Job description
Business: Markets and Securities Services
Open positions: 1
Role Title: Assistant Vice President Non Financial risk specialist
Global Career Band: GCB 5
Location (Country / City ): Bangalore
Recruiter Name : Joyita Basu
Why join us?
- HSBC's Markets and Securities Services (MSS) business is one of the largest of its kind in the world. It combines sophisticated 24-hour global coverage with a detailed knowledge of local markets. The services are offered through a network of 87 treasury sites in more than 60 countries and territories worldwide. The trading and sales forces attend to customers that include the world's central banks, international and local corporations, institutional investors, financial institutions, and other market participants. MSS specializes in foreign exchange, credits and rates, structured derivatives, equities and debt, equity, and equity-linked capital markets.
- The Markets and Securities Services NFR is an extension of the Markets and Securities Services COO Office, and the Office will partner with business management in the embedding, remediation, and improvement of the control environment in respect of key risks to the Markets and Securities Services businesses, including adhering to the requirements of the Group Operational Risk Management Framework. The office will deliver on control related priorities in a well-organized, effective, and collaborative manner.
- The role holder would support Non-Financial Risk team in execution of an effective risk management program with primary responsibilities of supporting the internal control monitoring plan and contributing to the control effectiveness testing. The position includes responsibilities related to a variety of risk categories and related areas such as business continuity, audit remediation, compliance, regulatory adherence, and information security.
The Opportunity:
- The Control Office is a function that sits within the markets business within the Markets & Securities Services area of HSBC. The Control Office helps manage and control non-financial and new risks in the business, including but not limited to operational, conduct and product lifecycle risk.
- Business Information Risk Office (BIRO) is responsible for driving Information Security, Technology, and Cyber management within the business providing timely quality advice and assistance to the business in support of their risk management activities, translating technical risks and control related aspects to non-technical business across all Regions. BIRO are subject matter expert on all matters relating to information security and cyber risk, and ensuring each business is aware of (and suitably managing) the related risks.
What you’ll do:
Impact on the Business/Function
- Be responsible for providing cyber and information security risk management input to the business in support of their overall operational risk management activities, working alongside the onshore BIROs, business management and control officers to articulate and understand these risks and ensuring that they are appropriately reflected in business Risk Control Assessment (RCA) – driving related RCA activities as required.
- Assist the Global MSS Businesses in the identification, documentation and resolution of information security and Cyber risk issues (liaising with relevant functions, e.g. Cybersecurity, where required) as guided by lead / onshore BIRO.
- Provide timely guidance to business on queries relating to information security, leveraging strong knowledge of Bank policies, industry good practice and requirements of NFR management process to drive de-risking of Business processes. This includes review of any exceptional access requests to ensure exceptional access is only granted where required and with appropriate mitigating controls.
- Support the business and onshore BIROs in ensuring that technology, cyber and information security risks in the RCAs are adequately assessed, documented, with gaps identified and appropriate remedial actions agreed. Support the business in developing and executing appropriate monitoring plans for these risks.
- Support the business in ensuring that information security related incidents are appropriately triaged and managed, including following up with respective parties to ensure remedial actions are undertaken
- Provide SME input into risk reductions initiatives and support BIRO delivery of these initiatives by supporting programme management, reporting & governance activities for initiatives. Support the business by ensuring business owned risk reduction activities are robust and sustainable.
Typical Targets and Measures
- Responsibility for reviewing, processing, escalating and closing cases in a timely manner
- Ensure as much as possible that escalations to Global BIRO are genuine
- Production of accurate MI
Customers / Stakeholders
- Meet expectations of business partners and London Control Office
- Develop relationships with Resilience Risk, and other 2LOD functions as required, ensuring 2LoD observations are understood and where required, remediation plans are in place and remediation is appropriately tracked and reported.
- Be responsible for providing Business and MSS CCO management with a view of their information risk landscape through appropriate assessment of technology, information security and cyber issues across the front-to-back businesses, reviewing the external risk landscape, available metrics and providing timely updates, and for re-visiting these assessments periodically to ensure ongoing relevance.
- Be responsible for undertaking deep dives of cyber and information technology issues, as directed by the Chief Control Officer and Lead BIRO, recommending and delivering practical remediation activities.
Typical Targets and Measures
- To create confidence in London Control Office and business to offshore tasks
- Ability to suggest and propose changes to processes, driving change
- Feedback from local and London Control Office management, businesses and other stakeholders
Leadership & Teamwork
- Ability to act proactively and multitask
- Knowledge transfer to the team and learn from other team members
- Self - motivated, enthusiastic and proven rapid leaning capability
- Actively participate in team meetings. Bringing solutions / suggestions / recommendations to the table.
- Ability to work efficiently without supervision
Typical Targets and Measures
- Be able to integrate into an existing close team
- Effective contribution in team meetings and business calls
- Be open to feedback and highlight areas of improvement
- Feedback from local and London Control Office management and other stakeholders
Requisitos
What you will need to succeed in the role:
- Minimum 5 years’ experience in the information risk / information security space, preferably in financial services.
- 5+ years of risk & control experience – e.g. 2LOD / 1LOD operational risk, information security risk, audit with a focus on information security / information risk.
- Performance of risk and controls assessments related to information technology and information security.
- Information Security certifications e.g. CISA, CISM, CRISC etc will be an advantage
- Strong understanding of information security, technology & cyber risks and potential mitigating actions, industry / good practices and related risk/control frameworks
- Good understanding of technology and information security risk/control disciplines
- Excellent written communication, research and analytical skills
- Proficient in MS Office (incl. Excel & PowerPoint)
- Ability to work under pressure and within tight timelines. Excellent time management and prioritisation of work tasks. Manage urgent ad-hoc requests from London Control Office / business
- Ability to support decisions with sound reasoning.
- Ability to clearly articulate implications of analysis and findings
- Ability to learn and grasp and new systems, tools and databases quickly
- Ability to make accurate judgment calls on the nature of alerts in a short time period (i.e. deciding quickly and reliably what requires escalation)
What additional skills will be good to have?
Operational Effectiveness & Control
- Ability to work autonomously
- Ability to work across regions, and build relationships with stakeholders globally
- Analysis of Management Information, including meeting packs from regional, business and GBM committees.
- Assist with ad hoc project work and special investigations to provide further analysis as requested by management. Support for the Business Control Committee governance structure.
- Support and analysis for Management Information initiatives.
- Strong interpersonal skills and experience of working effectively and independently in a small team and also collaborate with global colleagues
- Implement best practice improvements
- Identify gaps in process documentation and address these effectively
- Maintain issues log and track progress in a timely manner
Link to Candidate User Guide:
(Or)
Go to the below link and type “IND GSC : IJP Applicant User Guide” in search bar. https://hsbchrdirect.service-now.com/hrsp?id=hrdirect_employee_dashboard
You’ll achieve more at HSBC
HSBC is an equal opportunity employer committed to building a culture where all employees are valued, respected and opinions count. We take pride in providing a workplace that fosters continuous professional development, flexible working and, opportunities to grow within an inclusive and diverse environment. We encourage applications from all suitably qualified persons irrespective of, but not limited to, their gender or genetic information, sexual orientation, ethnicity, religion, social status, medical care leave requirements, political affiliation, people with disabilities, color, national origin, veteran status, etc., We consider all applications based on merit and suitability to the role.”
Personal data held by the Bank relating to employment applications will be used in accordance with our Privacy Statement, which is available on our website.
***Issued By HSBC Electronic Data Processing (India) Private LTD***
Nombre del recruiter
Joyita Basu
Email del recruiter
joyita.basu@hsbc.co.in