Job description

Some careers prize diversity more than others.
If you’re looking for a role where you can continue to make an impression, take the next step at HSBC where your contributions will always be valued.

The Group CIO Chief Control Office (GCIO CCO) plays a key role in ensuring the bank operates within its risk tolerances and appetite by embedding effective risk and control management across GCIO. This role sits within the Global Head of Controls, Asia and Middle East (AME) Technology area and is responsible for providing governance, oversight, and execution of risk and control management processes across the GCIO AME organisation, evolving a culture of continuous and consistent risk management.

Role

As the Senior Control Manager, Governance Lead you will  be responsible for driving governance responses, developing high quality insights to risk committees, oversee compliance adherence and enhance stakeholder accountability in technology risk management. 

Key Responsibilities:  
Support the Global Head of Controls, Asia and Middle East Technology. This includes (but is not limited to);

Risk and Control Governance

  • Lead the Governance function across Asia and Middle East Technology ensuring robust oversight of risk and control frameworks.
  • Develop and support the creation of monthly Technology Risk and Control Management meeting packs, analysing governance processes, including:
    • Adherence to Risk and Control frameworks
    • Issue and Control Management
    • Read-Across activities
    • Operational Resilience vulnerabilities management
    • Represent the organization in group-wide Risk and Control Management working groups and forums, ensuring alignment with enterprise-wide risk strategies.
    • Prepare high-quality technology risk and control governance papers, clearly defining risk positions and outline mitigation strategies.
  • Lead governance reporting processes, delivering executive-ready insights for senior management and key regulatory discussions.
  • Monitor and track governance-related action items from risk management meetings, ensuring timely progress and completion by GCIO functions.
  • Strengthen governance frameworks by embedding technology controls and monitoring compliance with regulatory standards.
  • Collaborate with stakeholders across Asia and the Middle East, driving consistency in risk management and control implementation.
  • Support Risk and Control leadership, assisting with ad-hoc requests, urgent issues, and crisis response.
  • Enhance IT Stakeholder Engagement & Accountability by partnering with CIOs, risk teams, and business units to ensure governance expectations are effectively communicated and implemented.
  • Keep Senior Management informed on policy changes, operational risk developments, and projects impacting their areas of responsibility

Furthermore:

  • Establish a strong working relationship with the business, function aligned GCIO areas and their CCO teams 
  • Support efforts to continuously improve the control environment, monitoring of risk, including behaviours  
  • Help identify trends to anticipate future developments in the risk and control environment  
  • Actively raise and challenge poor, inefficient or excessive controls, related tasks and behaviours    
  • Support the development and implementation of future-fit risk management frameworks  

Impact on Business/Function

  • Developing, aligning and translating strategies and plans to achieve business and functional goals    
  • Analysing and interpreting risk and control related information to provide insight and improvement with clear and measurable outcomes.
  • Delivering clear, concise and consumable messages based on good evidence and informed judgement that support risk and control related decision making
  • Driving improvements to information metrics and processes to strengthen risk management and internal control 

Customers/Stakeholders:

  • Stakeholder management is multi-faceted across geographies, Businesses and Functions. 
  • Presenting and reporting complex risk and control information in ways that are meaningful for different stakeholders  
  • Applying professional understanding, expertise and judgement to oversee the health of the end-to-end control environment 
  • Monitoring and analysing the performance of the control environment to drive more effective design and operation of controls     
  • Leveraging opportunities to implement more automated, effective and cost-efficient controls and measures of effectiveness  
  • Providing advice, support and challenge to stakeholders to help them understand and manage controls and risks effectively

Leadership & Teamwork:

  • Lead by example, demonstrating core behaviours and values including teamwork, focus, drive and determination.
  • Act in a manner that transparently promotes the organisations values and delivers in an aligned manner. 
  • Cultivate an environment that supports diversity and reflects the HSBC brand 
  • Influences greater effective and open team communication and collaboration 
  • Developing, aligning and translating strategies and plans to achieve business and functional goals  
Requirements

In order to apply for this role, you will have the following:

  • Deep expertise in technology risk management, governance, and frameworks.
  • Understanding of Operational Resilience, Cybersecurity, and IT Risk frameworks (e.g., NIST, COBIT, ITIL).
  • Strong written and verbal communication with ability to craft clear, concise, and high impact governance papers that provide insight into the risks and remedial actions.
  • Experience working with senior stakeholders, regulatory responses, and cross-functional risk committees.
  • Flexible and adaptable being able to manage and prioritise competing demands in a demanding environment
  • High level of attention to detail, and ability to lead activities
  • Strong stakeholder engagement skills, with the ability to influence senior executives and regulatory bodies.
  • Experience in governing risk forums, working groups, and technology risk committees.
  • Strategic thinker with the ability to execute under pressure, responding to urgent risk matters effectively.
  • A desire to find ways to continually improve the service delivered.
  • Identifying, defining and solving problems that impact on your work or the wider business
  • Certifications such as CGRC, CRISC, COBIT, or ITIL would be desirable.
  • Experience with regulatory bodies and engagement is advantageous.
  • A Bachelor’s Degree is needed in order to obtain a UAE work permit. 
Retour au résultat de la recherche