HSBC Group

Business: Risk

Open positions: 1

Role Title: VP, Cyber Security Risk Steward, GSC's

Global Career Band: 4

Location: Hyderabad

Recruiter Name :  Priyanka Ochani

Why join us?

• Global Enterprise Risk Management (ERM) is a sub function of Group Risk and Compliance. Its purpose is to make sure HSBC understands and effectively controls its non-financial risk position, through end-to-end oversight of processes, risks, and controls and by robust stewardship of the bank's risk appetite to comply with risk, business and regulatory priorities.  It seeks to strengthen the risk culture across the organisation through the application of effective policies and frameworks that drive consistent risk management practices across our businesses and functions at global, regional and market level.
• The role holder is responsible for overseeing the identification, assessment, and management of cyber security risks across the organization. This role involves ensuring that the company’s digital assets and information systems are secure, compliant with regulatory requirements, and aligned with industry best practices. The role holder will lead a team of cyber security professionals, collaborate with various departments, and act as a trusted advisor to senior leadership on all matters related to cyber risk across HSBC UK including WPB and CMB.

What you’ll do:

The role holder will have in country responsibility to provide WPB and CMB, UKRFB ERM oversight: 

• Leading the identification, assessment, and prioritization of cyber security risks across the HSBC UK.
• Develop and implement risk mitigation strategies and action plans to address identified risks.
• Continuously monitor the threat landscape and update risk management practices accordingly.
• Ensure compliance with relevant cyber security frameworks, standards, and regulations (e.g., NIST, ISO 27001, GDPR).
• Develop and maintain policies, procedures, and standards related to cyber security risk management.
• Conduct regular audits and assessments to ensure adherence to cyber security policies and best practices.
• Manage and mentor a team of cyber security professionals, fostering a culture of continuous improvement and learning.
• Collaborate with IT, legal, audit, and other relevant departments to ensure a holistic approach to cyber risk management.
• Serve as the primary point of contact for senior leadership on cyber security risk issues, providing regular updates and reports.
• Oversee the organization’s incident response program, ensuring rapid and effective response to security incidents.
• Coordinate post-incident analysis and develop strategies to prevent future incidents.
• Ensure that recovery plans are in place and regularly tested to minimize the impact of security breaches.
• Develop and implement cyber security awareness and training programs for employees at all levels.
• Promote a strong security culture across the organization, emphasizing the importance of risk management and compliance.
• Assess and manage the cyber security risks associated with third-party vendors and partners.
• Ensure that vendors comply with the organization’s security standards and contractual obligations.

Leadership & Teamwork 

• Lead and role model for Enterprise risk aligning with the Bank’s strategy, behaviours and values. 
• Challenge and influence to ensure how we manage and quantify our risk exposure and fully embed a strong risk management culture and behaviours is effective.  
• Develop an effective team through communication, performance management, development plans and reward/recognition practices. 
• Strong communication skills to articulate complex risk concepts clearly to stakeholders and senior management, fostering understanding and support.
• Strategic leadership abilities to align risk management activities with the bank's business objectives and promote a culture of risk awareness and accountability.
• Ability to collaborate with cross-functional teams, including IT, compliance, and business units, to address cyber security risks holistically.
• Critical thinking and analytical skills to analyze complex risk data, trends, and scenarios and make data-driven decisions.
• Flexibility and adaptability to navigate changing risk landscapes, emerging threats, and technological advancements in IT and service availability.

What you will need to succeed in the role:

• In-depth knowledge of cyber security frameworks, standards, and regulations.
• Strong understanding of risk management principles and practices.
• Excellent leadership and team management skills.
• Strong analytical, problem-solving, and decision-making abilities.
• Excellent communication and interpersonal skills, with the ability to influence and engage stakeholders at all levels.
• Experience with incident response, threat intelligence, and vulnerability management.

Link to Candidate User Guide:

https://hsbchrdirect.service-now.com/nav_to.do?uri=%2Fhrsp%3Fid%3Dkb_article_preview%26sys_id%3D0c6b11641b6a9810cec0553a2d4bcb2a

You’ll achieve more at HSBC

HSBC is an equal opportunity employer committed to building a culture where all employees are valued, respected and opinions count. We take pride in providing a workplace that fosters continuous professional development, flexible working and, opportunities to grow within an inclusive and diverse environment. We encourage applications from all suitably qualified persons irrespective of, but not limited to, their gender or genetic information, sexual orientation, ethnicity, religion, social status, medical care leave requirements, political affiliation, people with disabilities, color, national origin, veteran status, etc., We consider all applications based on merit and suitability to the role.”

Personal data held by the Bank relating to employment applications will be used in accordance with our Privacy Statement, which is available on our website.

                                          ***Issued By HSBC Electronic Data Processing (India) Private LTD***