Job description

Some careers shine brighter than others.

If you’re looking for a career that will help you stand out, join HSBC and fulfil your potential. Whether you want a career that could take you to the top, or simply take you in an exciting new direction, HSBC offers opportunities, support and rewards that will take you further.

 

HSBC is one of the largest banking and financial services organisations in the world, with operations in 64 countries and territories. We aim to be where the growth is, enabling businesses to thrive and economies to prosper, and, ultimately, helping people to fulfil their hopes and realise their ambitions.

 

Department: - (Business Write-up 3-4 line or Name of the Business/Department)

 

In this role, you will:

 

 

Work alongside the CTO Distributed Compute Security, Risk and Compliance teams in providing expert guidance and knowledge to maintain effective controls of services supporting Distributed Compute in HSBC.

 Working to rapidly respond to Cybersecurity control and Audit requirements as and when they arise, the Candidate will be responsible for maintaining control KCIs across all controls and ensure all risk items are timely identified and remediated for Distributed Compute’s IT Services. You will work with key stakeholders to ensure Compliance with Operational and Audit Requirements.

Our purpose and vision is to provide industry leading Service Governance and Management of the Services and Infrastructure which support HSBC’s global business through a collaborative and standardized approach, with the primary goal to keep production safe and maintain effective control of the Distributed Compute IT estate.

Responsibilities:

  • Identify, assess and evaluate risk to enable the execution of the risk management strategy.

  • Collect information and review documentation to ensure that risk scenarios are identified and evaluated.

  • Identify legal, regulatory and contractual requirements and organizational policies and standards related to information systems to determine their potential impact.

  • Identify potential threats and vulnerabilities for business processes, associated data and supporting capabilities to assist in the evaluation of enterprise risk.

  • Create and maintain a risk register to ensure that all identified risk factors are accounted for.

  • Assemble risk scenarios to estimate the likelihood and impact of significant events to the organization.

  • Analyze risk scenarios to determine their impact.

  • Develop a risk awareness program and conduct training to ensure that stakeholders understand risk and contribute to the risk management process and to promote a risk aware culture.

  • Correlate identified risk scenarios to relevant processes to assist in identifying risk ownership.

  • Validate risk appetite and tolerance with senior leadership and key stakeholders to ensure alignment

  • Develop and implement risk responses to ensure that risk factors and events are addressed in a cost effective manner and in line with business and regulatory requirements.

  • Identify and evaluate risk response options and provide management with information to enable risk response decisions.

  • Review risk responses with the relevant stakeholders for validation of efficiency, effectiveness and economy.

  • Apply risk criteria to assist in the development of the risk profile for management approval.

  • Assist in the development of risk response action plans to address risk factors identified in the organizational risk profile.

  • Monitor risk and communicate information to the relevant stakeholders to ensure the continued effectiveness of the risk management strategy.

  • Collect and validate data that measure key risk indicators KRIs to monitor and communicate their status to relevant stakeholders.

  • Monitor and communicate key risk indicators KRIs and management activities to assist relevant stakeholders in their decision making process.

  • Facilitate independent risk assessments and risk management process reviews to ensure they are performed efficiently and effectively.

  • Identify and report on risk, including compliance, to initiate corrective action and meet business and regulatory requirements.

  • Serve as liaison to auditors and regulators regarding documentation and review of information compliance.

  • Communicate audit and review results to appropriate parties to ensure that issues are addressed and corrective actions are implemented.

  • Keep a tracking action list of all audit issues. 

Requisitos

  • Essential Skillset/Experience:

  •  Expert level of management experience in information technology functions

  • Experience in auditing as a compliance manager or information risk specialist

  • Experience maintaining effective control of end to end Services / Application

  • Experience in Unix or Linux or Windows or Virtualization systems support is preferre

  • Certification in CISA, CISSP or equivalent is preferred.

  • Knw how to navigate Risk & Control Frameworks

  • Strong communicator, effective when working with stakeholders and be a key decision maker.

 

Candidate User Guide - India HTC - IND HSDI : IJP candidate user guide (service-now.com)

 

HSBC is committed to building a culture where all employees are valued, respected and opinions count. We take pride in providing a workplace that fosters continuous professional development, flexible working and opportunities to grow within an inclusive and diverse environment. Personal data held by the Bank relating to employment applications will be used in accordance with our Privacy Statement, which is available on our website.

 

Issued by – HSBC Software Development India

Nombre del recruiter
Sreekanth K
Email del recruiter
sreekanth.k@hsbc.co.in
Volver al resultado de la búsqueda