible working please visit our career pages .