Job description

Some careers have more impact than others.

If you’re looking for a career where you can make a real impression, join HSBC and discover how valued you’ll be. Whether you want a career that could take you to the top, or simply take you in an exciting new direction, HSBC offers opportunities, support and rewards that will take you further.

Our GCIO organisation plays a critical role for the bank. This team partners with the businesses to build the platforms, systems, and products that our customers use every day. We keep people’s money and data safe, and are at the forefront of driving innovation for our businesses, customers, and colleagues.

We are currently seeking a high calibre professional to join our team as a CISO – CIB Global Trade Solutions (GTS) and CIB Asia and Middle East.

Role purpose (overall high level summary of the role)

The CIB GTS and CIB Asia and Middle East Chief Information Security Officer (CISO – CIB GTS and CIB AME) is responsible for the execution and continuous improvement of a best-in-class, Cybersecurity capability across their Global Business/Global Infrastructure(s) (GBGIs) and any market jurisdictions, as assigned. The role involves translation of highly technical Cybersecurity concepts into consumable language, in order to drive continuous assessment of cybersecurity and information risk in light of established risk appetites and a constantly evolving cyber-threat landscape.

The CISO – CIB GTS and CIB AME will manage a team of staff which is commensurate with the nature of the assigned GBGI, including its size, scope, and jurisdictional exposure.  The CISO – CIB GTS and CIB AME reports into the CIB & Americas/Europe CISO who is responsible for circa 50 staff.  

Principal Accountabilities and Responsibilities

  • The CISO – CIB GTS and CIB AME assists with definition of the global Cybersecurity strategy and ensures its execution through GBGI- and Globally-led programmes that provide adequate, embedded, and effective protection of the firm’s information and technology assets.  To achieve these goals, the CISO – CIB GTS and CIB AME must possess significant senior executive management experience delivering a best-in-class cybersecurity practice in large and complex, multinational organizations.  In addition, the CISO – CIB GTS and CIB AME will be required to represent evidence that demonstrates control and operational effectiveness by the CISO – CIB GTS and CIB AME’s assigned Global Businesses and Functions, various Board-level committees as well as applicable financial services regulators.

     

The role holder will:

  • Possess an entrepreneurial approach solving complex information and cybersecurity challenges, strong visionary leadership and communication skills, coupled with deep domain knowledge of information and cybersecurity best practices, experience of embedding these within an organization, and be able to drive a security-first culture across all aspects of the assigned GBGI

  • Manage stakeholders including the GBGI CIO, GBGI/Entity Board(s), GBGI COO(s) and GBGI CEO(s) as well as with Cybersecurity Leadership and staff, and external bodies. These include key regulators which apply to the assigned GBGI and its associated jurisdiction(s).

  • Ensure appropriate oversight mechanisms and high standards of internal control, to ensure the identification of emerging threats in the GBGI Cybersecurity landscape are in place.

  • Provide GBGI ownership and implement Cybersecurity best practice, standards and governance frameworks, mapping and adjusting controls to the evolving Cyber threat landscape. The position enhances operational controls, ensuring appropriate tools, Cybersecurity frameworks are adopted, assigned to and owned by stakeholders across the assigned GBGI 

  • Act as a single point of contact for Cybersecurity risk reporting to relevant Board(s), Committees, and other governance forums, as appropriate

  • Drive customer focus, leading a customer-centered culture, championing activities encouraging outstanding customer advocacy. Proactively seeks opportunities to maximise Cybersecurity strategy to improve GBGI operations

  • Set the tone and direction of GBGI Information and Cybersecurity practices and assist with definition of global Cybersecurity standards across the entire HSBC Group to proactively increase Cybersecurity awareness, ownership and Cyber risk reduction

  • Focus on GBGI First Line of Defence activities across Identify, Protect, Detect, and Respond pillars of the NIST Framework

  • Ensure continuous assessment and improvement of the control environment relative to the evolving Cyber threat landscape

  • Work with stakeholders in respective GBGI to support the resolution / remediation of security incidents

  • Drive continuous engagement with GBGI senior executive management (such as COOs and CEOs) to provide expert knowledge that influences how to best manage information and cybersecurity risk exposure within business risk appetite, which will impact on their wider organisations

Leadership & Teamwork  

  • Management responsibility for the GBGI Cybersecurity function. 

  • Execute the global Cybersecurity strategy within the assigned GBGI 

  • Provides strong leadership of a high calibre team ensuring high engagement and motivation levels. 

  • Consults and advise senior stakeholders across the GBGI to influence sustainable decisions that protects and enhances HSBC’s values, reputation and stakeholder value

  • Actively encourages a learning culture, encouraging collaboration and cross-functional working to develop and nurture teams and identify Cybersecurity talent.  Promotes an environment that supports diversity, inclusion and reflects HSBC Technology Brand and values

  • Authentically engages a diverse group of stakeholders, internally and externally to the assigned GBGI and Cybersecurity, to influence the achievement of best outcomes for all stakeholders

  • Represent the Global Business/Global Function with appropriate industry fora in order to enable shaping of industry best practice and to guide the regulators

  • Builds rapport and mutual understanding to communicate and create opportunities for cross-business working encouraging continued engagement in awareness and ownership of Cybersecurity risks, in line with the defined Group strategy. Encourages team to build sustainable relationships beyond transactional levels and use empathy and insight to build better understanding of mutual benefits

Requirements

Functional Knowledge

  • Functional Expertise – Significant, industry leading subject matter expertise in Cybersecurity together with a broad technology and risk management experience. This includes but is not limited to cybersecurity control design and implementation, operational process and incident response along with creating and leading a high-performance global Cybersecurity team
  • Corporate Exposure – Extensive leadership experience within fast-moving, complex and demanding corporate environments where Cybersecurity issues have to be handled on a large scale and with a need to multi-task whilst dealing with ambiguity and change
  • Team Leadership – Experience of having led international projects/initiatives with a team of Cybersecurity professionals, raising standards within the function and improving the profile of Cybersecurity across a large, complex, international organisation.  Ability to motivate people and transform the function into a world-class Cybersecurity organisation

Opening up a world of opportunity
http://www.hsbc.com/careers

HSBC is committed to building a culture where all employees are valued, respected and opinions count. We take pride in providing a workplace that fosters continuous professional development, flexible working and opportunities to grow within an inclusive and diverse environment. Personal data held by the Bank relating to employment applications will be used in accordance with our Privacy Statement, which is available on our website.

Issued by The Hongkong and Shanghai Banking Corporation Limited.

返回搜索结果