HSBC Group

• Providing the first line of defense (1LOD) for the organization for all matters relating to Cryptography controls. Drive implementation of controls to protect the group’s key data.

• Risk Management: Maintaining the accuracy and alignment of the CRYP control to the bank’s Risk Control framework.

• Controls Governance: Control Design and Continuous Control Monitoring - MPs/OIs enhancements, Control effectiveness rationale. Managing, reporting, and improving performance metrics (KCIs).

• Compliance: Ensure Cryptography controls align with relevant regulations, standards, and industry best practices, and support compliance efforts. Maintain internal control standards, including timely implementation of internal and external audit points together with any issues raised by external regulators.

• Stakeholder Management: 2LoD/3LoD engagement - Responding to informal control queries and formal review and challenges and observations. Collaborate with senior stakeholders to facilitate understanding and alignment of CRYP control objectives, including business units, audit and regulators. Providing specialist knowledge and timely feedback, working in partnership with those stakeholders.

• Cross Controls Collaboration: Foster a community of collaboration/knowledge sharing across all Control Owners in Global Defense - understanding the implication a change in one control area has on other control areas. Building and maintaining constructive working relationships with a diverse community of technical and non-technical audiences.

• Training and Awareness: Develop and deliver training and awareness programs to educate stakeholders and communities within Cyber about the Cryptography control strategy.

• Technical Background: We are looking for someone who brings a deep understanding of technology (preferably in the Cryptography area) or who is willing to build up knowledge quick.

• Communication skills: Communication is key in that role. The CRYP Control Owner must be able to communicate complex technical information to non-technical stakeholders and explain Cryptography control policies and procedures in a clear and concise manner. The control owner must be able to communicate with stakeholders on senior level, addressing challenges and feedback.

• Collaboration skills: The CRYP Control Owner must be able to work effectively with cross-functional teams, including Cybersecurity and business units to ensure that Cryptography control strategies align with organizational goals and requirements. It is key that the Control Owner stays on top of developments in other controls areas.

• Stakeholder management skills: The CRYP Control Owner must be able to manage relationships with stakeholders, including business units and audit/regulatory bodies, to ensure that Cryptography control strategies are well received and adopted.

• Problem-solving skills: The CRYP Control Owner must be able to identify and remediate challenges in (governance) processes and must be able to get technical consultancy from the Cryptography Capability Lead to respond to issues.

• Additional bonuses for recognition awards

• Multisport card

• Private medical care

• Life insurance

• One-time reimbursement of home office set-up (up to 800 PLN).

• Cafeteria platform

• Employee assistance program

• Additional contributions to PPK scheme

• Corporate parties & events

• CSR initiatives

• Nursery discounts

• Financial support with trainings and education

• Social fund

• Flexible working hours 

• Free parking