Associate Director, Cs Risk

Job ID: 28151

Location: Bukit Jalil KL, MY

Area of interest: Technology

Job type: Regular Employee

Work style: Office Working

Opening date: 22 May 2025

**Job Summary**-
- Associate Director, Risk and Control role is created under ICS protect Service Risk and Control team to look after continuous improvement of the Cyber Assessment and Testing (CAT) control environment via proactive risk assessments and structured risk & control management. This role will report Director for CAT Risk & Control.**Key Responsibilities**
- Oversee all risk and control activities related to aligned processes within the CAT function.
- Deliver risk focused, timely and re-performable deep dive reviews following TTO Control methodology.
- Design and maintain internal processes that allow CAT to dynamically monitor risk and controls.
- Maintain all ORTF based CAT controls and corresponding CSTs, KCIs and KRIs.
- Provide timely and accurate risk & control MI to the respective risk forums.
- Drive compliance with the Bank’s risk framework and policies (e.g. ERMF, ORTF and ICS RTF).
- Support the design, build, and implementation of effective processes and controls to effectively mitigate ICS risks.
- Support the CAT Function to be ‘First to Know’ its risks & issues, and to deliver on its commitments.
- Support stakeholders in defining remediation actions to address identified control weaknesses and issues.
- Act as the key confidant to the CAT ‘Process Owner(s)’ responsible for developing, prioritizing and implementing controls
- Maintain accurate and timely data within M7 and any other agreed repositories for risk & control data and issues.
- Track issue remediation, check and challenge delivery status and escalate delays.
- Validate that remediation activities completed by CAT address the risk in the issues (e.g. Audit issues and deep dive findings).

**Skills and Experience**

**Risk Management**
- Perform risk assessment and liaise with respective stakeholder to write elevated residual risk papers with treatment plan.
- Support liaison with Group Internal Audit and any third party or regulatory inspections.
- Adopt an anticipatory approach to risk assessment through stakeholder engagement and monitoring of the external environment.
- Work with other control assurance teams to drive efficiency, effectiveness and reduce duplication.
- Support CAT Process owners in the execution of their accountabilities related to:

- Identification and management of the end to end processes as defined by the Process Universe and associated risks for the activities carried out.
- Implementing the RCSA to monitor the effectiveness of the controls and standards governing the end to end process.
- Being accountable to the Group Process Universe Owner, framework and policy owners and implementing the control requirements applicable to the process.
- Escalating significant risks and issues to the Process Universe Owners, relevant Risk Framework Owners or Policy Owners.
- Perform review of the control self-assessment outcomes, monthly control testing results and adequacy of the related remediation actions.
- Support activities related to control design, assessment, testing processes and drive continuous improvement in ICS RTF.
- Execute deep dive reviews and consistent, efficient and meaningful CSTs / KCI tests for CAT processes.
- Provide robust challenge and escalation to senior management to ensure activities achieve risk reduction.
- Manage and drive continuous improvement of the CAT control environment through proactive risk management (e.g. technical deep dive and issue validation).
- Provide good technical input and challenge on assignment to steer team member in producing high quality output which address the risk

**Governance**
- Provide timely and accurate reporting to appropriate committees.
- Ensure appropriate oversight and facilitate resolution of high impact risk and issues.
- Tracking and reporting of risk assessments (e.g. audits, risk assessments etc) and their outputs to ensure oversight and escalation mechanisms are in place to provide MI on obligations.
- Support continuous improvement of the CAT internal risk profile reporting, issue management processes and supporting tools

**Regulatory & Business Conduct**
- Display exemplary conduct and live by the Group’s Values and Code of Conduct.
- Take personal responsibility for embedding the highest standards of ethics, including regulatory and business conduct, across Standard Chartered Bank. This includes understanding and ensuring compliance with, in letter and spirit, all applicable laws, regulations, guidelines and the Group Code of Conduct.
- Effectively and collaboratively identify, escalate, mitigate and resolve risk, conduct and compliance matters

**Qualifications**
- Bachelor / Honours Degree in Information Technology, Computer Science, Cyber Security or other technology related qualifications or 10+ years of experience in either cyber/IT security, technology audit or ass