Head of Consumer Sector - Client Coverage at Stanbic Bank

ROLES & RESPONSIBILITIES

Establish Governance & Build Knowledge

• Facilitate an information security governance structure within Country/Region through the implementation of a hierarchical governance program
• Provides regular reporting on the current status of the information security program to enterprise risk teams and senior business leaders as part of a strategic enterprise risk management program, thus supporting business outcomes
• Develops, socializes and coordinates approval and implementation of security policies within Country/Region
• Works with the vendor management office to ensure that information security requirements are included in contracts by liaising with vendor management and procurement organizations
• Directs the creation of a targeted information security awareness training program for all employees, contractors, and approved system users, and establishes metrics to measure the effectiveness of this security training program for the different audiences
• Understands and interacts with related disciplines, either directly or through committees, to ensure the consistent application of policies and standards across all technology projects, systems and services, including privacy, risk management, compliance and business continuity management
• Provides clear risk mitigating directives for projects with components in IT, including the mandatory application of controls
• Embeds Cyber Judgement across a decentralized or distributed decision making model
• Leads the security champion program to mobilize employees in all locations.
• Leadership
• Leads the information security function within the Country/Region to ensure consistent and high-quality information security management in support of the business goals
• Determines the information security approach and operating model in consultation with stakeholders and aligned with the risk management approach and compliance monitoring of non-digital risk areas
• Manages the budget for the information security function within Country/Region, monitoring and reporting discrepancies
• Manages the cost-efficient information security organization within Country/Region, consisting of direct reports and dotted line reports (such as individuals in business continuity and IT operations). This includes hiring (and conducting background checks), training, staff development, performance management and annual performance reviews.

Strategy

• Develops an information security vision and strategy that is aligned to the country/regions’ priorities and enables and facilitates the business objectives, and ensures senior stakeholder buy-in and mandate
• Develops, implements and monitors a strategic, comprehensive information security program to ensure appropriate levels of confidentiality, integrity, availability, safety, privacy and recovery of information assets owned, controlled or/and processed by the organization
• Assists with the identification of non-IT managed IT services in use (citizen IT) and facilitates a corporate IT onboarding program to bring these services into the scope of the IT function, and apply standard controls and rigor to these services; where this is not possible, ensures that risk is reduced to the appropriate levels and ownership of this information security risk is clear
• Works effectively with business units within country/region to facilitate information security risk assessment and risk management processes, and empowers them to own and accept the level of risk they deem appropriate for their specific risk appetite.

Framework Development

• Develops and enhances an up-to-date information security management framework based on the following: International Organization for Standardization (ISO) 2700X, ITIL, COBIT/Risk IT and National Institute of Standards and Technology (NIST) Cybersecurity Framework, PCI-DSS
• Creates and manages a unified and flexible, risk-based control framework to integrate and normalize the wide variety and ever-changing requirements resulting from global laws, standards and regulations
• Develops and maintains a document framework of continuously up-to-date information security policies, standards and guidelines. Oversees the approval and publication of these information security policies and practices
• Creates a framework for roles and responsibilities with regard to information ownership, classification, accountability and protection of information assets
• Facilitates a metrics and reporting framework to measure the efficiency and effectiveness of the program, facilitates appropriate resource allocation, and increases the maturity of the information security, and reviews it with stakeholders at the executive and board levels

Collaborative Functions

• Provides input for the IT section of the company's code of conduct
• Creates the necessary internal networks among the information security team and line-of-business executives, corporate compliance, audit, physical security, legal and HR management teams to ensure alignment as required
• Builds and nurtures external networks consisting of industry peers, ecosystem partners, vendors and other relevant parties to address common trends, findings, incidents and cybersecurity risks
• Liaises with external agencies, such as law enforcement and other advisory bodies, as necessary, to ensure that the organization maintains a strong security posture and is kept well-abreast of the relevant threats identified by these agencies
• Liaises with the enterprise architecture team to build alignment between the security and enterprise (reference) architectures, thus ensuring that information security requirements are implicit in these architectures and security is built in by design.

