If you’re looking to take an exciting new direction with your HSBC career, an internal move can open the door to many opportunities, allowing you to take on a new challenge, and develop your skills. Bring your knowledge of our brand to a new role and grow yourself further.
Our Enterprise Risk Management (ERM) Risk and Compliance function has a critical role to play in supporting, challenging, and advising across all areas of the business through establishing policy, monitoring profiles, and identifying and managing forward-looking risk and compliance. We focus on creating an environment that encourages our people to speak up and do the right thing, as well as protecting our customers, the organisation, and the integrity of the financial markets in which we operate. Already an industry-leader in many respects, we want to continue setting standards and evolving to respond to strategic changes.
Global Enterprise Risk Management (ERM) is a function of Group Risk. Its purpose is to make ensure HSBC understands and is in control of its non-financial risk profile. In addition, the function provides Resilience Risk (RR) Stewardship to global businesses, functions, and entities we operate in. RR Specialist Risk Stewards provide high quality advice and guidance for specific RR risk event types including Data Risk, 3rd Party supplier Risk, Transaction Processing and Technology and Cyber (TCS) risk.
We are currently seeking an experienced individual to join the 2LOD (second line of defence) HSBC UK ERM team, in the role of ERM Resilience Risk Steward for Technology and Cyber Security Risk (TCS).
The primary focus of this role will be Information Technology (IT) Risk. You will provide specialist IT advice, guidance, and challenge across all IT related risks to enable business growth whilst remaining within risk appetite. You will be responsible for the review and challenge of all controls relating to TCS Risk in HSBC UK.
The main responsibilities in this role are:
* Support the HSBC UK Head of ERM and contribute to the effective governance of RR in HSBC UK by being responsible for TCS risk oversight and challenge, reporting to the HSBC UK Head of Resilience Risk.
* Be the primary RR point of contact for IT related matters; provide IT related advice and support to all HSBC UK stakeholders and support the ongoing development of the TCS risk and control environment.
* Support Risk and control (RaC) challenge activity, scenario testing and deep dive assurance activities as required.
* Promote a risk culture of commercial awareness and customer conduct aligned to RR requirements.
* Take an active role in 1LOD and 2LOD Technology related meetings, committees and forums offering constructive and informed input and challenge.
* Support 1LOD Business and Functions stakeholders to ensure that the Risk Framework is appropriately used for decision making; encourage best practices that ensure all procedures are well documented and regulatory policies are up to date and encourage evaluation of the design effectiveness of the Risk Framework to ensure the promotion of continuous improvement.
* Alert and escalate TCS issues and incidents, any significant changes to the TCS risk environment, deteriorating risk exposures, new vulnerabilities or evidence of the crystallisation of emerging risks to senior management in a timely manner.
* Build and maintain relevant cross-organisation and industry relationships to keep up to date on the external Technology and Cyber risk landscape and provide a benchmarking view of HSBC UK against peer activity.
* Support risk reviews of new Cloud workloads and IT related Change Management activity.
* Provide TCS subject matter expert input to 2LOD ERM metrics and risk profile reporting as required.
