Insider Threat Analyst (Malaysia/India)
Indexed description
- To us, good performance is about much more than turning a profit. It's about showing how you embody our valued behaviours - do the right thing, better together and never settle - as well as our brand promise, here for good.
- We're committed to promoting equality in the workplace and creating an inclusive and flexible culture - one where everyone can realise their full potential and make a positive contribution to our organisation. This in turn helps us to provide better support to our broad client base.
About The Role
We now need an Insider Threat Investigator to help us grow further.
In this role, you will be responsible for leading the day-to-day efforts to identify and assess insider risks, threats, and events as well as help identify control weaknesses and drive control enhancements across a wide variety of business and functions at Standard Chartered. As a senior specialist in the team you will be involved in complex investigations and surveillance of known or suspected threats as well as escalation to relevant stakeholders and partner functions including outcome management.
The successful candidate will have experience in conducting investigations, including forensics, applying risk assessment methodologies to uncover control gaps in business processes, applications, and assets. The candidate is expected to leverage relevant tools, data and analytics to independently conduct end-to-end insider threat investigations.
Key Responsibilities
Strategy
- Work with the Head of Insider Threat Defence to create long-term strategies for identifying and mitigating emerging insider risks..
- Identify patterns and trends in insider threat incidents to inform strategic decision-making.
- Continuously monitor user activity and system logs for suspicious behaviours using insider threat detection tools.
- Analyse behavioural and digital data to identify high-risk individuals or activities.
- Provide actionable insights to senior leadership, including quarterly and annual reports on program effectiveness.
- Collaborate with HR, Legal, and IT teams to align insider threat policies with organizational goals and compliance requirements.
- Facilitate cross-functional communication and ensure alignment on mitigation strategies.
- Responsible for investigating a diverse range of insider incidents, including physical policy violations, data leaks, espionage, frauds, and theft of IP. Gather and analyze evidence, conduct interviews, apply technical expertise to identify root cause(s) and present legally compliant, objective findings and recommendations to stakeholders at all levels.
- Ensure compliance with regulatory requirements and internal policies during investigations and program development.
- Support the configuration, maintenance and ongoing refinement of insider risk detection workflows, including policy logic, risk indicators, alert thresholds and case triage processes, using relevant enterprise platforms such as Microsoft Purview Insider Risk Management where applicable.
- Support the development, maintenance and continuous improvement of insider threat dashboards and data visualisations to enable risk reporting, trend analysis, case oversight and management decision making.
- Responsible for logging, prioritising and managing incidents reported by stakeholders and those received by the Insider Team via various channels.
- Responsible for escalation of major incidents to the relevant stakeholders, ensuring proper communication and coordination throughout the incident resolution process.
- Provide consultation on analysis of incident data to identify trends, recurring issues, and areas requiring improvement.
- Consult, provide recommendations, and assist leadership in the design, implementation, and execution of solutions to achieve the objectives of the Insider Threat Team.
- Consult the Head of Insider Threat in developing trends and insights based upon datasets to drive continual improvements.
- Provide consultation to the Insider Team in support of creating the insider threat assessment framework, methodology, gather and report on security metrics that demonstrate the relative cost/benefit of the security operations and other cybersecurity initiatives.
- Foster a culture of excellence, mentorship, and continuous learning within the team.
- Cultivate a collaborative and inclusive environment to maximize team productivity and effectiveness.
- Lead through example and build the appropriate culture and values. Set appropriate tone and expectations from their team and work in collaboration with risk and control partners.
- Create operational plans and reports for business and functions in respect of Insider Threat Risk management.
- Implement and oversee risk management protocols to minimize potential vulnerabilities.
- Regularly assess the risk landscape and adapt strategies to address new and existing threats.
- Conduct regular risk assessments to identify vulnerabilities and threats to the organization’s data.
- Provide consultation in support of status reporting to senior management, relevant working groups and Committees. Responsible for escalation of any material blockers and impediments in a timely manner.
- Develop and implement mitigation strategies to address identified risks.
- Monitor and analyse security incidents to improve response strategies.
- Promote an environment where compliance with internal control functions and the external regulatory framework is a central priority of the service.
- Display exemplary conduct and live by the Group’s Values and Code of Conduct.
