Head of Cyber Security Risk

If you’re looking for a career that will unlock new opportunities, join HSBC and experience the possibilities. Whether you want a career that could take you to the top, or simply take you in an exciting new direction, HSBC offers opportunities, support and rewards that will take you further.

Our Risk and Compliance function has a critical role to play in supporting, challenging and advising across all areas of the business through establishing policy, monitoring profiles, and identifying and managing forward-looking risk and compliance. We focus on creating an environment that encourages our people to speak up and do the right thing, as well as protecting our customers, the organisation and the integrity of the financial markets in which we operate. Already an industry-leader in many respects, we want to continue setting standards and evolving to respond to strategic changes.

Global Enterprise Risk Management (ERM) is a sub function of Group Risk and Compliance. Its purpose is to make sure HSBC understands and effectively controls its non-financial risk position, through end-to-end oversight of processes, risks, and controls and by robust stewardship of the bank's risk appetite to comply with risk, business and regulatory priorities.  It seeks to strengthen the risk culture across the organisation through the application of effective policies and frameworks that drive consistent risk management practices across our businesses and functions at global, regional and market level.

The role holder is responsible for overseeing the identification, assessment, and management of cyber security risks across the organization. This role involves ensuring that the company’s digital assets and information systems are secure, compliant with regulatory requirements, and aligned with industry best practices. The role holder will lead a team of cyber security professionals, collaborate with various departments, and act as a trusted advisor to senior leadership on all matters related to cyber risk across HSBC UK including WPB and CMB, UKRFB.

As an HSBC employee in the UK, you will have access to tailored professional development opportunities and a competitive pay and benefits package. This includes private healthcare for all UK-based employees, enhanced maternity and adoption pay and support when you return to work, and a contributory pension scheme with a generous employer contribution. 

In this role you will:
 

• Provide independent oversight and challenge to the prioritization of cyber security risks across the HSBC UK.
• Advise senior management, executives, and board-level committees on key cyber risks and emerging threats.
• Strengthen the partnership with HSBC Cybersecurity Technology. 
• Ensure compliance with relevant cyber security frameworks, standards, and regulations (e.g., NIST, ISO 27001, GDPR).
• Assess and manage the cyber security risks associated with third-party vendors and partners.

To be successful in this role you should meet the following requirements:

• In-depth knowledge of cyber security frameworks, standards, and regulations.
• Strong understanding of risk management principles and practices.
• Experience in managing senior stakeholders.
• Experience with incident response, threat intelligence, and vulnerability management.

This role is based in Birmingham or Sheffield on a Hybrid basis. 

Being open to different points of view is important for our business and the communities we serve. At HSBC, we’re dedicated to creating diverse and inclusive workplaces - no matter their gender, ethnicity, disability, religion, sexual orientation, or age. We are committed to removing barriers and ensuring careers at HSBC are inclusive and accessible for everyone to be at their best. 

If you have a need that requires accommodations or changes during the recruitment process, please get in touch with our Recruitment Helpdesk:

Email: hsbc.recruitment@hsbc.com

Telephone: +44 207 832 8500