Information Security Analyst

Job Summary

Define and implement secure cloud environments. Implement and manage CASB solutions to monitor, prevent, and control information protection across cloud applications. Design and implement Azure Information Protection policies. Enforce controls for Data Leakage Prevention (DLP) using cloud-native DLP solutions like Microsoft Purview, Zscaler DLP, Proofpoint, or Symantec DLP. Design a zero-trust framework across Cloud & AI services. Establish and enforce guardrails to prevent sensitive or regulated data from being exposed, misused, or leaked through AI/LLM. Identify, design, and implement internal process improvements, such as automating manual processes and optimizing data protection solutions. Work with architects and other leads on service strategies across people, process, and technology. Define roadmaps for future service and product capabilities. Review and validate mature operating models for the service with other stakeholders. Identify opportunities for continuous and automated deployment. Document and publish service catalogs to provide transparency on service capabilities and improve the end-user journey. Manage demand driven by stakeholders like business and regulators. Partner with technical teams and solution architects to analyze requirements and build robust data protection solutions. Work with internal and external auditors to support auditing requirements. Collaborate with business teams, infrastructure teams, security operations, and project teams to offer technical guidance.

Candidate to have

• Minimum 5-10 years of experience in relevant security products.
• Design, implementation, and management of cloud environments and CASB solutions.
• Hands-on experience with data protection technologies such as Information Rights Management, Data Discovery & Classification, Cloud Security, and Data Loss Prevention is a must.
• Delivered engagements across the cloud security lifecycle, including strategy definition, architecture, design, and implementation in line with regulatory standards.
• Hands-on experience in implementing AI guardrails on AI/LLM models.
• Experience working with geographically dispersed teams, preferably in the Financial Services industry.
• Experience with enterprise applications (architecture, development, support, and troubleshooting).
• Experience and exposure to security products to assess security implications and requirements for new technologies.
• Strong interpersonal and communication skills; ability to work in a team environment.
• Industry certifications like CISSP, CCSP, Azure & AWS related certifications would be a plus.

Responsibilities

Strategy

DLP Specialists need more than just tool skills; they must ensure controls are effective, aligned with business needs, and resilient to new risks like Cloud and AI/LLM usage. This involves a cycle of Discover -> Protect -> Monitor -> Improve. The role requires balancing business enablement with data protection, ensuring controls evolve with Cloud & AI risks.

Business

Awareness and understanding of the wider business, economic, and market environment in which the Group operates to ensure implemented controls enable the business and mitigate data loss risks.

Processes

Identify, design, and implement internal process improvements, such as automating manual processes and optimizing data protection solutions.

People & Talent

Lead by example and cultivate the appropriate culture and values. Set clear expectations for the team and collaborate effectively with risk and control partners.

Risk Management

Proactively manage risk by identifying, assessing, reporting, and mitigating risks.

Governance

Responsible for adhering to defined processes. Proactively assess the effectiveness of processes and controls.

Regulatory & Business Conduct

Display exemplary conduct and live by the Group’s Values and Code of Conduct. Take personal responsibility for embedding the highest standards of ethics, including regulatory and business conduct, across Standard Chartered Bank. This includes understanding and ensuring compliance with all applicable laws, regulations, guidelines, and the Group Code of Conduct. Effectively and collaboratively identify, escalate, mitigate, and resolve risk, conduct, and compliance matters. Lead to achieve the outcomes set out in the Bank’s Conduct Principles.

Key Stakeholders

• Cyber Security Operations
• WKS Workplace Technology
• Email Security
• Perimeter Security

Qualifications

• Education: Computer Graduate and Above
• Certifications: CISSP, CCSP, AZURE & AWS certification

Role Specific Technical Competencies

• Cloud Security
• AI / LLM
• CASB (Cloud Access Security Broker)
• Data Loss Prevention (Microsoft Purview, Proofpoint)
• Microsoft Purview - Data Security Posture Management (DSPM), Data Security Investigations, Insider Risk Management, Data Security Posture Management for AI
• Azure Information Protection (AIP)
• Python, PowerBI

About Standard Chartered

We are an international bank, nimble enough to act and big enough for impact. For over 170 years, we have worked to make a positive difference for our clients, communities, and each other. We question the status quo, love a challenge, and enjoy finding new opportunities to grow and do better than before. If you are looking for a career with purpose and want to work for a bank making a difference, we want to hear from you. You can count on us to celebrate your unique talents, and we can't wait to see the talents you can bring us.

Our purpose, to drive commerce and prosperity through our unique diversity, along with our brand promise to be here for good, are achieved by how we each live our valued behaviors. When you work with us, you will see how we value difference and advocate inclusion.

Together We:

• Do the right thing and are assertive, challenge one another, and live with integrity, while putting the client at the heart of what we do.
• Never settle, continuously striving to improve and innovate, keeping things simple and learning from doing well, and not so well.
• Are better together; we can be ourselves, be inclusive, see more good in others, and work collectively to build for the long term.

What We Offer

In line with our Fair Pay Charter, we offer a competitive salary and benefits to support your mental, physical, financial, and social wellbeing.

• Core bank funding for retirement savings, medical and life insurance, with flexible and voluntary benefits available in some locations.
• Time-off including annual leave, parental/maternity (20 weeks), sabbatical (12 months maximum), and volunteering leave (3 days), along with minimum global standards for annual and public holidays, combined to 30 days minimum.
• Flexible working options based around home and office locations, with flexible working patterns.
• Proactive wellbeing support through Unmind, a market-leading digital wellbeing platform, development courses for resilience and other human skills, global Employee Assistance Programme, sick leave, mental health first-aiders, and all sorts of self-help toolkits.
• A continuous learning culture to support your growth, with opportunities to reskill and upskill, and access to physical, virtual, and digital learning.
• Being part of an inclusive and values-driven organization that embraces and celebrates our unique diversity across our teams, business functions, and geographies – everyone feels respected and can realize their full potential.

Key skills/competency

• Cloud Security
• Information Security Analyst
• Data Loss Prevention
• CASB
• AI/LLM Security
• Microsoft Purview
• Azure Information Protection
• Risk Management
• Cybersecurity
• Compliance