Chief Information Officer
Standard CharteredFull time Full day
: Africa & Middle East-Pakistan-Karachi
: 13/May/2022, 10:15:49 AM
: 27/May/2022, 5:59:00 PM
The Chief Information Officer is responsible for maintaining the Bank’s Technology infrastructure capability, supporting the business activities across the Business segments. The responsibility of the Country CIO also includes ensuring full compliance with all Country and Group policies (consistent in execution), statutory regulations, local banking laws, anti-money laundering regulations and industry practices.
The Chief Information Officer takes primary ownership of country business engagement and communication to influence and drive future technology agenda for country in alignment with Group Technology strategy orchestrating seamless support from all technology players to ensure delivery of the best technology solutions in time, within budget, with least risks and highest service continuity. The responsibilities also include providing local leadership across all teams and contributing to employee engagement, talent development and performance management.
- Ensure processes, guidelines and procedures are in place and enforced for quality execution, running, operations and support of the bank infrastructure. Review and fine-tune the existing processes, guideline and procedures in line with industry’s best practise and experiences.
- Lead and / or assist in new implementations or upgrades to existing systems, including project management, project tracking and project status reporting to develop transformation with new solutions and upgrades for enhancing the capabilities that align to Business strategies with an end-to-end view
- Develop client related technology service strategies to enhance revenue potential and improve utilisation of current service provisions.
- Involve and play pivotal role in investment decisions and PED authorisations
- To assist in new implementations or upgrades to existing systems, including project management, tracking and reporting.
- Country technology budget management
- Identify projects and initiatives to improve human, machine efficiency and overall control environment.
- Own and implement the Service Improvement initiatives for systems
- Understand and contribute to country’s business strategy and communicate country business direction to Group Technology. Influence Group Technology to ensure that approved business plans have matching technology investment plans available for business investment committee evaluation
- Responsible for the enforcement of global strategies and standards including ensuring risk / compliance and security / build standards.
- Ensuring that all technology service needs are addressed, regardless of type, to comply with any prevailing SLAs and/or reasonable expectations of country businesses.
- Reviewing progress of Group Technology service improvement initiatives for the country, escalating and contributing ideas as appropriate;
- Ensure adequate capacity plan is in place to meet business growth and transformative projects
- Provide steer in major Business driven projects to ensure minimum manual hand-off processes with good Technology service metrics (Delivery timeline, Business Benefits metrics etc)
- Work with relevant stakeholders to enhance client experience vide changes and introduction of new technologies and innovation to enhance revenue potential
- Facilitate/coordinate business-facing forums (where required) and involve the relevant Group Technology personnel. Ensure suitable executive forum representation of Country Management Team.
- All relevant documentations are in place guided by bank’s policies and procedures with periodic review and updates.
- Provide professional consultation to management and internal client on technical issues associated with databases and associated software products.
- Drive the country business agenda - viz. technology projects, system enhancements, problem resolutions etc for Pakistan.
- Ensure root cause analysis is completed for all high severity incidents and preventative actions are defined and implemented. Provide quality input into the post-mortem process to enable the ITSC to deliver quality post-mortems.
- Ensure that the Group Technology change management process caters for all country/regional change needs, and that any complementary in-country/regional approval processes are confirmed with Group Technology. In approving system changes, the CIO will act as the ‘gatekeeper’ of the country’s/region’s production environment by assessing impact and level of risk as a result of scheduled changes.
- For incidents having significant business impact, support the problem/incident management process which is owned by Group Technology. This will mainly involve the communication/escalation to business management of service impact, recovery process, root cause, and mitigating actions, and communication back to Group Technology of business concerns.
- Drive continuous improvements in Productivity and Cost Efficiencies
- Be accountable for all Technology services supported by internal and external service providers
- Ensure high security and protection of the Bank’s, Client information & assets
- Streamline and digitize end-to-end processes to reduce manual hand-off, reduce risk and improve client/customer service collaborating with relevant stakeholders
- Measure and improve business satisfaction with overall Group Technology service on a regular basis. Feedback to be channelled into Group Technology management for improvement planning. Also ensuring Country/Regional business awareness of Group Technology plans accordingly.
