Associate Director, OTCR, WRB

Standard Chartered Lihat semua pekerjaan

  • Kuala Lumpur
  • Tetap
  • Sepenuh masa
  • 5 jam lepas
Creating a better online experience with cookies. We care about your experience online, that’s why we use cookies to make sure our website runs smoothly while personalising your visit for your ease of use and convenience. To choose what cookies you want to accept, select “Manage cookies”. To accept all cookies for the best possible experience, select “Accept all”. If you’d like to learn more about how we use cookies and to manage your selection, visit our Manage CookiesReject All Accept AllSearch JobsJob DetailsAssociate Director, OTCR, WRBJob DescriptionRequisition Number: 50398Job Location: Kuala Lumpur, MYS,Global Grade: Band 6Work Type: Office WorkingEmployment Type: PermanentPosting Start Date: 09/03/2026Posting End Date: 30/04/2026Job Description:Job SummaryThis role could be based in Malaysia and India. When you start the application process you will be presented with a drop down menu showing all countries, Please ensure that you select a country where the role is based.This is a senior-level position within the second line of defence of a risk management organization. The role reports directly to the Head of OTCR, WRB and requires a blend of solid business acumen and deep technical risk knowledge.Core Responsibilities
  • Single Point of Contact (SPOC): Acts as the primary advisor for the second line regarding all OTCR (Operational and Technology Risk) matters for their assigned portfolio.
  • Strategic Advisory: Provides judgment-based input to ensure risk management practices are integrated across all WRB operations.
  • Stakeholder Collaboration: Partners with senior stakeholders, Subject Matter Experts (SMEs), and other risk teams to guide the "first line" leads in making informed, risk-based decisions.
  • Problem Solving: Addresses complex issues and adapts to evolving regulatory, business, and threat landscapes.
Key Requirements & Skills
  • Experience: Proven track record in second-line risk management and familiarity with WRB-specific tools and practices.
  • Leadership: Ability to set a vision, provide clear direction, and take on "tough challenges" with courage and flexibility.
  • Soft Skills: High proficiency in stakeholder management, communication, and a collaborative mindset.
  • Focus: A commitment to delivering customer-centric solutions while maintaining rigorous risk standards.
Key ResponsibilitiesStrategy
  • Execute the OTCR strategy for WRB, aligned to the OTCR Cyber Strategy and service priorities.
  • Translate enterprise cyber risk objectives into actionable WRB-specific risk outcomes, metrics, and roadmaps.
  • Influence decisions by providing clear risk-based insights on priority applications, platforms, and services.
  • Act as a strategic advisor to senior stakeholders on emerging cyber risks (e.g., ransomware, data theft, cloud, GenAI, third-party concentration risk).
Business
  • Partner with WRB business heads, technology leaders, and CISOs to enable secure growth, digital initiatives, and new product launches.
  • Provide risk-informed challenge on material initiatives (e.g., cloud migration, platform modernisation, vendor onboarding, GenAI implementations).
  • Balance loss of data, loss of funds, and loss of service considerations to support informed business decision-making.
  • Represent WRB cyber risk position in executive forums, steering committees, and investment discussions.
Processes
  • Own and oversee Threat Scenario Risk Assessments (TSRA), domain risk profiling, and thematic cyber reviews for WRB.
  • Establish consistent 2nd-line processes for risk identification, assessment, acceptance, treatment tracking, and reporting.
  • Ensure cyber control implementation is prioritized on scoped / high-risk applications and progress is independently tracked.
  • Drive continuous improvement and automation of OTCR processes to improve efficiency, coverage, and data quality.
People & Talent
  • Act as a role model for independent challenge, constructive engagement, and risk culture maturity.
  • Contribute to succession planning, capability uplift, and talent development across the cyber risk function.
Risk Management
  • Maintain the WRB cyber domain risk profile, ensuring risks are accurately assessed, challenged, agreed, and kept current.
  • Provide independent oversight of vulnerability exposure, ransomware readiness, third-party cyber risk, and control effectiveness.
  • Ensure alignment with the Bank's risk appetite, ICS expectations, and regulatory obligations.
  • Escalate material or systemic risks with clear impact analysis and recommended management actions.
Governance
  • Drive governance excellence by leveraging existing management reports and identifying opportunities to optimize reporting structures for improved operational outcomes.
  • Support internal and external audits, regulatory reviews, and supervisory engagements related to cyber risk.
  • Ensure strong linkage between 1st Line execution and 2nd Line oversight, including evidence-based challenge.
  • Contribute to Group-wide cyber governance forums and policy direction where WRB impact is material.
Regulatory & Business Conduct
  • Display exemplary conduct and live by the Group's Values and Code of Conduct.
  • Take personal responsibility for embedding the highest standards of ethics, including regulatory and business conduct, across Standard Chartered Bank. This includes understanding and ensuring compliance with, in letter and spirit, all applicable laws, regulations, guidelines and the Group Code of Conduct.
  • Effectively and collaboratively identify, escalate, mitigate and resolve risk, conduct and compliance matters.
Key stakeholders
Internal
  • All teams of the following areas that support the assigned portfolio:
  • CEO WRB
  • CRO WRB
