Talent.com
Tawaran kerja ini tidak tersedia di negara anda.
Senior Risk Manager, Third Party Security Risk (Malaysia, India)

Senior Risk Manager, Third Party Security Risk (Malaysia, India)

Standard CharteredPutrajaya, Putrajaya, Malaysia
3 jam yang lalu
Penerangan pekerjaan

Overview

Cybersecurity Risk Manager ( Malaysia, India)

This role could be based in Malaysia and India. When you start the application process you will be presented with a drop down menu showing all countries, please ensure that you select a country where the role is based.

We are looking for a passionate Third-Party Cybersecurity Risk Assessor to join our dynamic cybersecurity team! In this critical role, you will assess and manage the cybersecurity risks posed by third-party vendors, suppliers, and service providers, ensuring alignment with our organization\'s information and cyber security standards. You\'ll play a pivotal part in safeguarding sensitive data, protecting infrastructure, and enabling secure digital ecosystems in an ever-evolving threat landscape.

If you thrive in a fast-paced environment, are excited by emerging technologies and have a keen eye for risk and resilience, this opportunity is for you.

About our Technology & Operations Team

Our Technology & Operations (T&O) team is the powerhouse for the Bank. We aim to go further, faster, to ensure we\'re agile and ready for tomorrow, today. Our diverse network enables us to innovate and build banking solutions that support communities to prosper. We\'re a place where talented people are encouraged to grow, learn, and thrive, to drive their own career journeys, to reach their full potential.

When you work with us, you’re protecting the reputation and legacy of a 170-year organisation and building on it. We’re driven by progress and continuously evolving to ensure we’re agile and ready for tomorrow, today.

Strategy

The main responsibilities will be to support the Head of Third Party Security Risk in delivering the third party security risk program within the Bank.

Business

  • Perform cybersecurity risk assessments on third-party vendors, suppliers, and service providers.
  • Lead due diligence assessments, security reviews, and continuous vendor risk monitoring.
  • Evaluate vendor responses to security questionnaires, attestations, and evidence artifacts.
  • Assess vendors\' cybersecurity posture against standards like ISO 27001, NIST, GDPR, SOC 2, PCI-DSS, and best practices.
  • Analyse third-party cloud security controls, data protection measures, and threat management capabilities.
  • Document findings, provide risk ratings, remediation recommendations, and track actions to closure.
  • Partner with CISO, procurement, and business teams on vendor onboarding and contract renewals.
  • Continuously evolve and optimize third-party risk assessment methodologies and frameworks.
  • Leverage AI / ML tools and data analytics to enhance risk detection and predictive assessments.
  • Stay informed on the latest cybersecurity trends, threat intelligence, and regulatory developments.
  • Support audits, regulatory reviews, and compliance assessments related to third-party risk.
  • Communicate risk insights and reporting to executive leadership and stakeholders.

Processes

  • Diligently provide weekly and ad hoc reporting on status of reviews.
  • Support any training and awareness initiatives relating to third party security risk.
  • Support and assist in third party program improvement initiatives.
  • Assist in the development of new / amended processes, innovative ways of working and reviewing risk and control assessments.
  • Assist in the forward planning and prioritisation of vendor assessments or requests from business stakeholders, and resource allocations.

    • People & Talent

  • Manage a register of third party security risks and ensure that deficiencies are mitigated.
  • Support any training and awareness initiatives relating to third party security risk.

    • Risk Management

  • Maintain a register of third party security risks and ensure that deficiencies are mitigated.
  • Support the Head of TPSR to ensure compliance with relevant regulations covering third party security risk.
  • Monitor and report on third party security risk compliance to stakeholders.
  • Remain current on industry trends and regulatory requirements related to third party information security.

    • Governance

  • Diligently provide weekly and ad hoc reporting on status of reviews.

    • Regulatory & Business Conduct

  • Display exemplary conduct and live by the Group’s Values and Code of Conduct.
  • Take personal responsibility for embedding the highest standards of ethics, including regulatory and business conduct, across Standard Chartered Bank. This includes understanding and ensuring compliance with, in letter and spirit, all applicable laws, regulations, guidelines and the Group Code of Conduct.
  • Lead to achieve the outcomes set out in the Bank’s Conduct Principles
  • Effectively and collaboratively identify, escalate, mitigate and resolve risk, conduct and compliance matters.
  • Serve as a Director of the Board
  • Exercise authorities delegated by the Board of Directors and act in accordance with Articles of Association.

