Singapore Job Openings

Standard Chartered

Head, Cloud Security (Singapore & Malaysia)

October 10, 2024

Job Summary

If you are not an engineer, cannot code, and are unable to motivate the organisation on the benefits of cloud, this role is not for you.
The Head of Cloud Security is responsible for establishing and maintaining the security posture of the organisations cloud environments. The role leads the development and implementation of security strategies, ensure that cloud infrastructure, applications and data are protected from threats. The Head of Cloud Security oversees risk management, security incident response and compliance with regulatory standards, ICS standards and industry best practices across multi-cloud environments. They collaborate with cross-functional teams to embed security into the development lifecycle, continuously improve security processes and drive a culture of security awareness through the organization.
The role is responsible for conducting security assessments, audits, post-incident reviews to ensure the organisation’s cloud infrastructure is resilient and prepared for future risks. The role fosters a collaborative approach to security, ensuring that both technical teams, security teams, risk and business stakeholder are aligned in maintaining a secure cloud environment.

Key Responsibilities

Strategy

Define and execute a comprehensive cloud security strategy that aligns with organization goals and regulatory requirements
Regularly review and update security strategies and practices based on emerging threats, industry trends, and organizational changes

Business

Be responsible for the security of the cloud platform and take personal responsibility
Design and maintain a secure cloud architecture, integrating best practices and technologies to protect against threats.
Work with security architecture to define the platform security controls
Develop threat models and controls to protect the cloud platform
Implement preventive controls on the cloud platform across AWS & Azure on pipelines, account baselines and policy configurations
Implement detective & corrective controls on the cloud platform across AWS & Azure
Implement and enforce robust security controls across the cloud platform to protect data, applications, and infrastructure from vulnerabilities and threats
Ensure continuous monitoring and enhancement of the cloud security posture, implementing best practices and proactive measures to safeguard against evolving threats
Lead the response to security incidents, conducting investigations, and implementing remediation measures to prevent recurrence.
Assess the security posture of cloud service providers and third-party vendors, ensuring they meet the organization’s security requirements
Integrate security practices into the cloud development and deployment pipelines, ensuring that security is embedded throughout the software lifecycle

Processes

Work with Technology Governance to issue appropriate policies, procedures and quality checks for operating and servicing cloud workloads across the bank
Enable governance of ICS controls on the cloud platform and integrate seamlessly with cyber security processes and controls
Have awareness of and understand the relevant regulation for the markets in which the bank operates such as sovereignty and resilience.
Ensure compliance with Standard Chartered governance frameworks and challenge them where appropriate.
Keep program management teams in-tune with statuses and risks during change delivery

Skills and Experience

People & Talent

The leader is an engineer at heart and keeps a lean, motivated and highly skilled team of cloud engineers that together are obsessed with customer (internal or external) needs
The team believes and advocates efficiency as a continuous engineering challenge not a commercial ambition
Drives a deep sense of entrepreneurialism into the team to endlessly pursue opportunities with the cloud for the bank
The team of talented engineers has it drilled into them that their success also pivots on the ability for other engineers to deploy workloads on the cloud platform easily and seamlessly
Be an inspiration to other engineers attracting and developing new talent to the organisation and managing poor performers
Keep a list of practical yet challenging objectives and measures for the team and individuals to target
Promote a culture of security awareness within the organization by providing training and resources to educate staff on cloud security practices and policies

Risk Management

Comply with organisation risk management framework
Identify, assess, and mitigate security risks, ensuring compliance with industry standards and regulations.
Work closely with risk counterparts across technology, cyber and other areas for safe deployment of workloads to cloud
Drive for the closure of risks, operational events and audit findings on time, once and done

Governance

Establish governance frameworks for cloud security and provide regular reports to senior management on security metrics, incidents, and improvements.
Ensure compliance with all applicable SC governance frameworks
Adhere to and optimise cloud governance frameworks and processes
Stay aware of changing regulatory landscape so that we can proactively manage the emerging requirements for workloads
Ensure compliance with the highest standards of regulatory and business conduct and compliance practices as defined by internal and external requirements. This includes compliance with local banking laws and anti-money laundering regulations and guidelines

Regulatory Business Conduct

Display exemplary conduct and live by the Group’s Values and Code of Conduct.
Responsibility for building a culture of good Conduct within the team.
Take personal responsibility for embedding the highest standards of ethics, including regulatory and business conduct, across Standard Chartered Bank. This includes understanding and ensuring compliance with, in letter and spirit, all applicable laws, regulations, guidelines and the Group Code of Conduct.
Lead the Cloud migration team to achieve the outcomes set out in the Bank’s Conduct principles: Fair Outcomes for Clients; Financial Crime Compliance; The Right Environment
Effectively and collaboratively identify, escalate, mitigate and resolve risk, conduct and compliance matter.
Responsibility for risk, control and Conduct in the function and providing oversight over the risk, control and Conduct in the function.
Responsibility for adherence to the Mandatory Conduct Requirements and demonstrating positive risk, control and Conduct behaviours as part of their role. Examples include:

Timely escalation and proactive management and mitigation of risks and issues.
Sharing lessons learnt with colleagues to prevent future errors.
Raising concerns and dealing with mistakes in a timely manner and encouraging others to speak up.
Cooperating fully with requests from regulators and Group Internal Audit.
Promoting an inclusive culture, encouraging colleagues to act ethically, learn from mistakes, and set the right example to their teams.
Responsibility to conduct and complete the Mandatory Conduct Affirmation (MCA) annually, as part of the year- end review to affirm the following:
Risk & control and Conduct behaviours have been considered and assessed as part of continuous performance management.
Colleagues approach to risk, control and Conduct was considered when making Total Variable Compensation (TVC) proposals during year-end review.
Responsibility for recognizing and providing positive feedback through feedback 365 channels and Going the Extra Mile (GEM) award

