Senior Manager, Resilience Risk LAM

Role purpose

Resilience risk is HSBC’s ability to continue delivering important business services within agreed impact tolerances during disruption. It reflects how well we anticipate, withstand and recover from events such as technology or cyber incidents, process/control failures, third-party outages, physical disruption and data issues. We manage it by understanding critical services and dependencies, setting recovery objectives and impact tolerances, embedding resilience by design, and maintaining robust oversight aligned to business priorities and regulatory expectations.

Main activities

• Provide technical guidance to ensure stakeholders understand the resilience control environment and risk assessments, proportionate to the scale and complexity of operations.
• Translate issues, incidents, and top/emerging risks into clear business impacts for Lines of Business and key stakeholders, recommending changes to controls, resources, or operating models to remain within risk appetite.
• Enable risk and control owners to assess and evidence control design and operating effectiveness, and to address gaps promptly.
• Track external developments (e.g., regulatory, technology, threat landscape) to identify emerging resilience risks and specify the controls required to mitigate them.
• Provide targeted resilience risk expertise to help the First Line of Defence (1LoD) implement, operate, and sustain key mitigating controls.
• Provide technical input to GRR and regulatory reporting (e.g., RAS, top & emerging risks, risk profile reporting, RMM, and relevant Board reporting), ensuring accuracy, consistency, and timeliness.
• Ensure root causes of resilience risk issues and events are identified, validated, and remediated with sustainable corrective actions.
• Identify and escalate concerns relating to key controls and material change programmes, ensuring appropriate governance and decision-making.
• Partner with Lines of Business, key stakeholders, and 1LoD to drive timely escalation, resolution, and clear ownership of actions.
• Support regulatory and audit engagement on resilience risk, ensuring compliance and on-time closure of audit actions and findings.
• Build capability through training, coaching, and practical guidance to strengthen resilience risk awareness and execution to ensure robust understanding of resilience risks.

Requirements

Knowledge and Experience:

• Experience in risk management at a Globally Significant Financial Institution (GSFI).
• Understands the impact of resilience risk within HSBC Group and its commercial context and strategic ambitions.
• A good level of knowledge of the relevant regulatory landscape and ability to access the impact of proposed changes in regulatory rules to the bank, especially those pertaining to resilience risk.
• Knowledge of a financial institution’s business model, products, and key risk drivers.
• A deep understanding and technical expertise of Cyber Security risk and controls, including how this risk can be identified, assessed, monitored, controlled, and mitigated where relevant.
• Ability to lead and promote a strong risk control culture and continually improve risk awareness.
• Proven ability to develop networks with key stakeholders in a matrix structure.
• Support a multi-locational team of professionals.
• Providing expert advice and robust challenge, delivering risk management policies and managing risks and controls.

Skills:

• This role is expected to role‑model HSBC’s ‘How We Lead’ framework by creating a high‑performance, high‑care culture, using our common leadership language, behaviours and tools to deliver better outcomes for our customers, colleagues and stakeholders.
• Ability to present complex technical concepts and results to non-technical audiences in a persuasive and compelling manner.
• Team-oriented mentality combined with ability to complete tasks independently to a high-quality standard.
• A change agent who challenges the status quo diplomatically, constructively and positively in order to lead relevant strategies that enable safe growth of HSBC.

Qualifications:

• Relevant qualifications / certificates / experience (e.g. CISSP, CCSP, CISA, CRISC)
• A BA or BS University Degree, advanced degrees preferable, (e.g. MBA, MSc, PhD)

HSBC is an equal opportunity employer committed to building a culture where all employees are valued, respected and opinions count. We take pride in providing a workplace that fosters continuous professional development, flexible working and, opportunities to grow within an inclusive and diverse environment. We encourage applications from all suitably qualified persons irrespective of, but not limited to, their gender or genetic information, sexual orientation, ethnicity, religion, social status, medical care leave requirements, political affiliation, people with disabilities, color, national origin, veteran status, etc., We consider all applications based on merit and suitability to the role.