    • Key stakeholders

  • Supply Chain Management
  • Business Functions

    • Skills and Experience

  • Bachelor degree or above from an accredited college / university in an appropriate field.
  • Strong communication skills in English
  • Ideally 3 years of experience in information security / IT auditing, with Big 4 and / or Banking & Financial services experience
  • Experience in third party audits is a plus, but understanding of auditing standards, compliance, risk assessment and internal control frameworks is a requirement.
  • Familiarity with working in a MNC or cross-cultural setting.
  • Excellent written and interpersonal skills.
  • Strong time management skills.
  • Ability to draft reports that clearly communicate observations and risks would be required.
  • Strong stakeholder engagement skills, and ability to interact at all levels across an organisation.
  • Strong audit project organisation and management skills.
  • Ability to multitask and ensure that all key priorities are delivered as per agreed timelines.
  • Preferable certifications (e.g. CISSP, CCSP, CISA)
  • Knowledge of security frameworks (e.g. COBIT, ISF, COSO), standards (e.g. ISO, NIST, CIS), information security principles, security architecture and regulatory requirements will be a plus.
  • Competency with Microsoft Office Suite (Word, PowerPoint, Excel, Visio, SharePoint).

    • Role Specific Technical Competencies

  • Strong communication skills in English
  • Deep understanding of cybersecurity principles, data privacy, and regulatory frameworks.
  • Expertise in third-party risk management (TPRM), cyber risk quantification, and vendor assessments.
  • Understanding of AI, ML, Cloud Security (AWS, Azure, GCP), and Zero Trust Architecture.
  • Familiarity with security testing methods like Vulnerability Assessment, Penetration Testing (VAPT), and Red Teaming.
  • Ability to analyse technical evidence, security policies, and complex risk scenarios.
  • Excellent written and verbal communication with the ability to influence stakeholders at all levels.
  • Analytical mindset with problem-solving skills and attention to detail.
  • Ability to prioritize tasks and manage multiple assessments in a fast-paced, agile environment.
  • Additional information : May require occasional travel for onsite vendor assessments.
  • Experience working within highly regulated sectors (e.g., Banking, Finance, Healthcare) is highly desirable.
  • Knowledge of regulatory requirements such as GDPR, CCPA, DORA is a plus.
  • Preferable certifications (e.g. CISSP, CCSP, CISA, CISM, CTPRP, CRISC etc.,)
  • Knowledge of security frameworks (e.g. COBIT, ISF, COSO), standards (e.g. ISO, NIST, CIS), information security principles, security architecture and regulatory requirements will be a plus.
  • Competency with Microsoft Office Suite (Word, PowerPoint, Excel, Visio, SharePoint).
  • Information System / Technology
  • ICS Audit / Risk / Assurance

    • About Standard Chartered

    We\'re an international bank, nimble enough to act, big enough for impact. For more than 170 years, we\'ve worked to make a positive difference for our clients, communities, and each other. We question the status quo, love a challenge and enjoy finding new opportunities to grow and do better than before. If you\'re looking for a career with purpose and you want to work for a bank making a difference, we want to hear from you. You can count on us to celebrate your unique talents and we can\'t wait to see the talents you can bring us.

    Our purpose, to drive commerce and prosperity through our unique diversity, together with our brand promise, to be here for good are achieved by how we each live our valued behaviours. When you work with us, you\'ll see how we value difference and advocate inclusion.

    Together we :

  • Do the right thing and are assertive, challenge one another, and live with integrity, while putting the client at the heart of what we do
  • Never settle, continuously striving to improve and innovate, keeping things simple and learning from doing well, and not so well
  • Are better together, we can be ourselves, be inclusive, see more good in others, and work collectively to build for the long term

    • What we offer

    In line with our Fair Pay Charter, we offer a competitive salary and benefits to support your mental, physical, financial and social wellbeing.

  • Core bank funding for retirement savings, medical and life insurance, with flexible and voluntary benefits available in some locations.
  • Time-off including annual leave, parental / maternity (20 weeks), sabbatical (12 months maximum) and volunteering leave (3 days), along with minimum global standards for annual and public holiday, which is combined to 30 days minimum.
  • Flexible working options based around home and office locations, with flexible working patterns.
  • Proactive wellbeing support through Unmind, a market-leading digital wellbeing platform, development courses for resilience and other human skills, global Employee Assistance Programme, sick leave, mental health first-aiders and all sorts of self-help toolkits
  • A continuous learning culture to support your growth, with opportunities to reskill and upskill and access to physical, virtual and digital learning.
  • Being part of an inclusive and values driven organisation, one that embraces and celebrates our unique diversity, across our teams, business functions and geographies - everyone feels respected and can realise their full potential.

