Overview
Insider Threat Analyst (India, Malaysia) Jobs in Technology, Nakuru, Kenya at Standard Chartered
Title: Insider Threat Analyst (India, Malaysia)
Company: Standard Chartered
Location: Technology, Nakuru, Kenya
Job Summary
Ready to take the next step in your career with us?
To us, good performance is about much more than turning a profit. It's about showing how you embody our valued behaviours – do the right thing, better together and never settle – as well as our brand promise, Here for good.
We're committed to promoting equality in the workplace and creating an inclusive and flexible culture – one where everyone can realise their full potential and make a positive contribution to our organisation. This in turn helps us to provide better support to our broad client base.
About The Team
The Insider Threat Defence Team (part of the Cybersecurity & Anti-Crime Technology function within Technology & Operations) is a relatively new team, which has started to make a big impact. The team works with stakeholders and peers across the Bank to detect, investigate and manage events which may harm the Bank or its’ assets.
About The Role
We now need an Insider Threat Investigator to help us grow further.
In this role, you will be responsible for leading the day-to-day efforts to identify and assess insider risks, threats, and events as well as help identify control weaknesses and drive control enhancements across a wide variety of business and functions at Standard Chartered.
As a senior specialist in the team you will be involved in complex investigations and surveillance of known or suspected threats as well as escalation to relevant stakeholders and partner functions including outcome management.
The successful candidate will have 3+ years in cybersecurity and experience in conducting investigations, including forensics, applying risk assessment methodologies to uncover control gaps in business processes, applications, and assets. The candidate is expected to leverage relevant tools, data and analytics to independently conduct end-to-end insider threat investigations.
Key Responsibilities
Strategy
- Work with the Head of Insider Threat Defence to create long-term strategies for identifying and mitigating emerging insider risks.
- Identify patterns and trends in insider threat incidents to inform strategic decision-making.
- Continuously monitor user activity and system logs for suspicious behaviours using insider threat detection tools.
- Analyse behavioural and digital data to identify high-risk individuals or activities.
- Provide actionable insights to senior leadership, including quarterly and annual reports on program effectiveness.
Business
- Collaborate with HR, Legal, and IT teams to align insider threat policies with organizational goals and compliance requirements.
- Facilitate cross-functional communication and ensure alignment on mitigation strategies.
- Responsible for investigating a diverse range of insider incidents, including physical policy violations, data leaks, espionage, frauds, and theft of IP.
- Gather and analyse evidence, conduct interviews, apply technical expertise to identify root cause(s) and present legally compliant, objective findings and recommendations to stakeholders at all levels.
- Ensure compliance with regulatory requirements and internal policies during investigations and program development.
Processes
- Work with internal stakeholders to perform data correlation and enrichment across multiple sources (cyber, fraud, insider, physical, external threat intelligence).
- Use AI-enabled analytics capabilities, including within platforms such as Databricks, to enhance, tune and drive insider threat detection use cases, including the development of risk indicators, detection logic and actionable insights.
- Responsible for logging, prioritising and managing incidents reported by stakeholders and those received by the Insider Team via various channels.
- Responsible for escalation of major incidents to the relevant stakeholders, ensuring proper communication and coordination throughout the incident resolution process.
- Provide consultation on analysis of incident data to identify trends, recurring issues, and areas requiring improvement.
- Consult, provide recommendations, and assist leadership in the design, implementation, and execution of solutions to achieve the objectives of the Insider Threat Team.
- Consult the Head of Insider Threat in developing trends and insights based upon datasets to drive continual improvements.
- Provide consultation to the Insider Team in support of creating the insider threat assessment framework, methodology, gather and report on security metrics that demonstrate the relative cost/benefit of the security operations and other cybersecurity initiatives.
People & Talent
- Foster a culture of excellence, mentorship, and continuous learning within the team.
- Cultivate a collaborative and inclusive environment to maximize team productivity and effectiveness.
- Lead through example and build the appropriate culture and values. Set appropriate tone and expectations from their team and work in collaboration with risk and control partners.
Risk Management
- Create operational plans and reports for business and functions in respect of Insider Threat Risk management.
- Implement and oversee risk management protocols to minimize potential vulnerabilities.
- Regularly assess the risk landscape and adapt strategies to address new and existing threats.
- Conduct regular risk assessments to identify vulnerabilities and threats to the organization’s data.
- Provide consultation in support of status reporting to senior management, relevant working groups and Committees. Responsible for escalation of any material blockers and impediments in a timely manner.
