Vice President Technology Management Lead

Some careers open more doors than others. 

If you’re looking for a career that will unlock new opportunities, join HSBC and experience the possibilities. Whether you want a career that could take you to the top, or simply take you in an exciting new direction, HSBC offers opportunities, support and rewards that will take you further.

Position Details

Department: Technology / IT Operations

Location: Mumbai

Reporting to: Head of entity (HISL CEO/HISL Designated Director)

Job Summary

The IT Operations Manager will serve as the business owner, technical liaison and governance lead for the retail broking platform’s licensed technology stack. You will own platform performance, ensure cybersecurity and cyber resilience compliance (SEBI CSCRF), assess, identify & mitigate cybersecurity risks, lead incident response & remediation, own & enforce vendor SLAs, drive platform enhancements/change management, oversee data center operations, supervise IT infrastructure & serve as primary SPOC for platform’s technology stack licensor. This role also incorporates SEBI designated cybersecurity responsibilities to ensure information security and cyber resilience against evolving threats.

Core Responsibilities & Duties

Vendor & Technology Governance

• Oversee vendor-managed IT infrastructure, manage vendor relationship and ensure SLA compliance for the licensed technology stack - frontend, OMS, RMS, and back-office.
• Oversee platform performance, uptime, and incident response coordination; track and escalate SLA breaches
• Ensure the licensed systems integrate seamlessly with HSBC’s ecosystem (e.g., authentication, fund transfers, reporting interfaces)
• Act as the bridge between business requirements and vendor delivery; translating business needs into technical change requests

Platform Operations & Monitoring

• Monitor system health dashboards and trading platform availability; escalate critical issues to vendors
• Coordinate platform enhancements, change requests, and release management with vendors
• Oversee disaster recovery drills and business continuity planning; review and update the Business Continuity Plan (BCP) and Disaster Recovery (DR) SOPs
• Manage advanced network defense technologies (e.g., Intrusion Detection Systems, Firewalls, WAF) in coordination with vendors and/or group IT security

Cybersecurity & Cyber Resilience (SEBI CSCRF Compliance)

• Develop, implement, and govern the firm-wide Cybersecurity and Cyber Resilience Framework (CSCRF), ensuring compliance with all SEBI mandates
• Oversee and coordinate the Cybersecurity Committee; review the framework on a half-yearly basis and report to the Board
• Mandate and oversee Vulnerability Assessment and Penetration Testing (VAPT), ensuring all VAPT is conducted by CERT-IN empaneled auditors
• Ensure secure vendor management (SaaS/Cloud), cloud risk assessments, and contract clauses (escrow, audit rights)
• Act as the primary authority for managing and responding to all cybersecurity incidents; establish and maintain the Incident Response Plan (IRP)
• Chair incident response and forensic investigations; report material incidents to SEBI/Exchanges per prescribed formats and timelines

Security Operations & Risk Management

• Oversee IT asset inventory, vulnerability management, and patch management in coordination with vendors
• Monitor security operations dashboards, log aggregation, and SIEM (Security Information and Event Management) alerts
• Ensure data protection, encryption (in transit and at rest), and data localization compliance as per SEBI and HSBC group policies
• Coordinate third-party cybersecurity audits and assessments; ensure audit findings are remediated within regulatory timelines

Reporting & Compliance

• Submit quarterly reports to the Board on cybersecurity activities, incidents, and preventive measures taken
• Coordinate with Compliance and Risk teams on technology-related regulatory submissions and inspections
• Maintain documentation for all cybersecurity policies, procedures, incident logs, and audit trails

Awareness & Training

• Conduct regular cybersecurity awareness training, phishing simulations, and red-team exercises for all staff
• Foster a culture of cyber vigilance across the organization, ensuring cybersecurity is a shared responsibility

Mandatory Qualifications, Certifications & Experience

• Education: Graduate/Post-Graduate in Computer Science / IT / Engineering.
• Good to have: CISSP (Certified Information Systems Security Professional), CISM (Certified Information Security Manager), or CRISC (Certified in Risk and Information Systems Control) – any one as per industry best practices and SEBI CSCRF guidelines.
• Experience: Minimum 10+ years in IT operations, information security, or technology risk roles, with at least 5 years in senior positions within the financial services sector
• Domain Knowledge: Proven track record in building and operating security operations centers, running VAPT programs, incident management, compliance reporting to regulators, and vendor governance for technology platforms

Preferred Skills & Competencies

• Deep, expert-level knowledge of cybersecurity frameworks, security infrastructure, and tools (SIEM, IDS/IPS, firewalls, endpoint protection)
• Expert-level knowledge of network architecture, security operations, incident response, and regulatory frameworks (e.g., CSCRF, ISO 27001, NIST)
• Strong written report drafting and board presentation skills for cybersecurity governance
• Strong communication and stakeholder management skills to interface with vendors, business teams, regulators, and senior management
• Experience in a managed service or vendor-heavy IT environment is highly desirable
• Understanding of trading platforms, OMS/RMS architecture, and broking technology is a strong advantage

Employment Type: Full-time, Permanent

You’ll achieve more at HSBC.

HSBC is committed to building a culture where all employees are valued, respected and opinions count. We take pride in providing a workplace that fosters continuous professional development, flexible working and opportunities to grow within an inclusive and diverse environment.

Personal data held by the Bank relating to employment applications will be used in accordance with our Privacy Statement, which is available on our website.

Issued by The Hongkong and Shanghai Banking Corporation Limited, India