    • #J-18808-Ljbffr

    Buat amaran kerja untuk carian ini

    Manager Security • Putrajaya, Putrajaya, Malaysia

    Pekerjaan yang berkaitan
    • Dinaikkan pangkat
    SCM TPRM Lead, Malaysia

    SCM TPRM Lead, Malaysia

    Standard CharteredKuala Lumpur, Kuala Lumpur, Malaysia
    Role focuses on end-to-end Third-Party Risk Management (TPRM) within SCM Malaysia, aligning with Group standards and local outsourcing guidelines. Manage the full third-party lifecycle – from outsou...Tunjukkan lagiKemas kini terakhir: 4 hari yang lalu
    • Dinaikkan pangkat
    Regional Lead Fraud Risk Strategy Cards (Malaysia / India)

    Regional Lead Fraud Risk Strategy Cards (Malaysia / India)

    Standard CharteredKuala Lumpur, Kuala Lumpur, Malaysia
    This role could be based in India and Malaysia.When you start the application process you will be presented with a drop down menu showing all countries, Please ensure that you select a country wher...Tunjukkan lagiKemas kini terakhir: 19 hari yang lalu
    • Dinaikkan pangkat
    Senior IGA Consultant

    Senior IGA Consultant

    Kloudynet TechnologiesKlang City, Selangor, Malaysia
    Kloudynet is a leading cybersecurity company with a strong partnership with Microsoft.As a Microsoft Solutions Partner in Modern Work and Security, we hold advanced specializations across key areas...Tunjukkan lagiKemas kini terakhir: 2 hari yang lalu
    • Dinaikkan pangkat
    Sales Director - Aerospace & Defense

    Sales Director - Aerospace & Defense

    Celestica Inc.Klang City, Selangor, Malaysia
    Location : Remote Employee Europe, SHR, GB.Celestica is dedicated to delivering end-to-end product lifecycle solutions to drive our customers’ success. Our growing Aerospace and Defense organization ...Tunjukkan lagiKemas kini terakhir: 8 hari yang lalu
    • Dinaikkan pangkat
    Country Manager, Thailand

    Country Manager, Thailand

    VinarchyKlang City, Selangor, Malaysia
    Vinarchy Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia.Vinarchy is seeking a dynamic, commercially savvy Country Manager to lead growth and build the brand presence in Thailand.The port...Tunjukkan lagiKemas kini terakhir: 4 hari yang lalu
    • Dinaikkan pangkat
    Cybersecurity Risk Manager - Third Party Security

    Cybersecurity Risk Manager - Third Party Security

    Standard CharteredKuala Lumpur, Malaysia
    Title : Cybersecurity Risk Manager - Third Party Security.Technology Regular Employee Office - Full Time 18 Sept 2025 Job Summary. As a Cyber Security Analyst, you’ll be at the forefront of protectin...Tunjukkan lagiKemas kini terakhir: 5 hari yang lalu
    Senior Manager, Credit Risk

    Senior Manager, Credit Risk

    Funding Societies | Modalku GroupKuala Lumpur, Federal Territory of Kuala Lumpur, MY
    Quick Apply
    SME digital finance platform in Southeast Asia.We are licensed and operating in Singapore, Indonesia, Thailand, Malaysia and Vietnam, and backed by Sequoia India (Peak XV), Softbank Vision Fu...Tunjukkan lagiKemas kini terakhir: 30+ hari yang lalu
    • Dinaikkan pangkat
    • Baharu!
    Third Party Governance Lead, Asia

    Third Party Governance Lead, Asia

    QBE Insurance GroupPetaling Jaya, Malaysia
    Third Party Governance Lead, Asia page is loaded## Third Party Governance Lead, Asialocations : .Petaling Jaya, Malaysiatime type : . Posted Todaytime left to apply : .End Date : October 31, 2025 (30+ days...Tunjukkan lagiKemas kini terakhir: 3 jam yang lalu
    • Dinaikkan pangkat
    AVP, Enterprise and Project Risk Management