- Develop and implement mitigation strategies to address identified risks.
- Monitor and analyse security incidents to improve response strategies.
Governance
Promote an environment where compliance with internal control functions and the external regulatory framework is a central priority of the service.
Regulatory & Business Conduct
- Display exemplary conduct and live by the Group’s Values and Code of Conduct.
- Take personal responsibility for embedding the highest standards of ethics, including regulatory and business conduct, across Standard Chartered Bank. This includes understanding and ensuring compliance with, in letter and spirit, all applicable laws, regulations, guidelines and the Group Code of Conduct.
- Effectively and collaboratively identify, escalate, mitigate and resolve risk, conduct and compliance matters.
Key stakeholders
- Technology & Operations
- Information & Cyber Security
- Cybersecurity & Anti-crime Technology
- Cyber Defence Centre
- Insider threat Operations
- Anti-crime Analytics
- Group Threat Management
- Data Loss Prevention
- Fusion Technologies Working groups
- CISO functions
- Group Investigations
Skills And Experience
- Advanced proficiency in, and understanding of, SIEM tools such as Splunk, including the ability to query, analyse and interpret security event data to support insider threat detection and investigations. Familiarity with UEBA solutions and data loss prevention (DLP) technologies is advantageous.
- Working knowledge of insider threat platforms, such as Microsoft Purview Insider Risk Management, including the triage, assessment and handling of alerts generated by these platforms.
- Familiarity with insider threat frameworks (e.g. MITRE, CERT), and knowledge of human-centric risk indicators.
- Ability to write clear reports and communicate findings to technical and non-technical audiences.
Technical Competency
- Knowledge of industry best practices and frameworks such as the NIST Cybersecurity Framework (CSF), MITRE ATT&CK, etc.
- Strong SQL skills are required to query, analyse and interpret large datasets for insider threat detection and investigations.
- Working knowledge of Databricks or similar analytics platforms is advantageous, including use of AI-enabled analytics features to enhance detection logic, identify anomalies and generate actionable insights.
- Ability to use tools, data, and best practices to identify, assess, and manage potential Insider events as well as advise and guide others.
- SIEMs (Splunk preferred), big data platforms (Databricks, Hadoop, etc.), and automation tools
Qualifications
- Degree or equivalent experience in digital forensics, insider threat investigation or significant work history in related roles.
- 3+ years of experience in cybersecurity, with at least 1 year focused on insider threat detection, behavioural analysis or threat hunting.
- Cyber security certifications (e.g., CISSP, CISM, etc.), insider threat certifications (e.g., ITPM, GCITP, etc.), Incident Management, Forensics or Investigation-focused certifications will be advantageous.
About Standard Chartered
We're an international bank, nimble enough to act, big enough for impact. For more than 170 years, we've worked to make a positive difference for our clients, communities, and each other. We question the status quo, love a challenge and enjoy finding new opportunities to grow and do better than before. If you're looking for a career with purpose and you want to work for a bank making a difference, we want to hear from you. You can count on us to celebrate your unique talents and we can't wait to see the talents you can bring us.
Our purpose, to drive commerce and prosperity through our unique diversity, together with our brand promise, to be here for good are achieved by how we each live our valued behaviours. When you work with us, you'll see how we value difference and advocate inclusion.
Together We
- Do the right thing and are assertive, challenge one another, and live with integrity, while putting the client at the heart of what we do
- Never settle, continuously striving to improve and innovate, keeping things simple and learning from doing well, and not so well
- Are better together, we can be ourselves, be inclusive, see more good in others, and work collectively to build for the long term
What We Offer
In line with our Fair Pay Charter, we offer a competitive salary and benefits to support your mental, physical, financial and social wellbeing.
- Core bank funding for retirement savings, medical and life insurance, with flexible and voluntary benefits available in some locations.
- Time-off including annual leave, parental/maternity (20 weeks), sabbatical (12 months maximum) and volunteering leave (3 days), along with minimum global standards for annual and public holiday, which is combined to 30 days minimum.
- Flexible working options based around home and office locations, with flexible working patterns.
- Proactive wellbeing support through Unmind, a market-leading digital wellbeing platform, development courses for resilience and other human skills, global Employee Assistance Programme, sick leave, mental health first-aiders and all sorts of self-help toolkits
- A continuous learning culture to support your growth, with opportunities to reskill and upskill and access to physical, virtual and digital learning.
- Being part of an inclusive and values driven organisation, one that embraces and celebrates our unique diversity, across our teams, business functions and geographies – everyone feels respected and can realise their full potential.