  • COO WRB
  • CIO WRB
  • CISO WRB
  • Functional Heads of WRB
  • WRB leadership team
  • Head Second Line Assurance WRB
  • Head of Audit WRB Functional Heads example includes all relevant first line support functions for WRB e.g., WRB COO, WRB CIO, WRB CISO, WRB Human Resources, WRB Finance, etc.
External
  • The Group's external auditors
Qualifications
  • Education - Degree level education or equivalent, in engineering or information technology
  • Certifications - Iso 27000 series, cloud certifications, fundamental ai/ml knowledge
  • Languages - Excel macros, PowerBuilder
Skills and Experience
  • Cyber & Technology Risk Management (Banking)
  • Threat Scenario Risk Assessment (TSRA) & Domain Risk Profiling
  • Third-Party & Supply Chain Cyber Risk
  • Cyber Governance, Risk Reporting & Executive Oversight
  • Cloud & Digital Platform Risk Oversight
  • Data Protection & Information Security Risk
  • Network Security and Segmentation risk oversight
  • Gen AI risk governance and control oversight
About Standard CharteredWe're an international bank, nimble enough to act, big enough for impact. For more than 170 years, we've worked to make a positive difference for our clients, communities, and each other. We question the status quo, love a challenge and enjoy finding new opportunities to grow and do better than before. If you're looking for a career with purpose and you want to work for a bank making a difference, we want to hear from you. You can count on us to celebrate your unique talents and we can't wait to see the talents you can bring us.Our purpose, to drive commerce and prosperity through our unique diversity, together with our brand promise, to be here for good are achieved by how we each live our valued behaviours. When you work with us, you'll see how we value difference and advocate inclusion.Together we:
  • Do the right thing and are assertive, challenge one another, and live with integrity, while putting the client at the heart of what we do
  • Never settle, continuously striving to improve and innovate, keeping things simple and learning from doing well, and not so well
  • Are better together, we can be ourselves, be inclusive, see more good in others, and work collectively to build for the long term
What we offerIn line with our Fair Pay Charter, we offer a competitive salary and benefits to support your mental, physical, financial and social wellbeing.
  • Core bank funding for retirement savings, medical and life insurance, with flexible and voluntary benefits available in some locations.
  • Time-off including annual leave, parental/maternity (20 weeks), sabbatical (12 months maximum) and volunteering leave (3 days), along with minimum global standards for annual and public holiday, which is combined to 30 days minimum.
  • Flexible working options based around home and office locations, with flexible working patterns.
  • Proactive wellbeing support through Unmind, a market-leading digital wellbeing platform, development courses for resilience and other human skills, global Employee Assistance Programme, sick leave, mental health first-aiders and all sorts of self-help toolkits
  • A continuous learning culture to support your growth, with opportunities to reskill and upskill and access to physical, virtual and digital learning.
  • Being part of an inclusive and values driven organisation, one that embraces and celebrates our unique diversity, across our teams, business functions and geographies - everyone feels respected and can realise their full potential.
Information at a Glance© Standard Chartered 2025. All rights reserved.×Cookie preferencesTell us which cookie categories you consent to by using the sliders below. You can change your preferences any time by clicking on Manage cookies on our homepage.Stricly necessary cookies (always active)Your security and privacy are our top priority, that’s why these cookies are always on to ensure the safest and smoothest online experience.Show More DetailsStricly necessary cookies (always active) Provider Description Enabled
SAP as service providerWe use the following session cookies, which are all required to enable the website to function:
  • "route" is used for session stickiness
  • "careerSiteCompanyId" is used to send the request to the correct data centre
  • "JSESSIONID" is placed on the visitor's device during the session so the server can identify the visitor
  • "Load balancer cookie" (actual cookie name may vary) prevents a visitor from bouncing from one instance to another
Functional CookiesFor your ease of use and convenience, these cookies remember the choices you made (e.g. language and region) and personalise our website to make it most relevant for you.Show More DetailsFunctional Cookies Provider Description Enabled
YouTubeYouTube is a video-sharing service where users can create their own profile, upload videos, watch, like and comment on videos. Opting out of YouTube cookies will disable your ability to watch or interact with YouTube videos.Advertising CookiesTo make sure we only send what’s most relevant to your needs, these cookies help us and our partners understand what matters most to you. The data collected can be shared with third parties, such as advertisers or platforms, to create an ecosystem that is always relevant to you.Show More DetailsAdvertising Cookies Provider Description Enabled
LinkedInLinkedIn is an employment-oriented social networking service. We use the Apply with LinkedIn feature to allow you to apply for jobs using your LinkedIn profile. Opting out of LinkedIn cookies will disable your ability to use Apply with LinkedIn.Google AnalyticsGoogle Analytics is a web analytics service offered by Google that tracks and reports website traffic.Google Tag ManagerGoogle Tag Manager is a tag management system for conversion tracking, site analytics, remarketing and more.

Standard Chartered