Associate Director, OTCR, ICS

Requisition Number: 41265

Job Location: Kuala Lumpur, MYS

Work Type: Office Working

Employment Type: Permanent

Posting Start Date: 12/11/2025

Posting End Date: 26/11/2025

:

Job Summary

The Operational, Technology and Cyber Risk (OTCR) organisation is instrumental in protecting and ensuring the resilience of Standard Chartered Bank's operations, data, and IT systems by managing operational, technology and cyber risk across the enterprise. As a critical function reporting into the Group Chief Risk Officer (CRO), the Group OTCR team serves as the second line of defence for assuring that controls are implemented effectively, in accordance with the OTCR Framework, and for instilling a risk culture within the Bank.

The Associate Director, OTCR, ICS & Tech Risk Assurance is a permanent role that requires good business acumen and a detailed knowledge of risk assessment, audit execution and control testing. The successful candidate will have key skills in critical thinking, problem solving, industry specific technical and regulatory knowledge, and stakeholder management, and be able to respond in a flexible and collaborative manner to evolving business, regulatory and threat demands. The role reports directly to the Director, OTCR, ICS & Tech Risk Assurance. The Associate Director will work closely with key stakeholders to address Operational, Technology, Cyber risks as an identified "top risk" for the Bank and align these to the Bank's overall ICS Risk Type Framework and Enterprise Risk Management Framework (ERMF)

This is a senior level role, and the individual will be required to engage with senior stakeholders across the business, technology, governance, CISO and other risk functions to act as an independent trusted advisor, providing key insights from testing to enable effective risk decisions making

The successful candidate will be able to support the Head of Assurance, a high performing team to identify and focus reviews on the areas of highest Technology and Cyber Risk risks, providing insights which enable uplift of the OTCR risk posture. It is critical therefore, to have senior stakeholder engagement, liaison, and negotiation experience, along with strong communication skills, and an ability to create a compelling, yet simplistic vision, for others to follow.

Key Responsibilities

Business

• Support the Head of Assurance to define, develop and operationalise the OTCR ICS & Tech Risk Assurance team to align with the risk management strategy and wider enterprise risk management strategy for the Bank Enterprise Risk Management Framework ("ERMF").
• Support the Head of Assurance to define and develop structured Assurance capabilities and to lead/ execute risk-based independent reviews of control efficacy by assessing the design and operating effectiveness of key controls.
• Provide the management and validation of findings identified in Assurance ICS & Tech risk reviews.
• Work with the wider OTCR Assurance & Testing team to support and deliver a risk-based plan to focus testing on areas of highest risk.
• Communicate complex risks, issues and testing insights precisely and effectively to management and regulators as required.
• Drive and support internal growth initiatives to upskill staff competencies, optimise resources/capacity, enhance digital agility and identification of risk hotspots for assurance work.
• Drive, collaborate and support cross-functional initiatives to drive greater efficiency and effectiveness.
• Building and promote good external partnerships with stakeholders to collaborate effectively.

People & Talent

• Ensure that holders of all critical functions are suitably skilled and qualified for their roles ensuring that they have effective supervision in place to mitigate any risks.
• Lead through example and build the appropriate culture and values.
• Set appropriate tone and expectations from team, working in collaboration with stakeholders, whilst upholding and reinforcing the independence of the second line.
• Establishing constructive relationships with Key Stakeholders (as defined below)

Regulatory & Business Conduct

• Display exemplary conduct and live by the Group's Values and Code of Conduct.
• Take personal responsibility for embedding the highest standards of ethics, including regulatory and business conduct, across Standard Chartered Bank. This includes understanding and ensuring compliance with, in letter and spirit, all applicable laws, regulations, guidelines and the Group Code of Conduct.
• Effectively and collaboratively identify, escalate, mitigate and resolve risk, conduct and compliance matters.
• Effectively and collaboratively identifying, escalating, mitigating and resolving risk, conduct and compliance matters.
• Demonstrating leadership ability to ensure that the team achieves the outcomes set out in the Bank's Conduct Risk framework.
• Providing ongoing reporting of risk exposure into governance meetings and to key stakeholders and escalating any blockages to progress to ensure Group MT, Risk & CFCC, and OTCR Scorecard objectives are met.

