An'yst, Active Threat Monitoring

Job ID: 28878

Location: Chennai, IN

Area of interest: Technology

Job type: Regular Employee

Work style: Office Working

Opening date: 16 May 2025

**Job Summary**
- This exciting opportunity within Active Threat Monitoring (part of the Group Threat Management) is to be a part of state-of-the-art team responsible for proactive identification, monitoring, and triage external cyber threats to the Group. The role reports to Lead, Active Threat Monitoring within Group Threat Management (part of Information & Cyber Security (ICS).- Active threat monitoring is responsible for detecting external cyber threats targeting brand (for example, brand infringement and/or malicious websites using our trademarks), our people (i.e., executive impersonation), and data (such as third-party breaches that may impact the Group). The team will work closely with various internal (Cyber Intelligence Centre, Cyber Defence Centre) and external teams, vendors, and partners.

**Key Responsibilities**

**Strategy**
- Responsible for implementing and following the external threat detection strategy regarding domain/brand infringement, impersonation, credential, and data loss.
- Awareness and understanding of the Group’s ICS Strategy and ICS objectives
- Working with stakeholders, particularly the Cyber Intelligence Centre, and Cyber Defence Centre, to establish cross-functional triage and mitigation strategies

**Business**
- Applies knowledge of tactical to strategic level intelligence analysis of cyber threats, vectors, and actors in support of Cyber Intelligence Centre detection and triaging requirements.
- Identify and establish relationship with internal and external stakeholders

**Processes**
- Collaborate with Group Threat Management functions, anti-fraud teams, C-level and executive offices, security monitoring operations, vulnerability management and risk assessments, network access control, incident response and maintenance.
- Proactively detect external cyber threats to the organisation.
- Build and implement clear, effective, and proactive plans for active threat monitoring and subsequent mitigation action.

**People & Talent**
- Work through example and build the appropriate culture and values
- Development in the areas of performance management, learning and development and engagement.

**Risk Management**
- Be aware of, identify and escalate all risk issues and concentrations in accordance to the firm’s Group Information and Cyber Security Policy. Where appropriate, direct remedial action and/or ensure adequate reporting to Risk Committees.
- Exemplify the Group’s values and code of conduct and ensure that adherence with the highest standards of ethics, and compliance with relevant policies, processes, and regulations.

**Governance**
- Build and implement external threat identification framework, methodology, gather and report on security metrics that demonstrate the relative cost/benefit of the function.
- Awareness and understanding of the regulatory framework, in which the Group operates, and the regulatory requirements and expectations relevant to the role.
- Agile change mindset to enable continuous improvement.

**Regulatory & Business Conduct**
- Display exemplary conduct and live by the Group’s Values and Code of Conduct.
- Take personal responsibility for embedding the highest standards of ethics, including regulatory and business conduct, across Standard Chartered Bank. This includes understanding and ensuring compliance with, in letter and spirit, all applicable laws, regulations, guidelines and the Group Code of Conduct.
- Effectively and collaboratively identify, escalate, mitigate, and resolve risk, conduct and compliance matters.

**Key stakeholders**
- Group CISO aligned functions including Cyber Security, Architecture, ICS Risk and Control, Identity and Access Control, ICS Portfolio, Heads of Information and Cyber Security (HICS) and other business stakeholders

**Other Responsibilities**
- Embed Here for good and Group’s brand and values in Group Threat Management, Active Threat Monitoring. Perform other responsibilities assigned under Group, Country, Business or Functional policies and procedures; Multiple functions (double hats);

**Skills and Experience**
- Ability to understand complex challenges and develop out-of-the-box solutions to solve them
- Ability to conceptualize, identify, evaluate, and synthesize information to formulate unbiased judgements, analytic lines, and relevant recommendations. Core
- Thorough understanding of cyber threat
- actors and their tactics, techniques, and procedures (TTPs) as well as existing CTI frameworks, CTI tools, and IT systems.
- Ability to determine whether existing constructs, frameworks, or tools
- require uplift, or if there is the need to develop new ones in response to innovations in adversary tradecraft or technologies
- Ability to present analytic conclusions, research, and methodologies to various audiences in an effective manner
- Ability to identi