Job description

Digital Business Services (DBS)
HSBC Digital Business Services is a pivotal part of the Group, providing essential operational and technical support to our global businesses and helping improve customer service and efficiency. We combine global expertise and technology to help keep us thriving in the competition.

We are currently seeking an experienced professional to join our team.

In this role, you will: 

  • Collaborate with the Global, Regional and Country representatives of Technology, plus other peer managers to implement the team's goals within entity policy, expense and regulatory constraints
  • Lead and support peers in Developing, implementing and monitoring a strategic, comprehensive enterprise cyber security management program
  • Assist Group/Region with the overall business technology planning, providing a current knowledge and future vision of technology and systems.
  • Contribute to the Sub-function/Region Cybersecurity strategy to secure the bank's technology from the inside out, whilst maintaining, protecting and enhancing HSBC's values, reputation and stakeholder value
  • Provide/organize Cybersecurity related training sessions to improve awareness level of staff members, setting performance targets of direct reports and contributes to employees' professional development
  • Assist with business stakeholders across the company to raise awareness of risk management concerns and educate country management about country cybersecurity risk level and actions required to mitigate/control existing risks.
  • Carefully considers the security requirements of an organization as well as the business requirements in order to address any security risks as well as satisfy the organization’s business goals.
  • Support business for in-country-specific initiatives via cybersecurity delivery, consultancy and country augmentation teams when required.
  • Keeping abreast of developing security threats, and helping the country board understand potential security problems that might arise from acquisitions or other big business moves.
  • Brief country management about ongoing Cybersecurity improvement projects benefits, status and challenges which require their attention and/or involvement to make it success.
  • Provide guidance and ensure country regulatory requirements related to Cybersecurity are addressed in a timely fashion to implement relevant controls and to develop/amend policies/standards to comply with the requirements.
  • Provide assistance in Governance related matters, ensuring consistency with Global/Regional key messaging and exercising formal governance through appropriate governance forums.
To be successful in the role, you should meet the following requirements:

Local Regulatory Engagement Stakeholder Engagement

  • Manage mandated projects (e.g. MLPS, E-banking assessment)
  • Fully engage with new regulation gap analysis and remediation actions (e.g. PIPL, DSL)
  • Continuously provide timely response to regulatory requirements (e.g. regulatory notification or issue/finding)
  • Be primary contact to oversee all local technology risk (e.g. vulnerability mitigation tracking)
  • Establish and maintain stakeholders' relationships and act as local cybersecurity SME for general cybersecurity queries and requests
  • Understand, assess & advise HSBC Cyber Security controls and regulatory requirements on cyber to ensure compliant status and follow up if any gaps and remediation.
  • Provide input and support to global / regional regulatory governance and control map reporting related to country and countries cyber security control dashboard

Awareness and Training

  • Coordinate with global / regional / country team to deliver and promote cyber security awareness programs and education campaign to all employees and/or special group of people (such as high risk users, senior management team, IT developers)
  • Periodic staff communication on cyber awareness to promote cyber education and awareness

Cyber Execution and Strategy in-Country

  • Contribute to the Sub-function/Region Cybersecurity strategy to secure the bank's technology from the inside out, whilst maintaining, protecting and enhancing HSBC's values, reputation and stakeholder value.
  • Assist with regional/global cyber initiatives that qualifies as outsourcing as per the country framework.

Governance & oversight

  • Provide consultancy and oversee the country Critical Assets, Testing/GASRA/Open issue status and pursue further with the ITSO or escalate to CIOs if required.  
You’ll achieve more when you join HSBC.

HSBC is committed to building a culture where all employees are valued, respected and opinions count. We take pride in providing a workplace that fosters continuous professional development, flexible working and opportunities to grow within and inclusive and diverse environment. Personal data held by the Bank relating to employment applications will be used in accordance with our Privacy Statement, which is available on our website. /TZ

Issued by HSBC Bank (China) Company Limited