Head, Authorisation Security(Singapore, Malaysia)

Press Tab to Move to Skip to Content Link

Select how often (in days) to receive an alert:

Select how often (in days) to receive an alert:

36810

Technology

Regular Employee

Office - Full Time

7 Aug 2025

JOB SUMMARY

This role could be based in Singapore and Malaysia. When you start the application process you will be presented with a drop down menu showing all countries, Please ensure that you select a country where the role is based.

Role Overview:
Identity and Access Management (IAM) is a critical function within Standard Chartered Bank operating under the overall purview of Group CISO. We are seeking a technically experienced and strategically minded leader to serve as Head of Authorisation Security. The successful candidate will be responsible for driving the enterprise-wide strategy, design, implementation, and governance of authorisation policies, capabilities, and controls to safeguard access to critical systems, applications, and data. This role is pivotal in maturing our Zero Trust and least privilege posture, partnering with technology and business stakeholders to embed strong access governance across the organisation.

RESPONSIBILITIES

Strategy

• Lead the end-to-end strategy and execution of the IAM Authorisation Security function, with a strong emphasis on access policy enforcement, privilege elevation, and role-based access control (RBAC).

• Operationalise authorisation security frameworks aligned with Zero Trust principles, ensuring scalable and consistent policy enforcement across hybrid and multi-cloud environments.

• Oversee the design, implementation, and continuous improvement of fine-grained access controls, including ABAC (Attribute-Based Access Control), PBAC (Policy-Based Access Control), and JIT (Just in Time) access.

Business

• Partner with all business units, Business CISOs, application owners, and engineering teams to establish and operationalise enterprise-wide role modelling, segregation of duties (SoD), and entitlements governance.

• Lead a team to design and operate products and workflows with user experience and service excellence in mind.

• Execute centralised controls and maintain oversight of decentralised controls across authorization security, and access governance.

Processes

• Own, execute and operate centralised controls for all IAM Authorisation Security Global Process Owner (GPO) responsibilities.

• Own the oversight and providing control effectiveness SME recommendations on solutions of decentralised controls for all IAM Authorisation Security Global Process Owner (GPO) responsibilities.

• Define and continuously improve end-to-end processes for:

• Access governance and lifecycle management

• Privileged Identities lifecycle management

• Standardise authorisation security onboarding playbooks across cloud, on-prem, and hybrid workloads.

• Implement ABAC (Attribute-Based Access Control), PBAC (Policy-Based Access Control), and JIT access

• Build reusable workflow templates and automation libraries for provisioning, deprovisioning, access requests, and recertifications into pipelines or workloads.

• Partner with Cyber Ops to define and operationalise incident management processes for authorisation bypass, or privileged escalation events

• Establish clear RACI models and documentation for authorisation security ownership, ensuring accountability across technology domains.

Technology

• Operate centralised Authorisation security solutions and technologies (e.g., SailPoint, ForgeRock, Ping Identity, Azure AD, AWS IAM, etc.).

• Lead a team of SMEs to drive the implementation of access control principles, including RBAC, ABAC, SoD, Just-In-Time (JIT) access, and policy enforcement points (PEPs).

• Lead the implementation of Authorisation security requirements in the following areas: Edge devices / ORB (Routers, Switches, FW, etc.), Platforms (Windows, Unix, VM), DB, APIs, AI agents, Applications, Endpoints, Devices, IoT, IaaS, PaaS, SaaS

• Implement access governance and provisioning solutions across enterprise, cloud, and hybrid infrastructures.

• Operate and drive the implementation of security principles in Access governance solutions, and Privileged Identity Access Management solutions.

• Ensure service resilience and SLA for centralised products are adhered to

• Ensure relevant KPIs and metrics are managed pro-actively and prompt actions are taken to correct course where downward trends are observed.

People & Talent

• Manage requirements and SLAs across senior technology leaders, business leaders, auditors, and risk functions to align IAM strategies with enterprise risk appetite.

• Translate complex IAM concepts into business-friendly language for non-technical stakeholders.

• Collaborate across multiple domains – IT infrastructure, cloud, enterprise architecture, application teams, and compliance to deliver.

• Provide strong project and delivery leadership, with ability to prioritise and deliver IAM initiatives in alignment with cybersecurity roadmap and regulatory timelines.

• Lead, mentor, and grow a team of IAM security product owners and engineers, fostering a culture of technical excellence and continuous improvement.

• Foster a collaborative and high-performance team culture.

• Manage key vendor relationships related to IAM platforms, security tools, and managed services.

• Lead through example and build the appropriate conduct, culture and values. Set appropriate tone and expectations from their team and work in collaboration with risk and control partners.

• Employ, engage and retain high quality people, with succession planning for critical roles.

Risk Management

• Define KPIs and reporting metrics to measure control effectiveness for IAM Authorisation Security, maturity, and compliance with regulatory requirements (e.g., PRA, HKMA, MAS TRM, ISO 27001, NIST).

