Lead Business Analyst

Some careers have more impact than others.

If you’re looking for a career where you can make a real impression, join HSBC and discover how valued you’ll be.

We are currently seeking an experienced professional to join our team in the role of Lead Business Analyst.

Business:CTO

Principal responsibilities

• Risk Governance and Framework: Develop, maintain, and implement IT risk management policies, standards, and control frameworks (e.g., ISO27001, NIST, COBIT).
• Risk Assessment and Monitoring: Conduct regular risk assessments and Control Self-Assessments (CSA) for technology initiatives, infrastructure, and information assets.
• Control Assurance: Establish, monitor, and update Key Risk Indicators (KRIs) and Key Controls to ensure operating effectiveness.
• Regulatory Compliance: Ensure IT practices comply with local regulations (e.g., HKMA, GDPR, PCI-DSS) and act as a focal point for internal and external audit examinations.
• Incident Management & Remediation: Lead IT incident investigation, perform root cause analysis (RCA), and ensure prompt rectification of control weaknesses.
• Third-Party Risk Management: Oversee information security risk management for vendor onboarding and off-boarding.
• Reporting: Prepare detailed risk reports, dashboards, and MI for senior management and Risk Committees

Requirements

• Education: Bachelor’s degree in Information Technology, Computer Science, Information Security, or a related field.
• Experience: 5+ years of relevant experience in technology risk management, IT audit, or IT security within the banking/financial services industry.
• Certifications: Professional certifications such as CISA, CISSP, CISM, CRISC, or similar are strongly preferred.
• Technical Knowledge: Understanding of IT general controls (ITGC), cybersecurity best practices, data protection, and cloud security principles.
• Regulatory Knowledge: Familiarity with local financial authority regulations and technical risk management guidelines

Core Skills

• Analytical Thinking: Ability to identify and quantify complex technology risks.
• Communication: Excellent interpersonal skills to influence and collaborate with first-line business units and stakeholders.
• Problem-Solving: Proven ability to define and drive the implementation of remediation plans.
• Leadership: Ability to lead IT risk awareness initiatives and work under pressure

You’ll achieve more when you join HSBC.

HSBC is an equal opportunity employer committed to building a culture where all employees are valued, respected and opinions count. We take pride in providing a workplace that fosters continuous professional development, flexible working and, opportunities to grow within an inclusive and diverse environment. We encourage applications from all suitably qualified persons irrespective of, but not limited to, their gender or genetic information, sexual orientation, ethnicity, religion, social status, medical care leave requirements, political affiliation, people with disabilities, color, national origin, veteran status, etc., We consider all applications based on merit and suitability to the role.

Personal data held by the Bank relating to employment applications will be used in accordance with our Privacy Statement, which is available on our website.

***Issued By HSBC Software Development (GuangDong) Limited***