Key stakeholders

• OTCR LT
• OTCR SPOC
• ERM – Frameworks & Policy
• ERM - Risk Appetite
• Head of Technology & Cyber Audit
• Group, Business and Functions CIOs
• Group Head of ICS, Technology & Architecture
• Group, Business and Functions CISOs

Other Responsibilities

Embed Here for good and Group's brand and values in OTCR Assurance and Testing function; Perform other responsibilities assigned under Group, Country, Business or Functional policies and procedures.

Qualifications

• EDUCATION: Degree level education or equivalent
• CERTIFICATIONS: Industry related qualification in Operational Risk Management or Information & Cyber Security, such as CISSP, CISM(P), and/or CRISC.

Industry related qualification in Assurance/Audit such as CISA, IIA, CIA and/or CRMA

Skills and Experience

• Personal authority based on established trusted relationships and ability to provide advice and functional direction which is expected at senior levels of the Group and respected by peers
• Good knowledge of the businesses, markets and operations of Standard Chartered Bank and the policies, procedures, and processes through which Operations, Technology and Cyber Risks are addressed throughout the Group
• Proven ability to support highly complex, global activities through influence and credibility rather than command and control
• Ability to understand strategic priorities and focus on detailed aspects of a function in order to drive effective delivery
• Excellent analytical skills: ability to think clearly and rigorously about how best to assess existing and emerging risks and readiness, being able to reach a pragmatic approach and direction.
• Experience of identifying risks (both existing and emerging), developing mitigation actions, and reaching agreement with stakeholders on the management of risks and issues.
• Situational context aware with ability to facilitate outcomes where priorities and personalities are in conflict
• Sound judgement and anticipation and strong integrity, independence and resilience
• Communication Skills:

o Excellent English oral and written skills

o Ability to communicate and explain complicated risk issues to internal and external stakeholders in a simple and business-friendly way

o Able to challenge constructively in a non-confrontational manner

• A self-starter, able to take initiation, to navigate within the approved parameters to work out a sensible and practical recommendation or decision
• Ability to participate within a multi-disciplinary team and be a strong team player
• Ability to identify opportunities for continuous improvements
• Strong emotional and cultural intelligence, being able to embrace and drive diversity of thought through inclusion and the valuing of cultural diversity

Role Specific Technical Competencies

• Analytical Thinking
• Information and Cybersecurity Risk Management
• Information Assurance
• Information Security Audits
• Information Security Technologies
• Manage People
• Manage Vendors
• Operational and Technology Risk Management
• Software Security Assurance
• Written Communications

About Standard Chartered

We're an international bank, nimble enough to act, big enough for impact. For more than 170 years, we've worked to make a positive difference for our clients, communities, and each other. We question the status quo, love a challenge and enjoy finding new opportunities to grow and do better than before. If you're looking for a career with purpose and you want to work for a bank making a difference, we want to hear from you. You can count on us to celebrate your unique talents and we can't wait to see the talents you can bring us.

Our purpose, to drive commerce and prosperity through our unique diversity, together with our brand promise, to be here for good are achieved by how we each live our valued behaviours. When you work with us, you'll see how we value difference and advocate inclusion.

Together we:

• Do the right thing and are assertive, challenge one another, and live with integrity, while putting the client at the heart of what we do
• Never settle, continuously striving to improve and innovate, keeping things simple and learning from doing well, and not so well
• Are better together, we can be ourselves, be inclusive, see more good in others, and work collectively to build for the long term

What we offer

In line with our Fair Pay Charter, we offer a competitive salary and benefits to support your mental, physical, financial and social wellbeing.

• Core bank funding for retirement savings, medical and life insurance, with flexible and voluntary benefits available in some locations.
• Time-off including annual leave, parental/maternity (20 weeks), sabbatical (12 months maximum) and volunteering leave (3 days), along with minimum global standards for annual and public holiday, which is combined to 30 days minimum.
• Flexible working options based around home and office locations, with flexible working patterns.
• Proactive wellbeing support through Unmind, a market-leading digital wellbeing platform, development courses for resilience and other human skills, global Employee Assistance Programme, sick leave, mental health first-aiders and all sorts of self-help toolkits
• A continuous learning culture to support your growth, with opportunities to reskill and upskill and access to physical, virtual and digital learning.
• Being part of an inclusive and values driven organisation, one that embraces and celebrates our unique diversity, across our teams, business functions and geographies - everyone feels respected and can realise their full potential.