HSBC Group

Business: Cybersecurity
Open Positions: 1
Recruiter Name: Veronica Zhong

Why join us? 
The TPSA team is tasked with point in time third parties’ information security assessments to enable businesses departments to manage their relationship/service within their risk appetite and minimize the operational risk impacts to HSBC, its shareholders, customers, employees, reputation and brand.

Inadequate risk management of a third party can lead to a failure to meet operational business requirements and/or could impact HSBC customers and/or HSBC employees, involve regulatory breaches, civil or monetary penalties or cause damage to shareholder value and/or to reputation.

The Opportunity: 
The Cybersecurity TPSA Senior Risk Analyst job is responsible for operating as part of a global/local team within the Cybersecurity organisation, to analyse and execute activities around Cybersecurity process, controls, standards, and regulatory requirements.

Job holder is responsible to enable businesses and functions to manage their information security risks and to ensure risk and controls are assessed accurately, objectively and independently through professional and specialized subject matter experts.

What you’ll do: 
Job holder is responsible to enable businesses and functions to manage their information security risks and to ensure risk and controls are assessed accurately, objectively and independently through professional and specialized subject matter experts.

Depending on the work assigned this may include:

• Managing Engagements, Business Impact Assessments, Guidance requests, Quality Assurance
• Conduct initial triage of assessments to validate responses and risk assessments to support the TPSA assessment process.
• Conducting Local and Global TPSAs (reviews, reports, identify deficiencies, quality assurance)
• Engaging with the Global TPSA team to support TPSA work.
• Articulate and explain information security assessment results to business.
• Closure of identified deficiencies (verifying evidence to confirm closure or advise what is needed to close them)

Job holder is responsible to enable businesses and functions to manage their information security risks and to ensure risk and controls are assessed accurately, objectively and independently through professional and specialized subject matter experts.

Depending on the work assigned this may include:

• Managing Engagements, Business Impact Assessments, Guidance requests, Quality Assurance
• Conduct initial triage of assessments to validate responses and risk assessments to support the TPSA assessment process.
• Conducting Local and Global TPSAs (reviews, reports, identify deficiencies, quality assurance)
• Engaging with the Global TPSA team to support TPSA work.
• Articulate and explain information security assessment results to business.
• Closure of identified deficiencies (verifying evidence to confirm closure or advise what is needed to close them)

What you will need to succeed in the role: 
• Minimum Bachelor Degree and/or experience in  operational processes or third party information security reviews in the Financial Services industry or global corporate service provider
• Availability to travel (if required) for this role, i.e. travel within country as well as occasional International travel
• Positive and professional attitude, team player, flexible and adaptable, open to change(s)
• Confident and takes responsibility and ownership for work and personal development
• Good spoken and written communication and ability to adapt style based on audience (Fluent in spoken / written English)
• Ability to communicate technical subject matter to non-technical stakeholders
• Previous experience of delivering an excellent customer service
• Ability to quickly develop good working relationships with stakeholders
• Ability and motivation to learn and pick things up quickly

What additional skills will be good to have? 
• Background - desirable but NOT essential one or more; risk management, Audit, ISR
• Qualifications - desirable but NOT essential one or more; ISO270001, CISA, CISM, CISSP, CRISC

Link to Candidate User Guide: 
https://hsbchrdirect.service-now.com/hrsp?id=kb_article&sys_id=60ce20691ba69010280dc9df1d4bcb56 

You’ll achieve more at HSBC 
HSBC is an equal opportunity employer committed to building a culture where all employees are valued, respected and opinions count. We take pride in providing a workplace that fosters continuous professional development, flexible working and, opportunities to grow within an inclusive and diverse environment. We encourage applications from all suitably qualified persons irrespective of, but not limited to, their gender or genetic information, sexual orientation, ethnicity, religion, social status, medical care leave requirements, political affiliation, people with disabilities, color, national origin, veteran status, etc., We consider all applications based on merit and suitability to the role.” 

Personal data held by the Bank relating to employment applications will be used in accordance with our Privacy Statement, which is available on our website.