Career Center > Job Seekers
> Job Search
Apply Now |
Forward Job to a Friend |
More Jobs From This Employer
||Arlington Heights, IL
|| Accounting/Auditing, Finance/Economics, Financial Services, Information Technology, Installation, Maintenance, and Repair, Law Enforcement, and Security, Legal, Quality Control, Research & Development
Cyber Security Governance Risk and Compliance Lead|
The Cybersecurity Governance Risk and Compliance Lead for the region is charged with protecting the HSBC brand, shareholder value, information assets and financial assets within the respective region through;
- Develop and maintain strong relationships with the Regional Head of Cybersecurity to identify and ensure regional/country specific legal and regulatory requirements are met.
- Maintain oversight of the regional risk profile, appetite, incidents and control effectiveness and provide robust risk challenge to the same audience when cyber security risk appetites are breached.
- Work with the overall GRC team who provide centralised reporting (including KPI/KRI/KCI’s) to support the regional reporting into regulators and other internal and external stakeholders with regards to the Group’s risk appetitie and control effectiveness.
- Drive an an effective engagement and governance process across the region that is demonstrably adding value to all target stakeholders.
- Work with the Cybersecurity Communications & Training team to ensure that cyber related training and awareness has been delivered for for all relevant Regional stakeholders
- Provide oversight and delivery of metrics and reporting in to the revelant regional governance committees.
- Provide oversight and and support regional stakeholders in managing regulatory compliance requirements across major markets driving a response to regulatory enquiries and exams.
- Provide regional input into the defintion of security standards based on policies defined by the ISR function, lead the Cyber Security Agenda and and oversee effectiveness of controls to ensure regional compliance with policies and standards across the region.
- Cordinate regional responses to Third Party / Client questionnaires and enquiries received by HSBC
- Work with the Regional Head of Cybersecurity to
- proactively track, challenge and drive to closure all Cybersecurity owned issues (i.e. audits, MSII’s) and maintain oversight of IT Security’s control environment within the region
- Proactively manage the gaps identified during security testing activities through established governance to drive remediation of gaps and track to closure.
- Organizational reporting: The role will report functionally to the Global Head of Cybersecurity Governance, Risk and Compliance with a dotted line to the Regional CISO
Impact on the Business
- Protect the Bank. Protect the bank via proactive regulatory risk reduction actions. Ensure regulatory reporting is consistent across regions / businesses and centrally track reporting through governance committess, maintain a rolling agenda for review.
- Risk vs. Reward Decision Making. Make informed and educated risk decision making. Make appropriate commercial / financial institution risk vs reward security decisions.
- Driving sustainable growth. Develop the compliance awareness, engage with colleagues across the functions and businesses departments to deliver sustainable risk and compliance solutions. Lead and facilitate change through effective communication, preparation and implementation.
- Achieving excellence. Drive business performance, compliance and security.
- Risk Reduction. Work with key stakeholders (IT and business) to proactively drive reduction in IT Security risks and to improve the security risk posture of HSBC within the business risk appetite.
- Awareness. Improve awareness of IT Security risks / threats across IT and the business.
Customers / Stakeholders
- Customer focus. Lead a customer- led and direct the wider reporting function, both on-shore and off-shore. Engage with relevant programmes and initiatives that impact upon governance, compliance and risk reporting. Deliver fair outcomes for our customers and ensure own conduct maintains the orderly and transparent operation of financial markets.
- Strengthening stakeholder relationships. Engage with senior stakeholders across all three lines of defence to recognise management and governance reporting requirements within major businesses and entities and at Group level. Provide support to the LISOs and BIROs with regards to engagement with external stakeholders and regulators, through provision of data as regards support the risk posture to the control enviornment.
- Understanding markets and customers. Understand the financial services industry security and threat landscape. Analyse, interpret and communicate developments in the customer's and business segment's local marketplace.
Leadership & Teamwork
- Develop and communicate a clear vision for 1LoD Governance, Compliance and Risk activity that is aligned to the overall HSBC vision, Values and goals, and inspire and engage people to create an inclusive, high performing, customer-centered culture.
- Lead, develop and motivate the leadership team to attract, retain and develop the capacity, capability and talent to provide for succession and ensure delivery of business objectives.
- Set expectations, share best practice and manage, monitor, coach and develop leaders and others to ensure that they maximise their performance, meet the required standards, and continuously develop their capabilities and experience.
- Lead and encourage constructive cross-country and cross-business teamwork by demonstrating collaboration and matrix management in action and taking prompt action to address any activities and behaviours that are not consistent with HSBC's diversity policy and/or the best interests of the business and its customers.
Operational Effectiveness & Control
- Lead the continuing development, implementation and improvement of the processes, structures, capabilities, capacity and infrastructure needed to deliver agreed plans and targets. Collaborate with colleagues to maximise end to end integration, effectiveness and efficiency.
- Establish and maintain a robust and efficient control environment across IT Security to ensure good operational, financial and project management and compliance with HSBC policy and procedures, together with early identification and effective resolution or escalation of issues that arise
- Lead the development, implementation and maintenance of a global management information, analysis and reporting framework that supports and informs timely and effective business management and decision making at all levels.
- Lead the implementation and oversight of the IT Risk standards and governance frameworks, procedures and practices to ensure quality, effective risk management and regulatory compliance.
Management of Risk
- The jobholder will ensure the fair treatment (service excellence) of our customers is at the heart of everything we do, both personally and as an organisation.
- The jobholder will also continually reassess the IT Security and operational risks associated with the role and inherent in the business, taking account of changing economic or market conditions, legal and regulatory requirements, operating procedures and practices, management restructurings, and the impact of new technology.
- This will be achieved by ensuring all actions take account of the likelihood of operational risk occurring. Also by addressing any areas of concern in conjunction with entity management and/or the appropriate department.
Observation of Internal Controls
- Maintains HSBC internal control standards, including timely implementation of internal and external audit points together with any issues raised by external regulators.
- The jobholder will also adhere to and be able to demonstrate adherence to internal controls. This will be achieved by adherence to all relevant procedures, keeping appropriate records and, where appropriate, by driving the timely implementation of internal and external audit points, including issues raised by external regulators, and internally identified IT security risks.
- The jobholder will implement the group compliance policy by containing compliance risk in liaison with Global Head of Compliance, Global Compliance Officer, Area Compliance Officer or Local Compliance Officer. The term ‘compliance’ embraces all relevant financial services laws, rules and codes with which the business has to comply.
- This will be achieved by adhering to all relevant processes/procedures and by liaising with compliance department about new business initiatives at the earliest opportunity. Also and when applicable, by ensuring adequate resources.
HSBC is blazing the trail for African-American colleagues, check it out:
As you complete your online application, please use source code: Historically Black Colleges
and Universities. If you would like to notify HSBC's Diversity Recruiting team of your application, please e-mail
Qualifications & Requirements
Typically educated to degree level, within IT and Risk. Industry qualifications (CISSP, CISA, CISM).
8 years experience in Governance, risk and compliance.
Regulatory engagement, experience in dealing with compliance matters, and regulatory liaison.
Knowledge of regulatory requirements.
Ability to build strong relationships and communicate on complex issues with a wide spectrum of stakeholders.
Understanding of business finance and experience of effective managment of budgets and expenditure
Comprehensive understanding of banking and security in context of wider industry trends and direction