Job Title: Governance, Risk and Compliance Lead
Big Bank Funding. FinTech Thinking.
Our technology teams in the UK work closely with HSBC’s global businesses to help design and build digital services that allow our millions of customers around the world, to bank quickly, simply and securely. We also run and manage our IT infrastructure, data centres and core banking systems that power the world’s leading international bank.
Our multi-disciplined teams include: DevOps engineers, IT architects, front and back end developers, infrastructure specialists, cyber experts, as well as project and programme managers.
Role Description:
The Cybersecurity Governance Risk and Compliance Lead for the region is charged with protecting the HSBC brand, shareholder value, information assets and financial assets within the respective region through their support to the Head of Cybersecurity Regulatory Compliance & Remediation.
Responsibilities:
- Develop and maintain strong relationships with the Regional Information Security Officer (RISO) to identify and ensure regional/country specific legal and regulatory requirements are met.
- Maintain oversight of the regional risk profile, appetite, incidents and control effectiveness and provide robust risk challenge to the same audience when cyber security risk appetites are breached.
- Work with the overall Regulatory Compliance team who provide centralized reporting (including KPI/KRI/KCI’s) to support the regional reporting into regulators and other internal and external stakeholders with regards to the Group’s risk appetite and control effectiveness.
- Drive an effective engagement and governance process across the region that is demonstrably adding value to all target stakeholders.
- Work with the Cybersecurity Communications & Training team to ensure that cyber related training and awareness has been delivered for all relevant Regional stakeholders.
- Provide oversight and delivery of metrics and reporting in to the relevant regional governance committees.
- Provide oversight and support regional stakeholders in managing regulatory compliance requirements across major markets driving a response to regulatory enquiries and exams.
- Provide regional input into the definition of security standards based on policies defined by the ORR function, lead the Cyber Security Agenda and oversee effectiveness of controls to ensure regional compliance with policies and standards across the region.
- Coordinate regional responses to Third Party / Client questionnaires and enquiries received by HSBC.
-
Work with the Regional Information Security Officer (RISO) to:
- Proactively track, challenge and drive to closure all Cybersecurity owned issues (i.e. audits, MSII’s) and maintain oversight of Cyber Security’s control environment within the region
- Proactively manage the gaps identified during security testing activities through established governance to drive remediation of gaps and track to closure