VP, Information Security

Some careers open more doors than others. 

If you’re looking for a career that will unlock new opportunities, join HSBC and experience the possibilities. Whether you want a career that could take you to the top, or simply take you in an exciting new direction, HSBC offers opportunities, support and rewards that will take you further.

Broking Services provides full investment services in stocks, bonds, currencies, precious metals, commodities and derivatives to retail, corporate customers and financial intermediaries. As a leading full service broker dealer in Hong Kong, our investment services include advisory, execution, risk and portfolio management, custodianship, and margin financing.

Position Details

Department: Technology / IT Operations

Location: Mumbai

Reporting to: Board of Directors (HISL)

Job Summary

The Cybersecurity Governance, Regulatory & Control Management job is responsible for delivering governance, audit, compliance and regulatory requirements; management of key board and committee MI / reporting; and management of all Cybersecurity standards.

This role will carry out some or all of the following activities:

• Collaborate with the Regional and Country representatives of Technology plus other peer managers to implement the team’s goals within entity policy, expense and regulatory constraints.
• Support peers and senior management within the Cybersecurity function to define and implement an industry leading Cybersecurity Service that supersedes our constantly changing information security threats.
• Ensure adherence to the three lines of defence organisational model with clear lines of responsibility, accountability and segregation of duties
• Ensure compliance with internal audit and external regulators that any organisational changes are fit for purpose and meet their expectations
• Support Senior Managers in the delivery of a Cybersecurity strategy for a team to secure the bank’s technology from the inside out, whilst maintaining, protecting and enhancing HSBC’s values, reputation and stakeholder value
• Contribute to the overall definition of responsibilities and accountabilities of Cybersecurity within HSBC and build a team which supports the Cybersecurity model and defined strategy
• Support Senior Managers to implement an effective engagement model across GB/GF/Regions with their respective teams
• Embeds best practice management and supports implementation of transformational change
• Management responsibility for a small team, providing clear direction, setting performance targets of direct reports and contributes to employees’ professional development
• Contributes to building plans and budgets which identify value and cost reduction opportunities
• Lead the Information Security Governance& Compliance agenda and oversee effectiveness of controls to ensure compliance with HSBC Information Security policies and standards in the country.
• Lead the development and management/maintenance of Cybersecurity owned standards, working with the Security Services teams, and providing oversight and guidance of compliance across the Group
• Drive close coordination with the ISR SLoD Functions so that risk management processes remain fully aligned to the rest of the organisation.  

Mandatory Qualifications, Certifications & Experience

• Education: Graduate/Post-Graduate in Computer Science / IT / Engineering.
• Mandatory Certifications: CISSP (Certified Information Systems Security Professional) or CISM (Certified Information Security Manager), or CRISC (Certified in Risk and Information Systems Control) – any one as per industry best practices and SEBI CSCRF guidelines.
• Experience: Minimum 12+ years in IT operations, information security, or technology risk roles, with at least 5 years in senior positions within the financial services sector
• Domain Knowledge: Proven track record in building and operating security operations centers, running VAPT programs, incident management, compliance reporting to regulators, and vendor governance for technology platforms

Preferred Skills & Competencies

• Deep, expert-level knowledge of cybersecurity frameworks, security infrastructure, and tools (SIEM, IDS/IPS, firewalls, endpoint protection)
• Expert-level knowledge of network architecture, security operations, incident response, and regulatory frameworks (e.g., CSCRF, ISO 27001, NIST)
• Strong written report drafting and board presentation skills for cybersecurity governance
• Strong communication and stakeholder management skills to interface with vendors, business teams, regulators, and senior management
• Experience in a managed service or vendor-heavy IT environment is highly desirable
• Understanding of trading platforms, OMS/RMS architecture, and broking technology is a strong advantage

Employment Type: Full-time, Permanent

You’ll achieve more at HSBC.

HSBC is committed to building a culture where all employees are valued, respected and opinions count. We take pride in providing a workplace that fosters continuous professional development, flexible working and opportunities to grow within an inclusive and diverse environment.

Personal data held by the Bank relating to employment applications will be used in accordance with our Privacy Statement, which is available on our website.

Issued by The Hongkong and Shanghai Banking Corporation Limited, India

====================================================================================================