- Take personal responsibility for embedding the highest standards of ethics, including regulatory and business conduct, across Standard Chartered Bank. This includes understanding and ensuring compliance with, in letter and spirit, all applicable laws, regulations, guidelines and the Group Code of Conduct.
- Effectively and collaboratively identify, escalate, mitigate and resolve risk, conduct and compliance matters
- Technology & Operations
- Information & Cyber Security
- Cybersecurity & Anti-crime Technology
- Cyber Defence Centre
- Insider threat Operations
- Anti-crime Analytics
- Group Threat Management
- Data Loss Prevention
- Fusion Working groups
- CISO functions & Group Investigations
- 3+ years of experience in cybersecurity, with at least 1 year focused on insider threat detection, behavioural analysis or threat hunting.
- Working knowledge of insider threat platforms (e.g. Microsoft Purview Insider Risk Management), including configuring policies, tuning risk indicators and alerts, and optimising tool workflows to support effective investigations
- Proficiency in SIEM tools (e.g. Splunk), UEBA solutions and data loss prevention (DLP) technologies
- Familiarity with insider threat frameworks (e.g. MITRE, CERT), and knowledge of human-centric risk indicators.
- Ability to write clear reports and communicate findings to technical and non-technical audiences.
- Microsoft Purview Insider Risk Management and PowerBI
- Knowledge of industry best practices and frameworks such as the NIST Cybersecurity Framework (CSF), MITRE ATT&CK, etc.
- Experience developing data visualisation dashboards (e.g. Power BI) to support risk reporting and management insights would be advantageous.
- Ability to use tools, data, and best practices to identify, assess, and manage potential Insider events as well as advise and guide others.
- Hands-on experience with insider threat tools, such as Microsoft Purview Insider Risk Management, and relevant Microsoft security platforms to support investigation, detection and risk management activities.
- Education: Degree or equivalent experience in digital forensics, insider threat investigation or significant work history in related roles.
- Cyber security certifications (e.g., CISSP, CISM, etc.), insider threat certifications (e.g., ITPM, GCITP, etc.), Incident Management, Forensics or Investigation-focused certifications will be advantageous.
Collaborates
Customer Focus
Gives Clarity & Guidance
Manages Ambiguity
Develops Talent
Drives Vision & Purpose
Nimble Learning
Decision Quality
Courage
Instills Trust
Strategic Mindset
Technical Competencies: This is a generic competency to evaluate candidate on role-specific technical skills and requirements
About Standard Chartered
We're an international bank, nimble enough to act, big enough for impact. For more than 170 years, we've worked to make a positive difference for our clients, communities, and each other. We question the status quo, love a challenge and enjoy finding new opportunities to grow and do better than before. If you're looking for a career with purpose and you want to work for a bank making a difference, we want to hear from you. You can count on us to celebrate your unique talents and we can't wait to see the talents you can bring us.
Our purpose, to drive commerce and prosperity through our unique diversity, together with our brand promise, to be here for good are achieved by how we each live our valued behaviours. When you work with us, you'll see how we value difference and advocate inclusion.
Together We
- Do the right thing and are assertive, challenge one another, and live with integrity, while putting the client at the heart of what we do
- Never settle, continuously striving to improve and innovate, keeping things simple and learning from doing well, and not so well
- Are better together, we can be ourselves, be inclusive, see more good in others, and work collectively to build for the long term
- Core bank funding for retirement savings, medical and life insurance, with flexible and voluntary benefits available in some locations.
- Time-off including annual leave, parental/maternity (20 weeks), sabbatical (12 months maximum) and volunteering leave (3 days), along with minimum global standards for annual and public holiday, which is combined to 30 days minimum.
- Flexible working options based around home and office locations, with flexible working patterns.
- Proactive wellbeing support through Unmind, a market-leading digital wellbeing platform, development courses for resilience and other human skills, global Employee Assistance Programme, sick leave, mental health first-aiders and all sorts of self-help toolkits
- A continuous learning culture to support your growth, with opportunities to reskill and upskill and access to physical, virtual and digital learning.
- Being part of an inclusive and values driven organisation, one that embraces and celebrates our unique diversity, across our teams, business functions and geographies - everyone feels respected and can realise their full potential.
Visit our careers website www.sc.com/careers
Create a free Caio profile to unlock more results and save your role and location preferences.
Unlock free search