Head of Endpoint, Email and Server Protection

Job ID: 27996

Location: Singapore, SG

Area of interest: Technology

Job type: Regular Employee

Work style: Hybrid Working

Opening date: 6 May 2025

**Key Responsibilities**
- The Group Chief Information Security Officer (CISO) organisation is instrumental in protecting and ensuring the resilience of Standard Chartered Bank’s data and IT systems by managing Information and Cyber Security (ICS) risk across the enterprise.
- ICS Protect domain is central to ensuring the Bank’s ability to meet its ICS commitment to internal and external stakeholders, including regulators, as well as maintaining an acceptable ICS risk profile that is regularly reported to the Board, and that is supported by the Group ICS Risk & Governance Function.

**Strategy**
- Develop and implement comprehensive strategies for endpoint protection and threat configuration aligned with the overarching cyber defence goals.
- Drive innovative approaches incident response, and preventive measures, ensuring they align with business objectives.
- Collaborate with executive leadership to integrate cutting-edge technologies and proactive methodologies within the endpoint security framework.
- Development of procedures and roadmap that align with bank’s architecture and security policy/standards for any future initiatives such as technology refresh, new emerging technology, etc.

**Business**
- Define and communicate the business impact of endpoint security posture, both in risk mitigation and business continuity.
- Implement frameworks for secure business operations, ensuring that security measures complement and enable seamless business activities.
- Regularly assess and communicate the business value and ROI of endpoint security investments

**Processes**
- Oversee the development and enhancement of robust processes for endpoint protection, incident response, and threat configuration.
- Establish and optimize procedures for continuous monitoring, analysis, and adaptation to evolving cyber threats.
- Streamline and automate processes to enhance efficiency while maintaining the highest level of security standards.

**People & Talent**
- Foster a culture of excellence, mentorship, and continuous learning within the team.
- Attract, retain, and develop top-tier talent in the field of endpoint security, ensuring a diverse and skilled workforce.
- Cultivate a collaborative and inclusive environment to maximize team productivity and effectiveness.
- Lead through example and build the appropriate culture and values. Set appropriate tone and expectations from their team and work in collaboration with risk and control partners.
- Ensure the provision of ongoing training and development of people and ensure that holders of all critical functions are suitably skilled and qualified for their roles ensuring that they have effective supervision in place to mitigate any risks.
- Employ, engage and retain high quality people, with succession planning for critical roles.
- Responsibility to review team structure/capacity plans.
- Set and monitor job descriptions and objectives for direct reports and provide feedback and rewards in line with their performance against those responsibilities and objectives.

**Cost and Investment Management**
- Deliver cost targets as per the direction from the Group CISO
- Ensuring ICS Protect is appropriately funded, resourced, prioritised, integrated, managed, and delivered across the Group.

**Risk Management**
- Identify and evaluate emerging cyber threats and strategize for proactive risk mitigation.
- Implement and oversee risk management protocols to minimize potential vulnerabilities.
- Regularly assess the risk landscape and adapt strategies to address new and existing threats.

**Governance**
- Enforce and maintain governance protocols to ensure adherence to the highest security standards.
- Oversee the compliance and alignment of endpoint security with industry standards and best practices.
- Establish governance frameworks to manage security policies, procedures, and controls effectively.
- responsible for assessing the effectiveness of the Group's arrangements to deliver effective governance, oversight and controls in the business and, if necessary, oversee changes in these areas
- Awareness and understanding of the regulatory framework, in which the Group operates, and the regulatory requirements and expectations relevant to the role.

**Regulatory & Business Conduct**
- Ensure compliance with regulatory requirements and industry standards, managing audits and certifications related to endpoint security.
- Advise on regulatory changes impacting endpoint security and lead adaptations accordingly.
- Uphold ethical conduct and adherence to all applicable laws and regulations in the implementation and management of endpoint security strategies.
- This role demands a strategic visionary with a strong understanding of both technology and business, capable of leading and driving change in the ever-evolving landscape of cybe