Assistant Manager Third Party Risk and Resilience CCO AMH

Location: 

Kowloon City, Kowloon, HK


Brand:  HSBC
Area of Interest: 
Closing Date: 
Date:  16 Jun 2026

Job description

GCB 6

Job Summary:

We are seeking a self-motivated and detail-oriented Third Party Risk Assistant Manager to join our 1st Line business team in Hong Kong (hybrid working). The successful candidate will support the identification, assessment, remediation and ongoing management of the risks to which HSBC is exposed when buying goods or services provided by a third party. This role involves working with multiple stakeholders across the business to drive consistent execution of the third party risk management framework, support high-quality risk assessments, review/challenge risk acceptance requests (and route for approval), and help ensure compliance with internal and external requirements.

Key Responsibilities:

Stakeholder Collaboration:

  • Being a key contact point for third party risk-related matters.
  • Liaise with various stakeholders including engagement risk owners, engagement managers, control owners, business service owners and risk stewards to implement third party risk and control-related enhancements/activities.
  • Communicate the importance of third party risk management to key stakeholders while ensuring that third party risks are within HSBC’s risk appetite.
  • Provide practical guidance to stakeholders on third party risk requirements, timelines and evidence expectations; follow up to drive timely completion of actions.

Training and Awareness:

  • Support continuous improvements to the third party risk management framework while upskilling staff, improving process performance, and risk management effectiveness.
  • Contribute to the development/refresh of guidance materials (e.g., checklists, templates, FAQs) to improve consistency and quality of execution.

Risk Assessment and Mitigation:

  • Assist and support engagement managers to ensure that:
  1. appropriate approvals are obtained during various steps of the third party onboarding process; and
  2. risk assessments, materiality assessments and control tasks are completed accurately, with appropriate evidence.
  • Ensure that contracts are not executed prior to completion of all pre-contract risk activities unless the appropriate risk acceptance is in place.
  • Review and challenge the outputs of the risk assessment by spotting illogical inputs, inconsistencies, or insufficient evidence; drive rework where required.
  • Review and challenge risk acceptance requests and ensure they are appropriately documented and routed for approval (the role does not approve risk acceptances).
  • Identify opportunities for, and implement, control rationalisation and cost reduction initiatives while maintaining effective risk coverage.
  • Breaches or issues are escalated, and remediation plans are in place and monitored to closure.
  • Work with various stakeholders to update business risk and control assessments and continuous control monitoring to reflect end-to-end third party risk management.

Third Party Due Diligence: Ensure third party due diligence tasks are completed on a timely basis; follow up on overdue items and exceptions to drive completion.

Third Party Record Keeping: Ensure third party records are accurate, well maintained and kept up to date, with a clear audit trail and appropriate supporting documentation.

Monitoring and Reporting:

  • Produce management information to explain the third party risk portfolio while ensuring compliance with third party risk policies.
  • Exceptions are escalated, tracked, resolved and reported through relevant governance forums/committees.
  • Facilitate senior management decision-making using analytical and problem-solving skills to make recommendations from a risk and control perspective.
  • Ensure that deadlines are met.

Audit and Compliance: Answer queries on third party requirements, ensuring that there are no breaches or adverse audit findings

Requirements:

  • Education: University graduate with bachelor’s degree in Business Administration, Risk Management, Finance, or a related field (or equivalent experience).
  • Experience: Minimum of 2 years’ experience in risk management, compliance, operational risk, procurement risk, or related fields, ideally from a bank or financial institution. Experience with third party risk management is highly desirable.
  • Knowledge: Solid understanding of risk management principles, compliance standards and regulatory frameworks.
  • Analytical Skills: Strong analytical and problem-solving skills, with the ability to identify and mitigate risks effectively.
  • Project Management Skills: Proficient project management capabilities and familiarity with change delivery/business process re-engineering, as HSBC is currently refining the third party process.
  • Communication: Excellent verbal and written communication skills in English and Cantonese, with the ability to convey complex concepts to various stakeholders.
  • Teamwork: Demonstrated ability to work collaboratively with various teams and manage multiple tasks/projects simultaneously.
  • Technology Proficiency: Proficiency in using risk management tools, third party management tools, and Microsoft Office Suite.

 

The employment is subject to Mandatory Reference Checking Scheme (MRCS) as per regulatory requirement. For details, please refer to (Mandatory Reference Checking Scheme Phase 2 | The Hong Kong Association of Banks).

 

Opening up a world of opportunity
www.hsbc.com/careers

 

HSBC is committed to building a culture where all employees are valued, respected and opinions count. We take pride in providing a workplace that fosters continuous professional development, flexible working and opportunities to grow within an inclusive and diverse environment. Personal data held by the Bank relating to employment applications will be used in accordance with our Privacy Statement, which is available on our website.

 

Issued by The Hongkong and Shanghai Banking Corporation Limited.

https://www.youtube.com/embed/QmZ7Un5gR8c?si=LCa6slfBqlUlxUE-