Enterprise Risk Management - Cyber

Role purpose

If you’re critical thinker and passionate about technology-enabled business agility, resilience, and digital experience, while anticipating and help overcome associated risks, this is the role for you. As part of a diverse and seasoned team of technology and cybersecurity specialists, focused on governance, risk, controls (GRC) is a high visibility role that reports to US Head of Tech & Cyber Risk in Operational Resilience. You’ll have the opportunity to apply and grow your expertise to provide advisory, credible and insightful challenge to designated areas of first line operations, enhancing HSBC’s digital (CIO/CTO) and cyber (CISO) functions and operations. You will be collaborating with extended Global teams.

Main activities

• Oversee designated IT/Cyber functions or capabilities within IT ensuring emerging and best practices are considered while ensuring adoption of relevant HSBC Standards, Processes, Procedures, tech control library required to mitigate business risks while enabling innovation
• Partner with Enterprise or Core IT and Business technology orgs, oversee global scale digital transformation and operations to identify, measure, mitigate, monitor and report information, technology, and cybersecurity operational risks or issues including deep dives, targeted reviews, testing of controls
• Direct guidance, oversight and challenge on key Information Technology and Cybersecurity controls and capabilities, issues, Risk and Control Assessment (RCA), relevant KRI/KCI, material internal incidents, external events, and strategic bank transformation programs (change) to ensure risks are quantified and remediation undertaken.

Requirements

• Inquisitive, critical thinker, strong analytical skills, and fast learner
• Able to partner, collaborate, and interface with various stakeholders
• Bachelor’s Degree and 5+ years of experience in IT, Cyber operations, GRC, Audit, or 2LOD risk management
• Understanding of inherent and residual risk management principles, including experience with gap analysis and mitigating control and capabilities design, operation, and effectiveness assurance
• Knowledge preferred: DevOps, Cybersecurity, Hybrid Cloud, or Machine Learning.
  
  

HSBC is an equal opportunity employer committed to building a culture where all employees are valued, respected and opinions count. We take pride in providing a workplace that fosters continuous professional development, flexible working and, opportunities to grow within an inclusive and diverse environment. We encourage applications from all suitably qualified persons irrespective of, but not limited to, their gender or genetic information, sexual orientation, ethnicity, religion, social status, medical care leave requirements, political affiliation, people with disabilities, color, national origin, veteran status, etc., We consider all applications based on merit and suitability to the role.