Key stakeholders

Global Head, Cloud Platform
Global Head, Networks & Security Architecture
CISO, CIB, Core Technology & Functions
CISO, T&A & CDO
CISO, WRB & Markets
Global Head, ICS Protect
Global Head, Cyber Security Operations
Global Head, Cyber Advisory, Assessment & Testing
Head – ICS Technical Control Testing
Managing Director, OTCR, Tech & Architecture
Managing Director, OTCR, CISO & COO
Head of Architecture, Cloud Platform
Head, Cloud Platform Engineering
Head, Cloud Platform Services
Distinguished Engineers

Our Ideal Candidate

EDUCATION BACHELOR OF ENGINEERING
TRAINING CLOUD, SECURITY, AI/ML
MEMBERSHIP SINGAPORE COMPUTER SOCIETY OR EQUIVALENT
CERTIFICATIONS TOGAF, AWS, AZURE, CCSK, CCSP, CISSP
LANGUAGES JAVA, C#, PYTHON, GOLANG, INFRASTRUCTURE AS CODE

Role Specific Technical Competencies

Software Engineering
Generate business value through technology
Strategic thinking
Thought Leadership
Cloud Architecture
Cloud Technologies
Cloud Security
Resiliency and Security
Cloud Regulations
Security Compliance & Governance
Dev Ops
Security Architecture & Design
Threat Detection & Response
Leadership
Mentoring and Coaching
Advocacy

About Standard Chartered

We're an international bank, nimble enough to act, big enough for impact. For more than 170 years, we've worked to make a positive difference for our clients, communities, and each other. We question the status quo, love a challenge and enjoy finding new opportunities to grow and do better than before. If you're looking for a career with purpose and you want to work for a bank making a difference, we want to hear from you. You can count on us to celebrate your unique talents and we can't wait to see the talents you can bring us.

Our purpose, to drive commerce and prosperity through our unique diversity, together with our brand promise, to be here for good are achieved by how we each live our valued behaviours. When you work with us, you'll see how we value difference and advocate inclusion.

Together we:

Do the right thing and are assertive, challenge one another, and live with integrity, while putting the client at the heart of what we do
Never settle, continuously striving to improve and innovate, keeping things simple and learning from doing well, and not so well
Are better together, we can be ourselves, be inclusive, see more good in others, and work collectively to build for the long term

What we offer

In line with our Fair Pay Charter, we offer a competitive salary and benefits to support your mental, physical, financial and social wellbeing.

Core bank funding for retirement savings, medical and life insurance, with flexible and voluntary benefits available in some locations.
Time-off including annual leave, parental/maternity (20 weeks), sabbatical (12 months maximum) and volunteering leave (3 days), along with minimum global standards for annual and public holiday, which is combined to 30 days minimum.
Flexible working options based around home and office locations, with flexible working patterns.
Proactive wellbeing support through Unmind, a market-leading digital wellbeing platform, development courses for resilience and other human skills, global Employee Assistance Programme, sick leave, mental health first-aiders and all sorts of self-help toolkits
A continuous learning culture to support your growth, with opportunities to reskill and upskill and access to physical, virtual and digital learning.
Being part of an inclusive and values driven organisation, one that embraces and celebrates our unique diversity, across our teams, business functions and geographies - everyone feels respected and can realise their full potential.

Recruitment Assessments

Some of our roles use assessments to help us understand how suitable you are for the role you've applied to. If you are invited to take an assessment, this is great news. It means your application has progressed to an important stage of our recruitment process.

Visit our careers website www.sc.com/careers

New Job Alerts

CATERING SOLUTIONS PTE. LTD.

FOOD HYGIENE MANAGER

FULL TIME

November 20, 2024

View Job Description

Atomic Group

Global Procurement Manager (MRO)

FULL TIME

November 20, 2024

View Job Description

TutorNow Pte Ltd

Economics Lecturer Needed as Private Home Tutor for

Bishan New Town

FULL TIME & PART TIME & CONTRACT

November 20, 2024

View Job Description

AQUA EXPEDITIONS PTE. LTD.

Content Marketing Executive

Bukit Merah Estate

FULL TIME

November 20, 2024

View Job Description

Pall Corporation

Building Maintenance Specialist

FULL TIME

November 20, 2024

View Job Description

GreenLane

FI Relationship Manager | Banks/NBFI

FULL TIME

November 20, 2024

View Job Description

Lightway HR Consultancy Pte Ltd

Sales Engineer | Tender | Lift & Escalator

FULL TIME

November 20, 2024

View Job Description

Head, IT Procurement (Office of Integrated Information Technology Services )

Singapore

FULL TIME

Regional Trade Product Manager

Economics Lecturer Needed as Private Home Tutor for

Bishan New Town

FULL TIME & PART TIME & CONTRACT

November 20, 2024

View Job Description

AQUA EXPEDITIONS PTE. LTD.

Content Marketing Executive

Bukit Merah Estate

FULL TIME

November 20, 2024

View Job Description

Pall Corporation

Building Maintenance Specialist

FULL TIME

November 20, 2024

View Job Description

GreenLane

FI Relationship Manager | Banks/NBFI

FULL TIME

November 20, 2024

View Job Description

Lightway HR Consultancy Pte Ltd

Sales Engineer | Tender | Lift & Escalator

FULL TIME

November 20, 2024

View Job Description

NCS

Cloud Engineer (Azure)

Singapore

November 20, 2024

View Job Description