People and Talent
- Lead through example and build the appropriate culture and values. Sets appropriate tone and expectations for their team and work in collaboration with risk and control partners.
- Maintain an expert knowledge within the team and keep abreast on industry trends in relation to business requirements and the direction of the bank.
- Provide support and guidance to other technical teams.
- Employ, engage and retain high quality (skill and experienced) people to deliver its obligations.
- Ensure the provision of ongoing training and development; ensure that direct reports are suitably skilled and qualified for their roles and that they have effective supervision in place to mitigate any risks.
- Set and monitor job descriptions and objectives for direct reports and provide feedback and rewards in line with their performance against those responsibilities and objectives.
- Adhere to risk management framework of the bank. KCSA and KRI to be in place. Also responsible for service improvement process (SIP) initiatives and reporting, including audit compliance, directly and indirectly.
- Protectors of the local environment, including responsibility to ensure safe and tidy IT installations and cabling, local regulatory compliance, health and safety adherence etc.
- Risk management control, KCS assistance, SIP initiatives and reporting, including Technical audit compliance, directly and indirectly.
- Enable support for key Technology initiatives/risks in the Pakistan
- Advice on potential risk areas and work out action plans to address them.
- Review and manage implementation of all changes to ensure no risk to stability of systems / infrastructure.
- Comply with the Group Operational Risk Policy and the Technology Risk Framework.
- Participate in business BORG meetings and pursue and provide updates on all technology risks.
- Provide regular status updates including progress, top risks and issues to the respective country and regional forums for the relevant domains. Track regulatory status, key milestones, risks, dependencies and issues.
- Interface with Technology forums to ensure security technologies are operating with input from countries and be actively involved in the roadmap of these technologies by providing regional/country input.
- Ensure management of T&I processes as per Enterprise Risk Management Framework.
- Facilitating the evolution and agreement of balanced business risk and commercial service level agreements between business groups and Group Technology;
- Ensure that country’s exposure to each form of technology risk is understood and managed. Ensure regulator and external audit 2-way communication, submission requirements and reporting needs are met by Group Technology to address any such legal and compliance expectations. Provide resource to complement Group Technology model as needed.
- Ensure Country adheres to Internal and External Sourcing Policies and Procedures related to Technology
- Effective management of all Technology risks including reporting high or very high rated risks based on Group materiality thresholds to the relevant Risk Committees
- Act quickly and decisively when any risk and control weakness become apparent and ensure they are addressed within an appropriate timeframe and escalated through the relevant committees.
- As required, act as the first line risk owner under the Group’s risk management framework at the appropriate level, e.g. Country
- Ensure all necessary external legal and regulatory controls are in place from initial migration through service provisioning for Technology
- Balance business performance delivery and cost management constraints with risk and control matters to ensure that they do not materially threaten the Group’s ability to remain within risk appetite.
- Ensure risk metrics are actively reviewed along with the Risk & Control Function
- Ensure risks associated with acquisition and integration activities are well documented and addressed
- Ensuring that Group Technology responds to all forms of end-to-end country/regional business technology risk needs, including all audit, local regulatory, compliance, DR, BCP technology component, obsolescence, virus susceptibility and security needs. This includes the coordination of penetration testing conducted by GIS or external parties for internet-based systems to comply with local regulatory requirements. Escalate material technology risks to relevant Technology forums.
- Support HISC and CISRO (as appropriate) for the execution of Information & Cyber Security framework in the Country.
- Ensure compliance to bank’s sustainability agenda.
- Ensure that current and new technical solutions satisfy both the immediately and long-term needs of the business and ensure adherence with the bank’s technical and security standards in all aspects.