• Provide SME lead during internal and external audits from IAM Authorisation Security perspective and ensure resolution of Authorisation security related findings or control gaps.

Governance

• Implement, and maintain IAM authorisation security controls based on industry standards (NIST 800-63, NIST CSF, ISO 27001, CIS Controls, MITRE, etc.) and regulatory requirements (MAS, PRA, HKMA, GDPR, SOX, etc.).

• Ensure effective IAM Authorisation Security inputs into Governance Boards by providing evidence of high-level and low-level security technical standards being met, stakeholder requirements being met and transparency of critical service metrics.

Regulatory & Business Conduct

• Display exemplary conduct and live by the Group's Values and Code of Conduct.

• Take personal responsibility for embedding the highest standards of ethics, including regulatory and business conduct, across the Bank. This includes understanding and ensuring compliance with, in letter and spirit, all applicable laws, regulations, guidelines and the Group Code of Conduct.

• Lead the Team to achieve the outcomes set out in the Bank's Conduct Principles

• Effectively and collaboratively identify, escalate, mitigate and resolve risk, conduct and compliance matters.

• Display exemplary conduct and live by the Group's Values and Code of Conduct.

• Take personal responsibility for embedding the highest standards of ethics, including regulatory and business conduct, across Standard Chartered Bank. This includes understanding and ensuring compliance with, in letter and spirit, all applicable laws, regulations, guidelines and the Group Code of Conduct.

• Effectively and collaboratively identify, escalate, mitigate and resolve risk, conduct and compliance matters.

• Lead to achieve the outcomes set out in the Bank's Conduct Principles

Key Stakeholders

Other Responsibilities

• Firm leadership, team-building, and cross-functional communication skills.

• Experience operating in large, complex, and regulated environments.

Our Ideal Candidate

• 10+ years of experience in cybersecurity with at least 5+ years leading IAM functions.

• Expertise in Access Governance, Identity Provider and Privileged Identity Access Management solutions

• Expertise in managing Security Product and Engineering teams

• In-depth understanding of RBAC, ABAC, SoD, Just-In-Time (JIT) access, and policy enforcement points (PEPs).

• Certifications: CISSP, CCSP, CISM, GIAC GDSA, or equivalent

Role Specific Technical Competencies

• Manage Vendors

• Information Security Policy and Strategy

• Manage Change

• Management of Front-Line Risk

• Strategy & Business Model

• Manage Vendors

We're an international bank, nimble enough to act, big enough for impact. For more than 170 years, we've worked to make a positive difference for our clients, communities, and each other. We question the status quo, love a challenge and enjoy finding new opportunities to grow and do better than before. If you're looking for a career with purpose and you want to work for a bank making a difference, we want to hear from you. You can count on us to celebrate your unique talents and we can't wait to see the talents you can bring us.

Our purpose, to drive commerce and prosperity through our unique diversity, together with our brand promise, to be here for good are achieved by how we each live our valued behaviours. When you work with us, you'll see how we value difference and advocate inclusion.

Together we:

• Do the right thingand are assertive, challenge one another, and live with integrity, while putting the client at the heart of what we do
• Never settle,continuously striving to improve and innovate, keeping things simple and learning from doing well, and not so well
• Are better together,we can be ourselves, be inclusive, see more good in others, and work collectively to build for the long term

In line with our Fair Pay Charter,we offer a competitive salary and benefits to support your mental, physical, financial and social wellbeing.

• Core bank funding for retirement savings, medical and life insurance,with flexible and voluntary benefits available in some locations.
• Time-offincluding annual leave, parental/maternity (20 weeks), sabbatical (12 months maximum) and volunteering leave (3 days), along with minimum global standards for annual and public holiday, which is combined to 30 days minimum.
• Flexible workingoptions based around home and office locations, with flexible working patterns.
• Proactive wellbeing supportthrough Unmind, a market-leading digital wellbeing platform, development courses for resilience and other human skills,global Employee Assistance Programme, sick leave, mental health first-aiders and all sorts of self-help toolkits
• A continuous learning cultureto support your growth, with opportunities to reskill and upskill and access to physical, virtual and digital learning.
• Being part of an inclusive and values driven organisation,one that embraces and celebrates our unique diversity, across our teams, business functions and geographies - everyone feels respected and can realise their full potential.

Some of our roles use assessments to help us understand how suitable you are for the role you've applied to. If you are invited to take an assessment, this is great news. It means your application has progressed to an important stage of our recruitment process.

Provider

Description

Enabled

SAP as service provider

• "route" is used for session stickiness
• "careerSiteCompanyId" is used to send the request to the correct data centre
• "JSESSIONID" is placed on the visitor's device during the session so the server can identify the visitor

Description

Enabled

LinkedIn