Job Advert Details
Digital Business Services is a pivotal part of the Group, providing essential operational and technical support to our global businesses and helping improve customer service and efficiency. Digital Business Services combines global expertise and technology to help keep us ahead of the competition.
The Cybersecurity function is responsible for enabling businesses and functions to manage Cybersecurity risks as well as ensuring risk and controls are assessed and implemented appropriately, objectively and independently through professional and specialized subject matter experts

People responsibility: N
Report to: Chief Information Security Officer

Job content
  1. Ensure adherence to the three lines of defence organisational model with clear lines of responsibility, accountability and segregation of duties
  2. Lead and support peers within the Cybersecurity function to define and implement an industry leading Cybersecurity Service that supersedes our constantly changing information security threats
  3. Managing and analysis cyber security threats and incident to safeguard HSBC enviornment.
  4. Provide Cyber Secuirty Technical expertise to tackle emerge cyber secuitry threats
  5. Skill set to handling Cyber Security technical issue and communicate with business stakeholder and senior management
  6. Ensure compliance with internal audit and external regulators that any organisational changes are fit-for-purpose and meet their expectations
  7. Analyse and execute activities to ensure compliance with HSBC Cybersecurity policies and standards
  8. Contribute to process, procedures and tool identification/development that will strength the bank's response to threats and incidents
  9. Assess new technology products and projects utilising security technologies pertinent to the department
  10. Engagement with other Global / Regional Cybersecurity teams, senior management and members of the Business when confronted with potential security issues
  11. Expand Cyber Security skills, knowledge and experience to enhance the overall capability of the function
  12. Maintain and implement cryptographic key management strategies, policies, and controls for safeguarding cryptographic keys to fulfill HSBC and regulatory requirement
  13. Governance and support of data loss prevention(DLP) and information protection incident response(IPR) controls
Qualifications
  1. Typically educated within IT (Cybersecurity specialist) is preferred.
  2. Years of experience in Cybersecurity is preferred.
  3. Managerial role within an Cybersecurity (including operational security experience) is preferred.
  4. Regulatory engagement, experience in dealing with compliance matters, and regulatory liaison.
  5. Knowledge of Asia Pacific regulatory requirements (in-depth knowledge of specific country regulatory requirements).
  6. Ability to build strong relationships and communicate on complex Cybersecurity issues with a wide spectrum of stakeholders.
  7. Understanding of business finance and experience of effective management of budgets and expenditure
  8. Comprehensive understanding of banking and security in context of wider industry trends and direction.
  9. Industry qualifications (CISSP, CISA, CISM), or Certifications ie.. CEH, ISO27001, SSCP, CND preferred
  10. Mind set to follow defined procedure and following the cryptography compliance process
  11. Knowledge and experience of PKI and digital certificate management, including creation, installation and renewal, are the advantage
  12. Knowledge of Hardware Security Modules, e.g. PayShield or nShield, would be added advantage
  13. Reading and Speaking in Chinese is a must ability
#TWE