Job Description

Job Summary

• The Operational, Technology and Cyber Risk (OTCR) organisation is instrumental in protecting and ensuring the resilience of Standard Chartered Bank's operations, data, and IT systems by managing operational, technology and cyber risk across the enterprise. As a critical function reporting into the Group Chief Risk Officer (CRO), the Group OTCR team serves as the second line of defence for assuring that controls are implemented effectively, in accordance with the OTCR Framework, and for instilling a risk culture within the Bank.

• The Assurance Manager is a permanent role that requires good business acumen and a detailed knowledge of risk assessment and control testing. The successful candidate will have key skills in critical thinking, problem solving, and stakeholder management, and be able to respond in a flexible and collaborative manner to evolving business, regulatory and threat demands. The role reports directly to the Vice President, OTCR, Attestation & Control Testing. The Manager will work closely with key stakeholders to address Operational, Technology and Cyber risks as an identified "top risk" for the Bank and align these to the Bank's overall ICS Risk Type Framework and Enterprise Risk Management Framework (ERMF). The candidate will be required to engage with senior stakeholders across the business, technology, governance, CISO and other risk functions to act as an independent trusted advisor, providing key insights from testing to enable effective risk decisions making. This will be with the support of their line manager.

• The successful candidate will be able to lead and complete focus reviews on the areas of highest Operational, Technology and Cyber risks, providing insights which enable uplift of the OTCR risk posture. It is critical therefore, to have good stakeholder engagement, liaison, and negotiation experience, along with strong communication skills. The candidate needs to demonstrate an awareness and understanding of the regulatory framework in which the Group operates, and the regulatory requirements and expectations relevant to the role.

• We are seeking an Assurance Manager who will be responsible for the following areas:

Risk & CFCC Service Catalogue Primary Responsibilities

• Validate and independently assure.

Strategy

• Awareness and understanding of the Group's business strategy and model appropriate to the role.

Business

• Awareness and understanding of the wider business, economic and market environment in which the Group operates

Processes

• The Manager will work closely with key stakeholders to address Operational, Technology and Cyber risks as an identified "top risk" for the Bank and align these to the Bank's overall ICS Risk Type Framework and Enterprise Risk Management Framework (ERMF). Support the Lead and the Head of ICS Attestation and Controls Testing (OTCR) to define, develop and operationalise the OTCR OR & Tech Risk Assurance team to align with the risk management strategy and wider enterprise risk management strategy for the Bank Enterprise Risk Management Framework ("ERMF") and other related processes.

People & Talent

• Lead through example and build the appropriate culture and values
• Work in collaboration with stakeholders, whilst upholding and reinforcing the independence of the second line
• Establishing constructive relationships with Key Stakeholders (as defined below)

Risk Management

• Ability to identify, assess, monitor, risks to the Group or related business/function/country, mainly related to operational, technology and ICS PRTs. It may be specific to the scope of assurance or testing, as well as an awareness and understanding of the main risks facing the Group and the role the individual plays in managing them.

Governance

• Responsible for assessing the effectiveness of the Group's arrangements to deliver effective governance, oversight and controls in the business and, if necessary, oversee changes in these areas; Awareness and understanding of the regulatory framework, in which the Group operates, and the regulatory requirements and expectations relevant to the role. It may be specific to the scope of assurance or testing.

Regulatory & Business Conduct

• Displaying exemplary conduct and living by the Group's Values and Code of Conduct.
• Taking personal responsibility for embedding the highest standards of ethics, including regulatory and business conduct, across Standard Chartered Bank. This includes understanding and ensuring compliance with, in letter and spirit, all applicable laws, regulations, guidelines and the Group Code of Conduct.
• Effectively and collaboratively identifying, escalating, mitigating and resolving risk, conduct and compliance matters.
• Providing ongoing reporting of risk exposure into governance meetings and to key stakeholders

Key stakeholders

• OTCR LT
• OTCR SPOC
• ERM - Frameworks & Policy
• ERM - Risk Appetite
• Head of Technology & Cyber Audit
• Business CIOs
• COO, CCIB, Europe & Americas
• COO, CPPB
• Business CROs
• CIO, CPBB
• CIO, CCIB, Europe & Americas
• Regional COOs
• Regional & Country CROs
• CIO, Functions
• Group Function Heads
• Group Head of Enterprise Technology
• Policy Owners

