Director, Cyber and Technology Digital Asset Risk

Job ID: 28824

Location: Singapore, SG

Area of interest: Governance, Risk Management & Compliance

Job type: Regular Employee

Work style: Hybrid Working

Opening date: 15 May 2025

**JOB SUMMARY**
- The Operational, Technology and Cyber Risk (OTCR) organisation is instrumental in protecting and ensuring the resilience of Standard Chartered Bank’s operations, data, and IT systems by managing operational, technology and cyber risk across the enterprise. Reporting into the Group Chief Risk Officer (CRO), the Group OTCR team serves as the second line of defence for assuring that controls are implemented effectively, in accordance with the OTCR Framework, and for instilling a risk culture within the Bank.
- This role is part of the Subject Matter Expert function for Cyber Security and Technology Risk, which provides targeted and in-depth analysis, guidance, and oversight of critical topics across the Bank. The role provides the benefits of getting broad exposure to the Banks global team and operations whilst simultaneously getting into the details for key projects, topics and challenges.

**What is the role?**
- This role will support the Bank as it extends it’s footprint in Digital Asset services in the coming years.

**Who are we looking for?**
- Given the evolving nature of the topic we’re looking for a self-starter who is willing to continually learn and develop to stay at the cutting edge of best practice.
- An individual who will collaborate and share knowledge to help the process of upskilling the developing the broader ICS and Technology community.
- Someone with a drive and intellectual curiosity to explore new problems, topics and challenges in a highly dynamic and fast paced area.

**RESPONSIBILITIES**

**Strategy**
- Oversight of ICS and Technology Strategic direction and plans for Digital assets.

**Risk Management**
- Digital Asset Risk Framework Development & Enhancement: Contribute to the development, implementation, and maintenance of a comprehensive digital asset risk management framework, aligned with industry best practices and emerging regulatory requirements.
- Risk Identification & Assessment: Proactively identify and assess emerging cyber security and technology risks across the digital asset landscape. This includes evaluating risks related to:

- Blockchain Security: Smart contract vulnerabilities, consensus mechanism attacks, 51% attacks, network congestion.
- Custody Solutions: Private key management, wallet security, exchange hacks, custody provider risks.
- Market Manipulation: Pump and dumps, wash trading, insider trading.
- Regulatory Compliance: AML/KYC requirements, sanctions screening, tax implications.
- Operational Resilience: System failures, data breaches, DDoS attacks.
- Third-Party Risks: Security of exchanges, custodians, DeFi protocols, and other service providers.
- Risk Mitigation & Control Evaluation: Evaluate the design and effectiveness of controls implemented by the first line of defence to mitigate identified digital asset risks. Challenge and provide recommendations for improvement where necessary.
- Collaboration & Communication: Collaborate closely with stakeholders across Technology, Legal, Compliance, Product, and other relevant departments to ensure a consistent and coordinated approach to digital asset risk management.
- Knowledge & Expertise: Stay abreast of the latest developments in blockchain technologies, cyber security threats, regulatory landscape, and emerging trends within the digital asset space. Share knowledge and best practices with the broader organization.
- Policy & Guidance: Contribute to the development and maintenance of policies, standards, and guidelines related to the secure and compliant use of digital assets within the organization.
- Challenge & Oversight: Provide independent challenge and oversight of the first line of defence’s management of digital asset risks

**Governance**
- Monitoring & Reporting: Establish and execute ongoing monitoring activities to track the effectiveness of digital asset risk management controls. Prepare and present regular reports on digital asset risk posture to senior management and relevant committees.

**Regulatory & Business Conduct**
- Display exemplary conduct and live by the Group’s Values and Code of Conduct.
- Take personal responsibility for embedding the highest standards of ethics, including regulatory and business conduct, across Standard Chartered Bank. This includes understanding and ensuring compliance with, in letter and spirit, all applicable laws, regulations, guidelines and the Group Code of Conduct.
- Effectively and collaboratively identify, escalate, mitigate and resolve risk, conduct and compliance matters.
- Lead to achieve the outcomes set out in the Bank’s Conduct Principles**Key Stakeholders**
- Business Lines and Functions implementing Digital Assets
- Central Digital Asset Risk and Technology Teams.
- Cyber Security and Technology Teams.
- CISO’s
- Group Internal Audit
-