Operational Functions

• Creates a risk-based process for the assessment and mitigation of any information security risk in the ecosystem consisting of supply chain partners, vendors, consumers and any other third parties
• Works with the compliance staff to ensure that all information owned, collected or controlled by or on behalf of the company is processed and stored in accordance with applicable laws and other global regulatory requirements, such as data privacy
• Collaborates and liaises with the data privacy officer to ensure that data privacy requirements are included where applicable
• Defines and facilitates the processes for information security risk and for legal and regulatory assessments, including the reporting and oversight of treatment efforts to address negative findings
• Ensures that security is embedded in the project delivery process by providing the appropriate information security policies, practices and guidelines
• Oversees technology dependencies outside of direct organizational control. This includes reviewing contracts and the creation of alternatives for managing risk
• Manages and contains information security incidents and events to protect corporate IT assets, intellectual property, regulated data and the company's reputation
• Monitors the external threat environment for emerging threats, and advises relevant stakeholders on the appropriate courses of action
• Develops and oversees effective disaster recovery policies and standards to align with the enterprise business continuity management (BCM) program goals, with the realization that components supporting primary business processes may be outside the corporate perimeter
• Coordinates the development of implementation of incident response plans and procedures to ensure that business-critical services are recovered in the event of a security event; provides direction, support and in-house consulting in these areas
• Facilitates and supports the development of asset inventories, including information assets in cloud services and in other parties in the organization's ecosystem.

Knowledge & Skills

• Knowledge and understanding of relevant legal and regulatory requirements, such as: International Organization for Standardization (ISO) 2700X, ITIL, COBIT/Risk IT and National Institute of Standards and Technology (NIST) Cybersecurity Framework, PCI-DSS
• Knowledge of common information security management frameworks, such as ISO/IEC 27001, ITIL, COBIT as well as those from NIST, including 800-53 and Cybersecurity Framework
• Sound knowledge of business management and a working knowledge of information security risk management and cybersecurity technologies
• Up-to-date knowledge of methodologies and trends in both business and IT
• Demonstrated experience and success in senior leadership roles in risk management, information security, and IT or OT security
• Degree in business administration or a technology-related field, or equivalent work- or education-related experience
• Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA),  Certified in Risk and Information Systems Control (CRISC), ISO 27001 Lead Auditor/Lead Implementer o r other similar credentialsDevelop and drive the execution of the Client Coverage sector(s) strategy
• Develop and implement the country sector(s) strategy in line with the overall strategy and parameters set by the PRMC (Portfolio Risk Management Committee). Provides strategic sector(s) positioning and direction for the country.
• Set and drive the achievement of sector(s) specific financial targets, such as, revenue, ROEs, etc. and achieve the budgeted profitability that will result in increased sector(s) revenue and profitability for the country.
• Provide the required industry sector(s) strategic leadership, at a local/regional level, to enable strategic execution of the specific sector(s) in all relevant operations.
• Drive overall leadership of banking activities and solutions in the specific local/regional sector(s).
•  
• Build Standard Bank’s profile in the industry
• Continuously build Standard Bank’s industry profile with high level, representation at conferences, workshops, expert panels, key industry events, publications and other marketing events which fit SB’s market focus. Increase Standard Bank positioning and involvement in all specific sector(s) opportunities locally/regionally for country.
• Develop client specific marketing
• programmes and assist with the execution of the local/regional sector(s)
• marketing plan for existing and new clients. Enhanced client coverage and
• execution and effectiveness of the marketing plan.

• Manage and Drive Financial Performance of sector(s)
• Define and set the target financial performance for the sector(s) at a local/regional level for the country.
• Drive integrated financial performance management of the sector(s) through defined objectives for individuals/teams.
• Drive and own annual sector(s) budget together with product houses and monitor actual performance against budget.
• Continuously identify opportunities for cost reduction and improved efficiency for the sector(s) at a local/regional level for the country.
• Ensure all operational and activity costs remain within the allocated budget for local/regional sector(s) for the country.

Develop and share in-depth industry knowledge

• Maintain detailed and current understanding of the industry (at a macro-global level, specific regional or local issues and key clients) to ensure that new opportunities for Standard Bank are capitalised and threats are quickly identified.
• Develop and drive a deep understanding of the industry’s market environment and opportunities and continuous assessment of competitor landscapes, threats and commercial opportunities for the client.
• Continuously, and through different channels, share industry knowledge expertise with the resources deployed to the sector(s) and internal stakeholders.
• Ensure that individuals have the necessary context to operate in the sector(s), and contribute to the up-skilling and development of others.

