Job description

If you’re looking for a career where you can make a real impression, join Global Service Center (GSC) HSBC and discover how valued you’ll be. HSBC is one of the largest banking and financial services organisationsin the world, with operations in 64 countries and territories. We aim to be where the growth is, enabling businesses to thrive and economies to prosper, and, ultimately, helping people to fulfil their hopes and realisetheir ambitions.

We are currently seeking an experienced professional to join our team in the role of  TPSA Consultor

 

The Cybersecurity TPSR Senior Risk Analyst job is responsible for operating as part of a global/local team within the Cybersecurity organisation, to analyse and execute activities around Cybersecurity process, controls, standards and regulatory requirements.

 

The role will carry out some or all of the following activities:

·       Ensure adherence to the three lines of defence organisational model with clear lines of responsibility, accountability and segregation of duties.

·       Ensure compliance with internal audit and external regulators that any organisational changes are fit for purpose and meet their expectations

·       Analyse and execute activities to ensure compliance with HSBC Cybersecurity policies and standards.

·       Contribute to process, procedures and tool identification/development that will strength the bank’s response to threats and incidents

·       Assess new technology products and projects utilising security technologies pertinent to the department

·       Act as a role model to more junior members of the team

·       Engagement with other Cybersecurity teams, senior management and members of the Business when confronted with potential security issues

·       Expand their skills, knowledge and experience to enhance the overall capability of the function

 

The Job holder will be a member of the Global Third Party Security Review (TPSR) Service team within Cybersecurity and forms part of the 1LOD (1st line of defence). TPSR is a regulated activity.

 

The team is tasked with point in time third parties information security assessments to enable businesses departments to manage their relationship/service within their risk appetite and minimize the operational risk impacts to HSBC, its shareholders, customers, employees, reputation and brand.

 

Inadequate risk management of a third party can lead to a failure to meet operational business requirements and/or could impact HSBC customers and/or HSBC employees, involve regulatory breaches, civil or monetary penalties or cause damage to shareholder value and/or to reputation.

 

Job holder is responsible to enable businesses and functions to manage their information security risks and to ensure risk and controls are assessed accurately, objectively and independently through professional and specialized subject matter experts.

 

Depending on the work assigned this may include:

 

·       Managing Engagements, Business Impact Assessments, Guidance requests, Quality Assurance

·       Managing other team members as appropriate

·       Conducting Local and Global TPSRs (reviews, reports, identify deficiencies, quality assurance)

·       Engaging with the Global TPSR team to support TPSR work

·       Articulate and explain information security assessment results to business

·       Closure of identified deficiencies (verifying evidence to confirm closure or advise what is needed to close them)

 

Additional Responsibilities:

 

·       Ensuring adherence to global standard methodology, SLA’s, quality, templates and tools

·       Ensuring good stakeholder engagement

·       Supporting overall activities of Global TPS, including admin and any special initiatives / projects

·       MI / Reporting (actual generation of reports or contribution to appropriate reports)

·       Mentoring / Coaching / Guidance for other team members / Deputisizing for manager

·       Remain current with industry and competitor trends and work to apply latest / best practices internally

·       Owning and driving special projects aligned to industry best practices

·       Overseeing larger and more complex engagement requests and / or reviews

·       Subject Matter Expert in own domain with, broad basic knowledge of other domains ensuring appropriate delivery of services along with aligning with the wider strategy and objectives of the bank overall

 

Requirements

The ideal candidate for this position will have:

·       Minimum Bachelor Degree and/or experience in  operational processes or third party information security reviews in the Financial Services industry or global corporate service provider

·       Background - desirable but NOT essential one or more; risk management, Audit, ISR

·       Qualifications - desirable but NOT essential one or more; ISO270001, CISA, CISM, CISSP, CRISC

·       Availability to travel (if required) for this role, i.e. travel within country as well as occasional International travel

·       Positive and professional attitude, team player, flexible and adaptable, open to change(s)

·       Confident and takes responsibility and ownership for work and personal development

·       Good spoken and written communication and ability to adapt style based on audience (Fluent in spoken / written English)

·       Ability to communicate technical subject matter to non-technical stakeholders

·       Previous experience of delivering an excellent customer service

·       Ability to quickly develop good working relationships with stakeholders

Ability and motivation to learn and pick things up quickly

 

At HSBC we offer our colleagues a greater number of leave days so that they can fully enjoy their wedding, take care of the new member of the family, or grieve the loss of a family member. Our paid leave package is at the forefront in Mexico, now you have one more reason to be HSBC and proudly live a culture of well-being, balance and care.

HSBC is an equal opportunity employer committed to building a culture where all employees are valued, respected and opinions count. We take pride in providing a workplace that fosters continuous professional development, flexible working and, opportunities to grow within an inclusive and diverse environment. We encourage applications from all suitably qualified personsirrespective of, but not limited to, their gender or genetic information, sexual orientation, ethnicity, religion, social status, medical care leave requirements, political affiliation, people with disabilities, color, national origin, veteran status, etc., We consider all applications based on merit and suitability to the role.

Personal data held by the Bank relating to employment applications will be used in accordance with our Privacy Statement, which is available on our website.

***Issued By HSBC Electronic Data Process Mexico Private LTD***