- Be the central point of contact for any Audits surrounding technology / systems to ensure they are facilitated well and are satisfactory.
Regulatory & Business Conduct
- Display exemplary conduct and live by the Group’s Values and Code of Conduct.
- Take personal responsibility for embedding the highest standards of ethics, including regulatory and business conduct, across Standard Chartered Bank. This includes understanding and ensuring compliance with, in letter and spirit, all applicable laws, regulations, guidelines and the Group Code of Conduct.
- Lead to achieve the outcomes set out in the Bank’s Conduct Principles. Fair Outcomes for Clients; Effective Financial Markets; Financial Crime Compliance; for the Right Environment.
- Effectively and collaboratively identify, escalate, mitigate and resolve risk, conduct and compliance matters.
- Assists in the provision of business recovery sites to give the ability to conduct business transactions in the event of a disaster.
- Participate in PSCs and/or working groups of major projects. Follow the transition process and score production readiness of significant development.
- Establish regular forums to review and discuss business needs and overall technology deliverables/ support for Retail, Commercial and Corporate banking segments
- Support the Regional CIO to implement group policies and procedures in the region
- Fully accountable and own regulatory audit/inspections on Technology teams in region as well as in offshore service centres
- Take personal responsibility for understanding the risk and compliance requirements of the role. Understand and comply with, in letter and spirit, all applicable laws and regulations, including those governing anti-money laundering, terrorist financing and sanctions; the Group’s policies and procedures; and the Group Code of Conduct. Effectively and collaboratively identify, escalate, mitigate and resolve risk and compliance matters. Embed the Group’s values and code of conduct to ensure that adherence with the highest standards of ethics, and compliance with relevant policies, processes and regulations among employees form part of the culture.
- Regional & Country CEO, Regional & Country Management Teams, Islamic banking CEO/Chairman, Business – Direct interaction with Regional Management Team (RMT) and direct reports to discuss strategic initiatives, contribute to business strategy and communication of Group Technology strategy and initiatives, All Business Functions like Group Internal Audit, Country Financial Crime and Compliance, Finance, Legal, Consumer Private & Business Banking (CPBB), Corporate Commercial & Institutional Banking, Human Resource, Financial Market, Corporate Affairs and Brand & Marketing etc, Strategic Sourcing and Vendor Management, Technology Service Managers, Programme Managers, Risk Managers, Infrastructure Domain Managers, ITSC, Group Executives, Group Systems Development – on roadmap, new initiatives & project status, local implementations, Group Technology Production Services – on run matters and status, problem and change management, Group Technology Finance, Group Technology Project Management Office
- Local regulators and other government departments/officials, Independent Audit Firms, Third party for SCB outsource infrastructure like vendors., Industry partners, Banking Associations, etc, Relevant Exchange and Cyber Security Forum
- Comprehensive knowledge and in-depth understanding of Technology domain.
- Having organizational and team management skills.
- People management skills to be able to lead and motivate the team.
- Strong communication skills.
- Effective leadership and negotiation skills.
- Understanding of the banking and financial services industry and practices, terms and operation within the bank.
- Expert knowledge of IT Control Frameworks.
- Expert knowledge of Auditing Practices
- Thorough understanding of PC/ servers, Network, Connectivity, knowledge of LAN /WAN security systems.
- Knowledge of existing IT platform/Standards with insight into new and emerging technological advancement and an ability to innovate and upgrade the systems accordingly.
- The jobholder needs initiative, diplomacy, patience and a pragmatic approach to problems.
- Knowledge of system architecture, hardware/software and services.
- Knowledge of Cloud Computing, Artificial Intelligence, Robotic Processing Automation, Cyber Security, etc.
Recruitment assessments - some of our roles use assessments to help us understand how suitable you are for the role you've applied to. If you are invited to take an assessment, this is great news. It means your application has progressed to an important stage of our recruitment process.
Visit our careers website www.sc.com/careers