The Role Responsibilities
- The purpose of the Technology Risk Coverage role is to help deliver an independent, effective and lean second line of defence for Technology Risk. The role focuses on a selected Line of Business or Function (see Job Title) to cover the key required activities under our parent Risk Type Framework.
- The role is part of a wider Group Operational Risk Function which oversees a number of different non-financial risk types. Group Operational Risk is positioned within the bank's Risk Function which is led by the Group's Chief Risk Officer.
- The candidate would be joining at an exciting time, as the team looks to continually strengthen our second line approach, help the organisation safely adopt new technologies safely and support first line risk management and transformation activities. The nature of the role delivers at a Group level, positioning the candidate to have an outsized impact on risk management.
- Join a growing team that is recently empowered to deliver full independent second line technology risk coverage and challenge. Help shape the future of the new team and provide support for teammates who are performing the complementary second line technology risk-coverage roles for each line of business and function.
The role will focus on the following activities:
- Risk Assessments - Challenge Risk & Control Self Assessments (RCSA) for Technology Risk including Top-Down Reviews, the Annual RCSA Review and any ad-hoc Trigger Reviews. Challenge-Approve risk assessments performed for new material business initiatives. Challenge Treatment Plans and Closures.
- Events - Challenge Operational Risk Events for technology incidents and monitor related significant financial losses. Challenge Treatment Plans for Root Cause Reviews.
- Change Governance - Challenge-Approve Change Risk Assessments and Go Lives for initiatives led by the Technology function. Provide support and advice for OR colleagues perform such assessments across the lines of business and functions where initiatives carry significant technology risk. Provide a Challenge at applicable change forums (Refinement Forums, Product Reviews)
- Assurance - Perform thematic second line assurance reviews in support of the Technology Policy assurance, as part of a wider integrated second line pipeline. Perform short and targeted Focused Reviews for areas of topical and key concern.
- Other: Provide support or act as an advocate for the wider Group Operational Risk activities.
- Awareness and understanding of the Group's and Function's business strategy and model appropriate to the role
- Awareness and understanding of the wider business, economic and market environment in which the Group operates
People and Talent
- Responsible for executing risk management responsibilities of the second line of defence as defined within the Operational Risk Policy and Standard, and Group Technology Policy
- Responsible for individual training and familiarisation of knowledge relevant to the role and subject matter areas of work that is assigned
- Understanding the role's responsibilities with respect to the relevant risk policies/standards, risk framework owner role, and second line operational risk role.
Regulatory and Business Conduct
- Responsible for supporting the maintenance of the Group Technology Policy and relevant documents owned by the CRO Technology team.
- Responsible for executing activities associated with assessing the effectiveness of the Group Technology Policy. Awareness and understanding of the technology regulations for key markets in in which the Group operates.
- Display exemplary conduct and live by the Group's Values and Code of Conduct.
- Take personal responsibility for embedding the highest standards of ethics, including regulatory and business conduct, across Standard Chartered Bank. This includes understanding and ensuring compliance with, in letter and spirit, all applicable laws, regulations, guidelines and the Group Code of Conduct.
- Effectively and collaboratively identify, escalate, mitigate and resolve risk, conduct and compliance matters.
Our Ideal Candidate
- Team colleagues - officers in our team performing Governance roles.
- Enterprise Risk Management and the wider Group and Country Operational Risk Teams
- First Line Technology Process Owners and Teams
- First Line Technology Risk Management
- CIO Domain teams
- Control Owners
- Owners of technical standards
- Risk Framework Owners, Policy Owners and SMEs for other risk types (Compliance, Information & Cyber Security, Third Party, Change Management, Resilience).
Role Specific Competencies
- Relevant Professional Certifications (e.g. CRISC, CISA, CISM, ITIL) an advantage.
- 15+ years' of experience in financial institutions and/or highly regulated technology dependent industries.
- Previous experience in technology risk roles (First or Second Line) or technology audit (Third Line of Defence). Candidates from technology-related disciplines are welcome to apply if they can demonstrate transferable skills and a passion to become a risk professional.
- Experience in advisory, audit, or consulting roles that require strong stakeholder management an advantage.
- Professional Certifications related to technology risk (e.g. CRISC, CGEIT, CISA, CISM) an advantage.
- Profession Certifications related to project management, software delivery lifecycles, technology processes (e.g. ITIL) an advantage or equivalent practical "on the job" experience.
- Familiarity with modern and emerging technology techniques and an interest to stay abreast of industry developments (e.g. Agile development, DevOps, Cloud, APIs, etc).
- Comfortable working in a small team challenging risk-decisions made by more senior staff.
- Able to demonstrate a risk-based approach to focus attention on the key risks and sound judgement on matters that can be dealt with autonomously versus matters that require escalation.
- Comfortable looking beyond a purely task-driven approach and able to take ownership of the wider objective, while seeking for support when required.
- Passionate about keeping abreast of industry developments in technology risk and keen to advance their own subject matter expertise by seeking personal growth opportunities.
- Demonstrates competency in Critical Thinking, Non-Financial Risk Management, managing change and Stakeholder Management.
- Strong business writing skills.
About Standard Chartered
- Operational Risk
- Business Partnering
- Manage Risk
- Business Writing
- IT Audit and Control
We're an international bank, nimble enough to act, big enough for impact. For more than 160 years, we've worked to make a positive difference for our clients, communities, and each other. We question the status quo, love a challenge and enjoy finding new opportunities to grow and do better than before. If you're looking for a career with purpose and you want to work for a bank making a difference, we want to hear from you. You can count on us to celebrate your unique talents. And we can't wait to see the talents you can bring us.
Our purpose, to drive commerce and prosperity through our unique diversity, together with our brand promise, to be here for good are achieved by how we each live our valued behaviours. When you work with us, you'll see how we value difference and advocate inclusion. Together we:
In line with our Fair Pay Charter,
- Do the right thing and are assertive, challenge one another, and live with integrity, while putting the client at the heart of what we do
- Never settle, continuously striving to improve and innovate, keeping things simple and learning from doing well, and not so well
- Be better together, we can be ourselves, be inclusive, see more good in others, and work collectively to build for the long term
we offer a competitive salary and benefits to support your mental, physical, financial and social wellbeing.
Recruitment assessments -
- Core bank funding for retirement savings, medical and life insurance, with flexible and voluntary benefits available in some locations
- Time-off including annual, parental/maternity (20 weeks), sabbatical (12 weeks maximum) and volunteering leave (3 days), along with minimum global standards for annual and public holiday, which is combined to 30 days minimum
- Flexible working options based around home and office locations, with flexible working patterns
- Proactive wellbeing support through Unmind, a market-leading digital wellbeing platform, development courses for resilience and other human skills, global Employee Assistance Programme, sick leave, mental health first-aiders and all sorts of self-help toolkits
- A continuous learning culture to support your growth, with opportunities to reskill and upskill and access to physical, virtual and digital learning
- Being part of an inclusive and values driven organisation, one that embraces and celebrates our unique diversity, across our teams, business functions and geographies - everyone feels respected and can realise their full potential.
some of our roles use assessments to help us understand how suitable you are for the role you've applied to. If you are invited to take an assessment, this is great news. It means your application has progressed to an important stage of our recruitment process.
Visit our careers website www.sc.com/careers