全职 Information Security Manager 工作, 薪水, Standard Chartered Federal Territory 公司招聘中 - Ricebowl

Job Summary

Standard Chartered are looking for an Information Security Manager to work alongside the Product Owner in shaping and implementing the strategic roadmap for Endpoint, Email, and Server Protection (EESP).

In this role, you will provide key insights on emerging security trends, lead continuous improvement, and recommend platform enhancements aligned with our ICS strategy and risk tolerance. You will develop strategic proposals to optimize performance, automate processes, and future-proof our security architecture, while supporting broader cybersecurity programmes such as Zero Trust and EDR enhancement.

Key Responsibilities

Key Responsibilities:

• Assist in shaping and executing the strategic roadmap for EESP.
• Provide insights on emerging security trends to guide long-term technology strategy.
• Take charge of continuous improvement efforts to enhance operational resilience and detection/prevention capabilities.
• Evaluate platform functionalities and recommend enhancements.
• Develop proposals to scale agent deployment, optimize performance, and expand coverage.
• Identify opportunities to automate processes and streamline operations.
• Conduct horizon scanning for new vendor releases and industry best practices.
• Advise on future-proofing security architecture, including container and cloud protection.
• Support alignment with broader cybersecurity programs.
• Contribute to strategic planning for budgets, license management, and capacity forecasting.

Business and Operational Responsibilities:

• Ensure optimal operation of security tools with minimal disruption.
• Collaborate with various teams to ensure agent compatibility and smooth deployment.
• Provide SME support for production incidents impacting business availability.
• Support new projects requiring product integration or monitoring.
• Deliver impact assessments and recommendations for tool changes and upgrades.
• Facilitate communication between technical teams and business stakeholders.
• Perform root cause analyses to minimize recurring incidents.

Process and Governance:

• Maintain and enhance operational documentation and troubleshooting playbooks.
• Conduct root cause analysis for platform issues and ensure corrective actions.
• Improve deployment processes and optimize health monitoring.
• Strengthen automation workflows and maintain structured change management processes.
• Implement continuous service improvement processes.
• Ensure adherence to regulatory requirements and internal policies.

People and Talent Development:

• Serve as a technical mentor to L2/L3 teams and deliver training sessions.
• Support onboarding of new team members and provide guidance to junior engineers.
• Promote a culture of continuous learning and professional growth.
• Collaborate across global, regional, and country teams.
• Assist in shaping talent development plans and identifying skills gaps.

Risk Management:

• Ensure ICS controls and platform services meet risk tolerance and audit expectations.
• Track and remediate product health issues and security configuration deviations.
• Support risk assessments for changes, upgrades, and new features.
• Identify potential vulnerabilities and ensure timely closure of risk items.
• Strengthen detection, response, and remediation capabilities for endpoint incidents.

Skills and Experience

• Understanding/ experience in ICS tools (SIEM, Logging & Monitoring, AntiMalware, XDR & EDR, DLP, IAM, PIM/PAM) & governance of the tools & controls.
• Experience with engagement in Major Incident Management, Incident Management, Problem Management, Root Cause Analysis and business stakeholders
• Experience with SentinelOne, Tanium, and Imperva SecureSphere solutions, Microsoft ADO, ServiceNow.
• Proficiency in Ansible, Shell, Powershell, and Terraform scripting.
• Knowledge of cloud and container security, and Windows/Linux OS administration.
• Ansible, Shell, Powershell & Terraform Scripting
• DevSecOps & eSDLC Understanding
• Cloud & Containers & Networking Understanding
• Auditor & Regulatory Engagements
• Process & Procedure development & implementation

Qualifications

• 10+ years of total experience as a cyber security professional
• Bachelor's Degree or equivalent
• CISSP, CISM, CRISC or any other relevant certifications

About Standard Chartered

We're an international bank, nimble enough to act, big enough for impact. For more than 170 years, we've worked to make a positive difference for our clients, communities, and each other. We question the status quo, love a challenge and enjoy finding new opportunities to grow and do better than before. If you're looking for a career with purpose and you want to work for a bank making a difference, we want to hear from you. You can count on us to celebrate your unique talents and we can't wait to see the talents you can bring us.

Our purpose, to drive commerce and prosperity through our unique diversity, together with our brand promise, to be here for good are achieved by how we each live our valued behaviours. When you work with us, you'll see how we value difference and advocate inclusion.

Together we:

• Do the right thing and are assertive, challenge one another, and live with integrity, while putting the client at the heart of what we do
• Never settle, continuously striving to improve and innovate, keeping things simple and learning from doing well, and not so well
• Are better together, we can be ourselves, be inclusive, see more good in others, and work collectively to build for the long term

What we offer

In line with our Fair Pay Charter, we offer a competitive salary and benefits to support your mental, physical, financial and social wellbeing.

• Core bank funding for retirement savings, medical and life insurance, with flexible and voluntary benefits available in some locations.
• Time-off including annual leave, parental/maternity (20 weeks), sabbatical (12 months maximum) and volunteering leave (3 days), along with minimum global standards for annual and public holiday, which is combined to 30 days minimum.
• Flexible working options based around home and office locations, with flexible working patterns.
• Proactive wellbeing support through Unmind, a market-leading digital wellbeing platform, development courses for resilience and other human skills, global Employee Assistance Programme, sick leave, mental health first-aiders and all sorts of self-help toolkits
• A continuous learning culture to support your growth, with opportunities to reskill and upskill and access to physical, virtual and digital learning.
• Being part of an inclusive and values driven organisation, one that embraces and celebrates our unique diversity, across our teams, business functions and geographies - everyone feels respected and can realise their full potential.