Senior VP, OTCR, Technology Resilience

Job Summary

The Group Operational, Technology and Cybersecurity Risk (OTCR) organisation is instrumental in protecting and ensuring the resilience of Standard Chartered Bank’s data and IT systems by managing technological, information and Cyber Security (ICS) risks across the enterprise.

As a critical function reporting into the Group Chief Risk Officer (CRO), Group OTCR serves as the second line of defence for assuring Operational, Technology and ICs controls are implemented effectively and in accordance with the Enterprise Risk Management Framework (ERMF) and the ICs Risk Type Framework, and for instilling a positive culture of Operational, Technology and Cybersecurity risk management within the Bank.

As part of the function, OTCR for T&O performs a pivotal role in oversight of the T&O Group Resilience and Technology & Architecture functions. This specific OTCR role has accountability for 2nd Line of Defence oversight for all OTCR risks as they relate to Technology Resilience outcomes, including the change execution portfolio for key resilience initiatives.

The role therefore requires experience working within similar functions in managing the broad range of non-financial risks outcomes for technology resilience (availability, recoverability and restoration) and “joining the dots” to operational resilience processes (continuity planning, continuity planning and continuity in resolution). The successful candidate will bring both risk management oversight experience and technical knowledge on technology resilience controls implemented through modern architecture and software techniques.

We welcome candidates with experience of risk management across any of the three lines of defence, as well as more technical candidates seeking to transition to a second line oversight role from a technical role in technology where they can leverage their deep subject matter expertise in architecture and technology solution design and implementation from their previous roles.

Key Responsibilities Strategy

The Head Operational, Technology and Cybersecurity Risk (OTCR), Technology & Operations (T&O) Technology Resilience is a permanent strategic single contributor role that requires strong business acumen, deep knowledge and in-depth experience of Resilience encompassing the disciplines across technology resilience, business resilience and the change governance oversight of the various programmes delivering resilience uplifts.

The candidate would be joining at a critical and exciting juncture, as the bank continues to strengthen resilience through transformation change investment. In addition to the second line risk oversight role for operational processes, the candidate will bring a strategic mindset and thought leadership to help bring actionable insights in relation to these improvements delivered though transformation change.

The successful candidate will have a strong understanding of operating in a second line capacity within a risk management organisation, and can respond flexibly and collaboratively to evolving business, operational and regulatory environment. The role reports directly to the second line Managing Director, OTCR, Technology & Architecture and Technology Resilience and will work closely with the OTCR SME / Policy Owner for Client Service Resilience. The candidate will be deep knowledge and experience of technology resilience topics and be able to influence both business and technology enablers to drive positive risk outcomes.

The Head OTCR, T&O Technology Resilience will work with other OTCR Coverage and SME / Policy Owner teams to address the broader OTCR risk types for the Bank and support its integration into the Bank's overall Enterprise Risk Management strategy.

Business

The role delivers services that continually monitor OTCR risk landscape, undertake constructive and robust oversight of the effectiveness of controls and risk remediation strategies, and ensure accurate, insightful, and transparent risk reporting is provided to senior management to provide them appropriate assurance and confidence on the T&O Resilience risk profile.

We are seeking a Technology Resilience risk specialist to deliver a range of activities associated with the discharging of OTCR second line responsibilities. This role will have considerable engagement with the T&O Group Resilience stakeholders, Technology & Architecture stakeholders, T&O Programme Managers, the T&O Risk & Control function and OTCR SME / Policy Owners for Operational Resilience.

Processes

Thought leadership and second line risk opinions on whether the first line processes and change programmes will meet the strategic direction of Resilience policies and risk obligations.

Overseeing and challenging 1st line T&O Resilience Risk & Control Self Assessments.

Overseeing and challenging 1st line T&O Resilience Response Framework for responding and managing the treatment of Material Risk Events and Elevated Residual Risks.

Overseeing 1st line T&O Resilience Transformation Change programmes.

Assuring the 1st line implements controls to comply with the OTCR Standard, Operational Resilience Policy, Change Governance Policy and applicable standards.

Overseeing implementation and the continual improvement and effectiveness of the controls to mitigate OTCR.

Promoting a healthy OTCR risk culture and good conduct within T&O and its various key Programmes.

Supporting the Managing Director, OTCR, Tech & Architecture and Technology Resilience in generating key risk insights to challenge OTCR Risk, oversight of Resilience Portfolio health and Corporate Plan.

People & Talent

Lead through example and build the appropriate culture and values.

As a single contributor role, the candidate will be expected to support the overall team’s objectives to employ, engage, and retain high quality people, with succession planning for critical roles.

Uphold and reinforce the independence of the second line OTCR function.

Provide guidance and training for OTCR T&O Coverage on managing resilience‑related risk types.

Risk Management

Support the assessment of OTCR Risk and reporting by T&O 1st line teams.

Support the wider OTCR T&O team in the use of the resilience frameworks and other techniques from a 2nd line perspective.

Raise visibility of resilience weaknesses to drive improvements and upliftment.

Highlight gaps or control weaknesses relating to the Technology Policy, Control Standards., Technical Standards and methodologies related to technology resilience and how these relate to business resilience outcomes.

Support the creation of risk mitigation plans calling out where these are ineffective or insufficiently followed.

Perform thematic reviews as required by the OTCR T&O team and help develop new risk insights.

Governance

Work with teams within T&O Resilience and participate in work groups and other meetings to understand, advise, and challenge on OTCR Risk matters.

Report any OTCR Risk issues for escalation up to the T&O Non‑Financial Risk Committee which require attention and support.

Ensure consistency of reporting and production of high‑quality documentation and materials.

Provide recommendations and feedback to OTCR T&O Coverage teams and Second Line Resilience SME based on experience with T&O Resilience.

Regulatory & Business Conduct

Display exemplary conduct and live by the Group’s Values and Code of Conduct.

Take personal responsibility for embedding the highest standards of ethics, including regulatory and business conduct, across Standard Chartered Bank. This includes understanding and ensuring compliance with, in letter and spirit, all applicable laws, regulations, guidelines and the Group Code of Conduct.

Effectively and collaboratively identify, elevate, mitigate, and resolve risk, conduct and compliance matters.

Key stakeholders

Group OTCR T&O, Leadership Team and Coverage Officers

Group OTCR SME / Policy Owners

T&O Group Resilience

T&O Technology & Architecture

Group Internal Audit

Identified business stakeholders

Other Responsibilities

Embed Here for good and Group’s brand and values in OTCR; Perform other responsibilities assigned under Group, Country, Business or Functional policies and procedures within OTCR T&O covering other domains beyond main domains of responsibility.

Skills and Experience

Crisis Management

Contingency and Disaster Recovery

IT Service Continuity Management

Operational Risk

Risk Management

Qualifications Education

A degree level education

Training

Minimum 10 years’ experience in operational risk management preferably in the Banking and Financial sector, with 5 years hands‑on experience resilience and related risks.

Strong knowledge of both business and technology resilience methods, practices and approaches

Strong knowledge of change management best practices and frameworks (e.g. Agile Methods, Project and Programme Management Professional certifications, etc)

Certification

Professional Certifications such as ORCE, CORM, PECB, certifications for technology risk and controls such as CRISC and change management certifications such as PMP, CAPM, AgilePM, PMP, PgMP, SAFe are desirable

Languages

Excellent written and oral communication and reporting skills in English, ability to present complex Change Risk concepts to non‑technical stakeholders

About Standard Chartered We’re an international bank, nimble enough to act,...