Information Security Officer

Job Description - Information Security Officer (2300016928)

Information Security Officer - ( 2300016928 )

Job

: Operations

Primary Location

Schedule

: Full-time

Employee Status

: Permanent

Posting Date

: 15/Nov/2023, 9:10:28 AM

Unposting Date

: Ongoing

Job Summary

To take necessary measures to measure, monitor, control and report the security risks derived from information technologies usage in banking activities on behalf of Board of Directors and management of Bank as explained in Banking Regulatory and Supervisory Agency’s Regulation on Information Systems and Electronic Banking Services of Banks.

Responsibilities

• Establish Information Security across the Bank in line with business requirements and business objectives, in harmony with relevant departments,
• Assist in the classification of information assets,
• Ensure the execution of, and monitor, Information Security activities and tests,
• Contribute to the determination of Information Security requirements for important projects and changes,
• Conduct an Information Security and business continuity awareness program for stakeholders concerning the Bank's Information Security,
• Apply provisions related to information systems security,
• To work in coordination with GIS/GBS on all GIS/GBS projects,
• Giving information about country requirements to GIS/GBS,
• Coordinate penetration tests, review penetration test results and take actions with Local Technology cooperation,
• Apply clean desk controls and report to GIS,
• Checking notifications and assigned tasks from National Cyber Security Defence Team and take necessary actions.

Requirements

• Minimum 8 years of experience in Information Security and/or IT Risk Management
• Have a risk mindset with ability to analyse and foresee cyber risks
• Preferable to have professional certificates such as ISO27001 LA, CEH, CISSP, CISM, CRISC etc.
• Ability to write policies and procedures on Information Security and Information Technology processes
• Have deep understanding of local banking regulations on Information/Cyber Security
• Have experience in development, establishment of Information Security tools such as DLP and SIEM etc, preferably experienced on SPLUNK.
• Have experience on monitoring of logs and reporting suspicious activities via Cyber Threat/Incident Response Management cycles
• Have Project Management capabilities
• Have basic understanding level on Business Continuity and Disaster Recovery planning.
• Excellent command of English and Turkish (both written and verbal)

This job description provides a high-level review of the types of work to be performed. Other job-related duties may be assigned as required.

Who we are and what we do

Standard Chartered Bank is a leading international banking group, with a presence in 57 markets and serving customers in over 120 markets worldwide through our network.

Our purpose is to drive commerce and prosperity through our unique diversity, and our heritage and values are expressed in our brand promise, here for good.

We’re listed on the London and Hong Kong Stock Exchanges.

Standard Chartered has had a presence in Türkiye since 2003, providing corporate and institutional banking products and services to a select number of large multinational corporates and financial institutions. Leveraging Standard Chartered’s vast geographical network, local market knowledge and expertise, our team is able to support our clients with their banking needs across the markets we operate, Europe, America, Asia, Africa and the Middle East.