Job description

Some career choices have more impact than others.

HSBC Australia as part of the HSBC Group offers a comprehensive range of financial services through a network of 45 branches and offices located 5 states across Australia. These services include retail, wholesale and private banking, trade finance, treasury and financial markets, global liquidity and cash management, asset management and securities custody. 

We’re looking for progressive minds who are driven and forward-thinking who are open to different ideas and cultures, who can connect with customers and colleagues and who’ll work with courageous integrity every day to join our team as Data Privacy Officer (DPO).

As an HSBC employee in Australia, you’ll have access to tailored professional development opportunities, competitive pay, an embedded flexible working culture and a range of employee benefits. These include market-leading subsidised private health cover, enhanced parental pay and support when returning to work, subsidised banking products and services and wellness programmes. 

HSBC Australia is seeking an experienced legal practitioner to join the Risk Function as the Bank’s Data Privacy Officer. This role will work across all Businesses and Functions and with HSBC regionally to suitably manage the Bank’s Data Privacy obligations in Australia.  

Data Privacy Officers (DPOs) are responsible for ensuring HSBC meets its obligations under data protection and privacy laws within their particular jurisdiction. They provide expert advice, guidance and direction and support the necessary standards and controls to enable the Bank, including its employees and relevant third parties, to manage privacy risks and comply with obligations under data protection laws in relation to the processing of personal data. 

Key responsibilities:
•    Informing and advising the business and its employees of their data privacy and protection compliance obligations;
•    Providing expert guidance, oversight and challenge on all aspects of data protection and privacy risk strategy and compliance focusing efforts on areas that present higher data privacy risks;
•    Monitoring compliance with data privacy provisions and with HSBC Group policies relating to the protection of personal data, including the assignment of responsibilities, staff education and awareness training, and ensuring remediation of any related audit findings; 
•    Advising on Data Protection Impact Assessments and monitoring performance of mitigations, where necessary;
•    Provide subject matter advice with respect to Data Privacy matters to HSBC Australia’s Chief Risk Officer, Board of Directors, and all Businesses, Functions and internal stakeholders
•    Acting as the contact point internally and externally with data subjects and regulatory authorities; 
•    Provide advice with respect to training and awareness and any data remediation events in line with Australia’s data privacy laws 
•    Advising on, and providing HSBC Australia with support, to ensure the necessary safeguards and controls are in place to ensure compliance with requirements for international data transfers by identifying all circumstances in which personal data is transferred outside of the relevant jurisdiction; and 
•    Provide incident management advice and/or support as needed and ensure that data privacy incidents and breaches or request for information are responded to and managed effectively and that relevant authorities are informed within necessary timeframes.


•    Comprehensive knowledge and experience of Data Privacy and Information Governance laws and relevant regulations in Australia;
•    Recognised as an Australian practicing lawyer with sound knowledge of Australian Data Privacy laws
•    CIPP/A or CIPP/E certification (Certified Information Privacy Professional – Asia or Europe)
•    Corporate experience and Compliance experience an advantage, but not essential;
•    Strong ability to prioritise;
•    Strong communication and inter-personal skills;
•    Proven ability to establish and maintain a high degree of confidentiality, respect, trust and credibility at all levels;
•    Experience in communicating, interacting and maintaining good working relationships with supervisory authorities;
•    Strong written and verbal communication skills;
•    Well-developed and professional interpersonal skills; ability to interact effectively with people at all organisational levels;
•    Ability to work unsupervised, exercise leadership and influence change;
•    Ability to use independent judgement and discretion when making the majority of decisions;
•    Detail-focused approach needed to recommend and implement strategic improvements on a range of data privacy and data protection issues. 

Preference will be given to candidates who hold Australian or New Zealand PR/Citizenship or working rights or who can show they currently have unrestricted work rights in Australia with no limitations.

HSBC is committed to building a culture where all employees are valued and respected and where opinions count. We take pride in providing a workplace that fosters continuous professional development, flexible working and opportunities to grow in an inclusive environment. Applications from First Nations peoples are encouraged.

Learn more about careers at HSBC Australia –

Personal data held by the Bank relating to employment applications will be used in accordance with our Privacy Statement, which is available on our website. Issued by HSBC Bank Australia Limited.  Please note that HSBC will we never communicate to applicants via non HSBC channels such as SMS, WhatsApp or Facebook so please be careful if anyone attempts to contact you via these channels.