u/Helpful-Path

Hey folks,

I’m currently working as a Senior Technical Lead at EY (Gurgaon) with ~5 YOE in backend engineering (Java, microservices, system design and some security work)

I’ve got one opportunity from Standard Chartered for an Information Security Manager role in Bangalore. Based on discussions with the interviewer/HR, the role is supposed to be:

• Hands-on (individual contributor)
• Focused on cloud security (AWS/Azure), Python/Terraform
• Work includes design, development, vulnerability assessments, security controls

I’m trying to understand the real picture before making a decision.

A few specific questions:

1. How much of this role is actually hands-on (coding/design) vs governance/compliance?
2. Does the work stay technical over time, or does it drift into risk/audit-heavy responsibilities?
3. How strong is the engineering culture in SCB’s security teams (especially in Bangalore)?
4. For someone coming from a backend background, is this a good long-term move?
5. Any exposure to AI/ML or automation-heavy security work, or is it mostly tooling/compliance?

My goals:

• I enjoy design + development + security
• I want to grow in Python and AI/GenAI going forward
• Not looking to move into a purely governance role too early

Would really appreciate insights from anyone in (especially InfoSec / cloud security teams) or similar banking roles.

Thanks in advance!