    AVP, Enterprise and Project Risk Management

    Takaful IKHLASPetaling Jaya, Selangor, Malaysia
    AVP, Enterprise and Project Risk Management.This role adds value to strategic and operational decisions by assessing and identifying risks that could impact the success of the TIGB.Focus is on eval...Tunjukkan lagiKemas kini terakhir: 26 hari yang lalu
    • Dinaikkan pangkat
    COUNTRY MANAGER / MANAGING DIRECTOR

    COUNTRY MANAGER / MANAGING DIRECTOR

    Savino Del BeneKlang City, Selangor, Malaysia
    Savino Del Bene is a global leader in international freight forwarding and logistics services, with a turnover exceeding €4. With over 450 offices and more than 6,300 employees across five continent...Tunjukkan lagiKemas kini terakhir: 30+ hari yang lalu
    • Dinaikkan pangkat
    Senior Manager - Cyber Security Risk Management

    Senior Manager - Cyber Security Risk Management

    Standard CharteredKuala Lumpur, Kuala Lumpur, Malaysia
    The Cyber Security Assessment (CSA) is an integral part of ICS Protect with an aligned goal to protect the Bank from information security threats by delivering effective information security servic...Tunjukkan lagiKemas kini terakhir: 30+ hari yang lalu
    • Dinaikkan pangkat
    • Baharu!
    FVP, Team Lead Operational Risk

    FVP, Team Lead Operational Risk

    UOBKuala Lumpur, Kuala Lumpur, Malaysia
    UOB Kuala Lumpur City, Federal Territory of Kuala Lumpur, Malaysia.UOB Kuala Lumpur City, Federal Territory of Kuala Lumpur, Malaysia. United Overseas Bank Limited (UOB) is a leading bank with a glo...Tunjukkan lagiKemas kini terakhir: 3 jam yang lalu
    • Dinaikkan pangkat
    • Baharu!
    Senior Manager, Digital Product & Ecosystem- Asia Pacific (Pooling Only)

    Senior Manager, Digital Product & Ecosystem- Asia Pacific (Pooling Only)

    Western UnionKlang Municipal Council, Klang Municipal Council, Malaysia
    Senior Manager, Digital Product & Ecosystem- Asia Pacific • •Would you like to play a key role in helping a global financial services company grow their business in Asia PacificAre you interested in ...Tunjukkan lagiKemas kini terakhir: 3 jam yang lalu
    • Dinaikkan pangkat
    • Baharu!
    Cybersecurity Risk Manager ( Malaysia, India)

    Cybersecurity Risk Manager ( Malaysia, India)

    Standard CharteredKuala Lumpur, Malaysia
    This role could be based in Malaysia and India.When you start the application process you will be presented with a drop down menu showing all countries, please ensure that you select a country wher...Tunjukkan lagiKemas kini terakhir: 3 jam yang lalu
    • Dinaikkan pangkat
    Manager, Risk Management and Compliance

    Manager, Risk Management and Compliance

    ReneucoKuala Lumpur, Kuala Lumpur, Malaysia
    Lead in the implementation of risk management activities (risk facilitation and other advisory services) to ensure the business units (division and subsidiaries) perform their risks management acti...Tunjukkan lagiKemas kini terakhir: 30+ hari yang lalu
    • Dinaikkan pangkat
    • Baharu!
    Senior Manager, License Management (Malaysia, India)

    Senior Manager, License Management (Malaysia, India)

    Standard CharteredKuala Lumpur, Malaysia
    Job Summary This role could be based in India and Malaysia.When you start the application process you will be presented with a drop down menu showing all countries, please ensure that you select a ...Tunjukkan lagiKemas kini terakhir: 3 jam yang lalu
    • Dinaikkan pangkat
    E&C Risk Governance Lead

    E&C Risk Governance Lead

    Oman ShellCyberjaya, Selangor, Malaysia
    E&C Risk Governance Lead page is loaded## E&C Risk Governance Leadlocations : Cyberjaya-Wisma Shelltime type : Full timeposted on : Posted Todayjob requisition id : R Selangor, Malaysia • •Job Fa...Tunjukkan lagiKemas kini terakhir: 4 hari yang lalu
    • Dinaikkan pangkat
    Manager, Ground Operations Training

    Manager, Ground Operations Training

    Malaysia AirlinesSepang, Selangor, Malaysia
    Manager, Ground Operations Training.The Manager, Ground Operations Training is expected to ensure organizational compliance with relevant regulations through effective training and risk management....Tunjukkan lagiKemas kini terakhir: 4 hari yang lalu