Solution Architect

RESPONSIBILITIES

Vulnerability Management and Infrastructure Security (VMIS) is a critical function within Standard Chartered Bank

operating under the overall purview of COO Organisation.

The VMIS Program team is made up of Product Owners, Delivery Leads, Scrum Masters, QPR/MPR Coordinators

and PMO, who are accountable for the governance and execution of all projects within CSS VMIS Portfolio with

adherence to Enterprise Change Management (ECM) Project) and Delivery New Ways of Working Standards

(DWOWs).

As part of the Transformation activities within SCB, new security tooling and controls are being implemented to

manage vulnerability management and remediation and reduce the security risk exposure to the bank.

An experienced Solution Architect is needed to implement the configuration and system hardening, security

patch assurance tooling and remediation orchestration tooling capabilities, that will improve the banks ability to

provide the current risk exposure, detect and remediate vulnerabilities and therefore reduce the overall risk

exposure.

[See Job Description Completion Guide on back cover]

This role will be responsible for: Strategy • Proposes and/or designs technical solutions, which include creating prototypes and proofs of concept while maintaining a security mindset • Assures solutions not only are a fit for the specific purpose but also closely align with the standards guidelines of technology solutions. • Communicates the architecture to the stakeholders and collaborates and coordinates with existing domain architects in the formalization and adoption of IT standards and procedures. • Directs the identification and recommendation of appropriate solutions, upgrades, replacements, or decommissioning options incorporating business and technology productivity, usability, and total cost of ownership. • Responsible for assisting in the establishment of an IT Architecture practice, and the adoption of an architecture and standards methodology. • Develops and executes solutions which further reduce the percentage of time spent on reactive work. • Understand Application Security service and tooling needs and gather technical requirements • Influences changes to standards when necessary. • Provides analysis of security protection technologies as necessary. Business • Produce high level designs (HLD) that are aligned with short-term and long-term business needs • Provides Info security architecture & systems engineering consulting to project team and other business teams. Processes • Lead end-to-end integration of security software tools, including definition of integration design, configuration and testing • Directly assists in the development of a solutions architecture program including departmental roadmaps and project portfolios for IT systems architecture • Support the project manager with estimation and planning. • Manages activities that take place during solution ideation, solution design, and solution implementation. • Work with platform teams and produce low level designs (LLD) that would meet the functional and non-functional requirements • Identifying, owning and resolving design related issues through the project lifecycle • Provides authoritative advice and guidance on any aspect of test planning and execution • Assists domain architecture team on solutions management and timing of financial spend for application solutions. People and Talent • As required provide mentoring and knowledge sharing to colleagues on in area of expertise. Risk Management • Conduct work adhering to the Bank’s established Risk Management frameworks. Governance • Assures solutions not only are a fit for the specific purpose but also closely align with the standards guidelines of technology solutions. • Communicates the architecture to the stakeholders and collaborates and coordinates with existing domain architects in the formalization and adoption of IT standards and procedures. • Directs the identification and recommendation of appropriate solutions, upgrades, replacements, or decommissioning options incorporating business and technology productivity, usability, and total cost of ownership.

Regulatory & Business Conduct • Display exemplary conduct and live by the Group’s Values and Code of Conduct. • Take personal responsibility for embedding the highest standards of ethics, including regulatory and business conduct, across Standard Chartered Bank. This includes understanding and ensuring compliance with, in letter and spirit, all applicable laws, regulations, guidelines and the Group Code of Conduct. Key Stakeholders • Security Technology Service domain heads • Application Security Scanning & Remediation Teams • Technology Services Infrastructure Engineering and Operations • Development team leads for various CIO streams