Build and Manage Client Relationship

• Forge, build and maintain strategic relationships with high level stakeholders from key clients to drive the development and delivery of business solutions and revenue growth for the specific sector (s).
• Generate and share strategic insights around clients on an ongoing basis, leverage external credibility to personally maintain and deepen client relationships at the appropriate level and foster long-term client relationships.
• Develops in-depth knowledge of the key clients’ strategy, business context and financial performance.
• Ensure that teams can proactively respond and anticipate key client requirements, and position Standard Bank as a strategic advisor.
• Share sector(s) knowledge with the CSTs so that the team members can proactively respond and anticipate client requirements.
• Provide strategic input and guidance to the development and execution of strategic client plans (together with the core CST) in line with the broader strategy.
• Ensure client plans are aligned to the sector(s) strategy.
• Administration and analysis of the Client Service Surveys, as well as the implementation of focused action plans needed to address the gaps identified.
• Address and identify gaps and ensure there is improvement in levels of client satisfaction.

Lead the area efficiently and effectively

• Lead the development of innovative solutions tailored to the specific sector(s) needs which will allow Standard Bank to meet the sector(s) business requirements.
• Identify and drive high level, multi-product & cross-border solutions to enhance the delivery of customised services and products and SB’s positioning as the bank of choice in the sector(s).
• Maintain proficient and relevant knowledge of products, services and capabilities across the bank (in all relevant geographies) to ensure relevant and informed client conversations.
• Leverage research products offered by the bank for the client’s advantage and focus on enhancing cross-selling opportunities and originating profitable transactions in conjunction with the product areas.

Provide Internal Leadership and Guidance

• Continuously internally position the sector(s) in Standard Bank, by demonstrating the potential business opportunities and the need for the bank to operate in the sector(s).
• Gain internal support and buy-in across divisions that will support the achievement of business objectives.
• Provide a framework under which all should operate to ensure the necessary controls, monitoring and support are in place to achieve high levels of client service and solutions development. Ensure leadership and guidance of resources allocated to sector clients.
• Embed the client engagement model within the strategy and act as facilitator between business units on deployment of resources to the sector(s) with a focus on risk optimisation, efficient limit and capital utilisation and maximising profitability.
• Oversee robust allocation of resources and the effective management of Bank
• Relationship Management Teams across relevant geographies and the strategic use of capacities (in partnership with the Head of Client Coverage).

Manage risk and compliance

• Manage the level of exposure and set limits within the bank’s risk appetite for the particular sector(s). Systematic risk management and mitigation approach.
• Act as the “first line of defence” as required by the Credit Standard. Early warning of portfolio stress communicated to all relevant stakeholders.
• Provide sector leadership at various Risk forums. Aligned objectives between Sector and Credit.
• Drive a culture of proactive compliance in the area.
• Keep abreast of new legislation and its impact on the operational areas and customers.

Lead the area efficiently and effectively

• Lead and continuously develop resources deployed to the local team, and build a credible and capable sector team (in partnership with the relevant Client Coverage Heads). Credible and effective sector team that has the skills to respond to the clients’ requirements.
• Mentor individuals from other divisions or sectors, by providing them with relevant guidance and coaching. Contribute to the internal development of capability and talent retention.
• Collaborate with Human Capital, to develop the people strategy for the sector with a focus on talent management, resourcing, development and retention.
• Conduct performance appraisals for direct reports.
• Sets clear performance standards for each team member, monitors the performance and provides regular feedback. Encourage team members to express their views, resolve issues raised by the team, escalates issues if required and provides feedback to teams on an ongoing basis.

Oversee and Manage the efficient delivery of services to clients for sector(s)

• Address gaps in the business architecture (process, technology or people) that could prevent the success of the strategy and objectives defined for the sector(s).
• Provide the required strategic leadership to enable transaction execution for key clients.
• Continuously identify and implement opportunities of continuous improvement in the sector(s) by using personal discretion or initiative
• Lead the development of innovative solutions tailored to the client’s needs which will allow the country to meet the business requirements.
• Maintain a proficient and relevant knowledge of products, pricing, services and capabilities across the sector(s) to ensure relevant and informed client conversations.
• Develop short term and long term sales and product plans, focusing on customers, competition, profitability, product life cycle and service consideration, in addition to organizing sales programs for growth and product penetration for the sector(s).

Minimum Requirements

• Honours Degree in Business Commerce or other discipline relevant to the specific sector(s). Other relevant qualifications including post graduate qualifications such as an MBA or an MSc. In Finance or related field

Experience Required

• Minimum of 10 years of relevant experience in Agri business sector, Consumer Package Goods and Beverages as well as the retail sector and dealing with this industry stakeholders at an Executive level. Strong Origination experience and product knowledge is also desired.
• 7 - 10 years in Investment Banking in leadership role
• Experience in Client Coverage is an added benefit.