Key Responsibilities

• Support the Lead and the Head of ICS Attestation and Controls Testing (OTCR) to define, develop and operationalise the OTCR Risk Assurance team to align with the risk management strategy and wider enterprise risk management strategy for the Bank Enterprise Risk Management Framework ("ERMF")
• Support the Lead and Head of ICS Attestation and Controls Testing (OTCR) to define and develop structured Assurance capabilities and to lead/ execute risk-based independent reviews of control efficacy by assessing the design and operating effectiveness of key controls.
• Execute risk-based independent reviews of control efficacy by assessing the design and operating effectiveness of key controls.
• Provide the management and validation of findings identified in Assurance OR & Tech risk reviews.
• Drive and support internal growth initiatives to upskill staff competencies, optimise resources/capacity, enhance digital agility and identification of risk hotspots for assurance work.
• Drive, collaborate and support cross-functional initiatives to drive greater efficiency and effectiveness
• Building and promote good external partnerships with stakeholders to collaborate effectively
• Work with the wider OTCR Assurance & Testing team to focus testing on areas of highest risk and regulators as required

Skills and Experience

• Strong knowledge of the businesses, markets and operations of Standard Chartered Bank and the policies, procedures, and processes through which Operations addressed throughout the Group
• Technical understanding and experience in Cyber/ICS, Technology & Operational risks & control

• Proven ability to complete highly complex assurance reviews
• Good analytical skills: ability to think clearly and rigorously about how best to assess existing and emerging risks and readiness, being able to reach a pragmatic approach and direction.
• Experience of identifying risks (both existing and emerging), developing mitigation actions, and reaching agreement with stakeholders on the management of risks and issues.
• Sound judgement and anticipation and strong integrity, independence and resilience
• Communication Skills:
• Excellent English oral and written skills
• Ability to communicate and explain complicated risk issues to internal and external stakeholders in a simple and business-friendly way
• Able to challenge constructively in a non-confrontational manner
• A self-starter, able to take initiation, to navigate within the approved parameters to work out a sensible and practical recommendation or decision
• Ability to participate within a multi-disciplinary team and be a strong team player
• Ability to identify opportunities for continuous improvements
• Strong emotional and cultural intelligence, being able to embrace and drive diversity of thought through inclusion and the valuing of cultural diversity

• Analytical Thinking
• Operational Risk
• Information Assurance
• Risk Management
• Business Partnering
• Manage People
• Manage Vendors
• Operational and Technology Risk Management
• Organisational Governance
• Written Communications

Qualifications

• Desired Qualifications: relevant industry leading certification such as:
• Industry related qualification in Operational Risk Management, such as CORM, CRISC and/or PRMIA ORM
• Industry related qualification in Assurance/Audit such as IIA, CISA, CIA and/or CRMA
• Degree level education or equivalent

About Standard Chartered
We're an international bank, nimble enough to act, big enough for impact. For more than 170 years, we've worked to make a positive difference for our clients, communities, and each other. We question the status quo, love a challenge and enjoy finding new opportunities to grow and do better than before. If you're looking for a career with purpose and you want to work for a bank making a difference, we want to hear from you. You can count on us to celebrate your unique talents and we can't wait to see the talents you can bring us.
Our purpose, to drive commerce and prosperity through our unique diversity, together with our brand promise, to be here for good are achieved by how we each live our valued behaviours. When you work with us, you'll see how we value difference and advocate inclusion.
Together we:

• Do the right thing and are assertive, challenge one another, and live with integrity, while putting the client at the heart of what we do
• Never settle, continuously striving to improve and innovate, keeping things simple and learning from doing well, and not so well
• Are better together, we can be ourselves, be inclusive, see more good in others, and work collectively to build for the long term

What we offer
In line with our Fair Pay Charter, we offer a competitive salary and benefits to support your mental, physical, financial and social wellbeing.

• Core bank funding for retirement savings, medical and life insurance, with flexible and voluntary benefits available in some locations.
• Time-off including annual leave, parental/maternity (20 weeks), sabbatical (12 months maximum) and volunteering leave (3 days), along with minimum global standards for annual and public holiday, which is combined to 30 days minimum.
• Flexible working options based around home and office locations, with flexible working patterns.
• Proactive wellbeing support through Unmind, a market-leading digital wellbeing platform, development courses for resilience and other human skills, global Employee Assistance Programme, sick leave, mental health first-aiders and all sorts of self-help toolkits
• A continuous learning culture to support your growth, with opportunities to reskill and upskill and access to physical, virtual and digital learning.
• Being part of an inclusive and values driven organisation, one that embraces and celebrates our unique diversity, across our teams, business functions and geographies - everyone feels respected and can realise their full potential.

35919