Head, OTCR, Policy & Regulatory Management (India, Malaysia, Poland)

Job Summary

The Operational, Technology and Cyber Risk (OTCR) organisation is instrumental in protecting and ensuring the resilience of Standard Chartered Bank’s operations, data, and IT systems by managing operational, technology and cyber risk across the enterprise. As a critical function reporting into the Group Chief Risk Officer (CRO), the Group OTCR team serves as the second line of defence for assuring that controls are implemented effectively, in accordance with the OTCR Framework, and for instilling a risk culture within the Bank

Key Responsibilities

The Head of Policy & Regulatory Management is a key leadership role responsible for developing, implementing, and maintaining robust policies, and overseeing standards and controls to safeguard the company's information assets and ensure regulatory compliance within the dynamic industry. This role will lead a small team of policy and risk professionals, collaborate with key stakeholders across the organization, and act as a subject matter expert on evolving cyber security and technology policy matters.

The Policy team are responsible for defining and maintaining Cyber and Technology Policy and overseeing first line standards and control implementation. Policy and standard set out the mandatory outcomes the Bank needs to manage the requisite risks effectively, requiring regular update and management to deliver operationally effective and future fit guidelines. The role will be responsible for providing thought leadership on best-in-class policy, standards and control delivery, helping drive the simplification, consolidation and continuous improvement.

The role also includes executing Legal and Regulatory Management activities related to the respective policies and frameworks including mapping of regulatory requirements against new regulations and responding to regulatory RFI’s.

Skills And Experience

The ICS & Technology Policy function is responsible for ensuring that the respective policies remain valid, relevant and effective together with the Standards that support the Policy. The responsibilities include.

• Develop, maintain, and enforce comprehensive Cyber Security and Technology policies that are aligned with industry best practices (e.g., NIST, ISO 27001, PCI DSS), regulatory requirements (e.g., GDPR, CCPA, FFIEC), and business objectives. Ensure policies are clearly documented, communicated, and readily accessible to all relevant stakeholders.
• The role will be heavily focused on driving enhancement and convergence across ICS and Technology. This will include providing thought leadership on risk and controls, guiding the organisation to develop a simplified control taxonomy, and improving measurement, reporting and compliance.
• Ensure forward looking approach to assess and update the Policy for fast evolving emerging technologies such as AI, Quantum Computing and Digital Assets.
• Ensure alignment across wider Risk Frameworks and ecosystem, connecting the dots across frameworks, policy, standards, controls, and process.
  
  

Qualifications

• A rigorous and analytical approach to risk management
• Knowledge of the Business and its franchise and/or remit.
• Experience of business partnering, including the ability to synthesise and articulate complex and technical topics clearly to diverse audiences
• Ability to manage a diverse and challenging stakeholder community / team
• Proven experience with co-ordination of many dependencies in a complex, large-scale environment
• Specific strong competence in the use of Excel for analysis of complex data and PowerPoint for communication purposes
  
  

Ideally the role holder will have specific experience of OTCR frameworks and have an in-depth knowledge of some of the key organisational and operational challenges faced by a Second-Line Risk function.

• Group, with specific knowledge in cyber and information security risk
• Ability to represent the Bank with external stakeholders via Industry Forums and at key Regulatory meetings.
• Ability to assess priorities and focus on detailed aspects of a SME function to drive effective delivery
• Excellent analytical skills: ability to think clearly and rigorously about how best to assess existing and emerging risks and readiness, being able to reach a pragmatic approach and direction.
  
  

About Standard Chartered

We're an international bank, nimble enough to act, big enough for impact. For more than 170 years, we've worked to make a positive difference for our clients, communities, and each other. We question the status quo, love a challenge and enjoy finding new opportunities to grow and do better than before. If you're looking for a career with purpose and you want to work for a bank making a difference, we want to hear from you. You can count on us to celebrate your unique talents and we can't wait to see the talents you can bring us.

Our purpose, to drive commerce and prosperity through our unique diversity, together with our brand promise, to be here for good are achieved by how we each live our valued behaviours. When you work with us, you'll see how we value difference and advocate inclusion.

Together We

• Do the right thing and are assertive, challenge one another, and live with integrity, while putting the client at the heart of what we do
• Never settle, continuously striving to improve and innovate, keeping things simple and learning from doing well, and not so well
• Are better together, we can be ourselves, be inclusive, see more good in others, and work collectively to build for the long term
  
  

What We Offer

In line with our Fair Pay Charter, we offer a competitive salary and benefits to support your mental, physical, financial and social wellbeing.

• Core bank funding for retirement savings, medical and life insurance, with flexible and voluntary benefits available in some locations.
• Time-off including annual leave, parental/maternity (20 weeks), sabbatical (12 months maximum) and volunteering leave (3 days), along with minimum global standards for annual and public holiday, which is combined to 30 days minimum.
• Flexible working options based around home and office locations, with flexible working patterns.
• Proactive wellbeing support through Unmind, a market-leading digital wellbeing platform, development courses for resilience and other human skills, global Employee Assistance Programme, sick leave, mental health first-aiders and all sorts of self-help toolkits
• A continuous learning culture to support your growth, with opportunities to reskill and upskill and access to physical, virtual and digital learning.
• Being part of an inclusive and values driven organisation, one that embraces and celebrates our unique diversity, across our teams, business functions and geographies - everyone feels respected and can realise their full potential.