Job description

Digital Business Services (DBS)

HSBC Digital Business Services is a pivotal part of the Group, providing essential operational and technical support to our global businesses and helping improve customer service and efficiency. We combine global expertise and technology to help keep us thriving in the competition.

 

We are currently seeking an experienced professional to join our team.

In this role, you will:

    ·         Be responsible for assisting Head of Cyber and Technology Management for providing assurance to local business management that all Information, Technology, and Cyber Security Risk policies, controls, processes and projects within China WPB have been implemented and to ensure that proportionate and effective information security controls are established and maintained.

    ·         Incorporate Head of Cyber and Technology Management to include risk-based monitoring of Information, Technology, and Cyber Security Risk controls / policies and standards to validate control effectiveness and monitor timely resolutions of information security issues including the capability to detect, respond and recover from incidents/events.

    ·         Operate in a consultancy capacity for Information, Technology, and Cyber Security Risk when required by the business, in order to maintain a framework of controls appropriate to China WPB and in line with the business's risk appetite and provide guidance to the business regarding involvement of other key stakeholders (e.g. Resilience Risk, IT and Cybersecurity).

    ·         Provide the professional insights in customer information protection related process and adhere to the Cybersecurity Law, Data Security Law and Personal Information Protection Law, regulator requirement and global/local policies and procedure related to the Information, Technology and Cyber Security Risk.

    ·         Plan and conduct information security assessment in area covering Global FIM control like information asset management, access controls, EUC security review and others. Assist on-going efforts to ensure that the information security risks associated with third party relationships are identified and mitigated. Support the implementation of security initiatives to ensure the compliance with Information, Technology, and Cyber Security related procedure and compliance standards.

    ·         Act as a subject matter expert to assist China WPB and cross-functional teams in identifying and mitigating information security risks, including the administrative and technical controls.

    ·         Communicate to China WPB and cross-functional teams regarding Information, Technology, and Cyber Security Risk issues, events and/or control gaps, and recommends remediation initiatives with all stakeholders including 1st line, 2nd line, and 3rd line.

    ·         Create and manage information security awareness training programs for all employees, contractors and approved system users for China WPB.

    ·        Provide support with the implementation of information security controls, through engagement with Cyber Security Risk projects/programmes and controls as outlined in the BIRO Standard Operating Procedures (SOP).

    Requirements

    To be successful in the role, you should meet the following requirements:

    Knowledge

    • Business Knowledge - A detailed understanding of Wealth and Personal Banking and how it works including people, process and technology.
    • Technology Knowledge - Good level of understanding of diverse technology including infrastructure, network and applications. Strong levels of understanding of fundamental information security controls, principles and technology.
    • A comprehensive understanding of Non-Financial Risk Management Framework, operational risk and controls concept, preferably gained through experience in front line or risk control roles.
    • Knowledge of the changing regulatory environment especially in the financial services sector.
    • Proven problem solving skills with ability to consider alternative and lateral solutions.
    • Ability to prioritise and work independently under pressure within a team environment.

     

    Experience

    • Minimum of three years in an information security role in the financial industry or related areas; or 5+ years working experience working in relevant environment e.g. Risk Function
    • Past working experience in a relevant role, i.e. Risk, Compliance, Audit, Data Management.
    • Past working experience on relevant systems, i.e. Helios an advantage.
    • A track record of constantly looking for ways to do things better and an excellent understanding of the mechanism necessary to successfully implement change.
    • Experience of supporting others' performance, enabling them to achieve by providing clear direction, motivation and support.
    • Contributed productively to team objectives, supporting and leading team activities to achieve shared goals.

     

    Leadership capabilities

    • Build and maintain satisfactory working relationships with major counterparties looking at ways to enhance and streamline the branch operational process.
    • Attain and maintain Business Competence through compliance with all local regulations, compliance and risk as well as in accordance with relevant training and competence scheme.

     

    Qualifications

    • Strategy / Vision - Be able to implement a vision and strategy for risk capability within a market and communicate to key stakeholders and get their buy-in. 
    • Influence - Have gravitas that will be obvious to all engaged teams of HSBC, which will enable face off to senior Resilience Risk managers and HOST stakeholders in order to win their confidence and help influence their decisions. Be able to engage with senior business leaders, CROs, COOs, BRCMs, BIROs and board level management.
    • Communication - Have good communication skills to be able to build relationships with key internal & external stakeholders and be able to sell a strategy and vision.
    • Style - A change agent who is not afraid to change the status quo in order to drive Group strategy with the discipline to recognize when existing people, process and technology can fulfill business needs.
    • Academics: Highly desirable – Bachelor degree or above in relevant fields (e.g. BA, BSc, BEng, etc.). Postgraduate degree in a relevant field a plus (MSc, MBA or PhD).
    • Language: Must have business English fluency. Mandarin or another major world language considered as a plus.
    • Strong leadership skills and the ability to use strong judgmental skills to identify and resolve complex problems whilst adhering to timelines and quality of output.
    • Certified CISA, CISSP, CISM are preferred.

     

    You’ll achieve more when you join HSBC.

    www.hsbc.com.cn/careers

     

    HSBC is committed to building a culture where all employees are valued, respected and opinions count. We take pride in providing a workplace that fosters continuous professional development, flexible working and opportunities to grow within and inclusive and diverse environment. Personal data held by the Bank relating to employment applications will be used in accordance with our Privacy Statement, which is available on our website. /TZ

     

    Issued by HSBC Bank (China) Company Limited

    Retour au résultat de la recherche