Job Description

Job description

Some careers have more impact than others.

If you\xe2\x80\x99re looking for a career where you can make a real impression, join HSBC and discover how valued you\xe2\x80\x99ll be. Whether you want a career that could take you to the top, or simply take you in an exciting new direction, HSBC offers opportunities, support and rewards that will take you further.

HSBC Digital Business Services is a pivotal part of the Group, providing essential operational and technical support to our global businesses and helping improve customer service and efficiency. Digital Business Services combines global expertise and technology to help keep us ahead of the competition.

We are currently seeking a high calibre professional to join our team as a Cyber Information, Technology and Third Party Risk Officer.

Principal Responsibilities

Provide Information Security Risks related advisory and consultation \xe2\x80\x93 When required by the business, the CITTPRO can operate in a consultancy capacity for information security risks, on both an ad hoc and organised basis. This consulting role facilitates the maintenance of a framework of controls appropriate to the line of business and in line with the business\xe2\x80\x99s risk appetite.

• Support the relevant business/function with the implementation of Information Security controls \xe2\x80\x93 This also may involve supporting the implementation of ISR projects/programmes including but not limited to:

• Training and Awareness
• Securing Information (Storage, Transfer, Use, and Disposal)
• Secure Email/Email Monitoring
• Incident Management/Data Leakage Prevention
• End User Computing (EUC)
• Third Party Risk Governance
• Securing Third Party Data Transfers
• Support the business with the implementation of Systems and Data Integrity (SDI) controls

• This may involve supporting the implementation of remedial actions relating to SDI including but not limited to:

• Business Continuity, including IT Service Resilience and Data Back-up and Recovery Access Management
• Evergreening
• Incident Management
• Configuration Management
• IT Configuration Management and Governance
• Maintain oversight on all Third Party Management (TPM) risks and ensure continuous monitoring of Key Indicators which reflect the effectiveness of the controls for Third Party Risk. The CITTPRO is expected to participate in the Third Party Oversight Committee (TPOC) to represent the TPEMS within the relevant business/function to report the risk metrics of business engagements, and ensure processes and procedures are available to TPEMs as guidance and are complied with
• In addition to these key responsibilities, the CITTPRO will be expected to:

• Actively challenge poor, inefficient or excessive controls, related tasks and behaviours and identify and drive thematic control reviews across the businesses/functions
• Support the relevant business/function with identification and management of their Information Security and Third Party
• Provide regular reporting to the relevant business/function and/or the Non-Financial Risk team on risk management and project progress, as required
• Engage business/function management to ensure ownership and remediation of control issues raised from internal/external audits, controls assurance and regulatory changes amongst others
• Participate in the relevant conferences and meetings with regional/global business/function/ISR teams and IT Security structure and ensure any Singapore specific views or concerns are shared
• Engage with and support relevant projects/initiatives emanating from Global ISR or Cyber Security
• Assess whether business projects adhere to Information and Cyber Security practices and raise awareness of the need to remediate any identified issues

Requirements

• Prior experience in a Risk Management or Controls role (in either first, second or third line of defence) within a global organization, working across cultures
• Familiarity with Cyber and Information Security Risks, preferably with relevant professional qualifications
• Experience in managing third party suppliers/vendors, with good understanding of MAS and ABS outsourcing guidelines/requirements
• Proactive and delivery focused to ensure individual and team tasks are completed on time and to the required levels of quality
• Strong communication and interpersonal skills
• Able to multi-task and work well under pressure
• Strong business and commercial knowledge (in particular WPB), would be an added advantage

To be considered for this role, the relevant rights to work in Singapore is required.

You\xe2\x80\x99ll achieve more when you join HSBC.
www.hsbc.com/careers

HSBC is committed to building a culture where all employees are valued, respected and opinions count. We take pride in providing a workplace that fosters continuous professional development, flexible working and opportunities to grow within an inclusive and diverse environment. Personal data held by the Bank relating to employment applications will be used in accordance with our Privacy Statement, which is available on our website.

Issued by The Hongkong and Shanghai Banking Corporation Limited.

eFinancialCareers