Job Description

Some careers shine brighter than others. If you’re looking for a career that will help you stand out, join HSBC and fulfil your potential. Whether you want a career that could take you to the top, or simply take you in an exciting new direction, HSBC offers opportunities, support and rewards that will take you further. HSBC is one of the largest banking and financial services organisations in the world, with operations in 64 countries and territories. We aim to be where the growth is, enabling businesses to thrive and economies to prosper, and, ultimately, helping people to fulfil their hopes and realise their ambitions. In this role, you will: - Create forward looking view of what the strategy should be with regard to Risk & Control in AM IT - Build and maintain relationships within WPB Cyber, CCO tech, ITSO, AM CITRO, Risk and Control Organization, ITID and 2nd line risk - Drive culture change around Risk & Control. Consult on technology projects, providing support during IT audits. Share best practice with the WPB Risk and Control Organization - Provide guidance and help to IT delivery teams regarding security solutions to enable faster delivery of IT Systems. Collaborating with IT development teams and other HSBC teams working closely in a DevOps and agile development processes - Support the Safe and Secure development framework ensuring developers are coding in-line with security standards, practices and industry best-practice - Partner with the AM business and Risk Functions to promote and provide support to relevant policies, standards and governance within AM IT - Provide regional stakeholder updates with respect to global IT Control uplift programs. Support IT engagement with internal / external / client audit and Regulatory Exams, including oversight of field work, collation of artefacts and partnership with CCO tech to remediate issues - Attend relevant governance forums and where applicable provide appropriate MI - Prepare the RCMM deck. Communicate residual risk through reporting, business governance processes and forums To be successful in this role, you should meet the following requirements: - Must have minimum 8-12 years of total experience. - Should be able to partner and contribute to the risk & control agenda for AM IT - Should be able to deliver risk & control projects and programmes for AM IT - Should be able to assist service owners in responding appropriately and effectively to firm-wide risk, cyber, internal, and external audits - Should be able to contribute in evidence collection in delivery of external audits. Partner with service owners, AM CITRO and 2nd line risk to identify and assess controls, determine mitigating actions and remediation activities, and understand the overall risk profile - Should be able to support initiatives to improve accuracy across all Enterprise Golden Source data repositories - Have ability to provide technical knowledge to support secure development of applications and remediation programs - Be capable to provide visibility of status of action plans and external/internal audit issues. Coordinate response to ICMP testing - Capable to support in mitigation of Risk Issue and Action Plan. Challenge where appropriate, decisions made on control implementation - Be able to review allocation of issues to AM IT and agree categorization of high/medium/low with audit and CCO tech - Should be able to approve the raising and closure of regional IT issues, action plans, but look to automate process. Fulfil DBIRO responsibilities for AM IT - Have ability to advocate security policies and standards to wider IT team. Support new IT projects with initial risk assessment, providing consultancy and guidance on controls and policies. - Be able to support where necessary key WPB/HSBC security uplift initiatives and contribute to review of security standards and procedures - Be able to provide support for automated application security tooling working with Cybersecurity as necessary. Interpret and advise on the results from security testing to both technical and non-technical audiences You’ll achieve more when you join HSBC. www.hsbc.com/careers HSBC is committed to building a culture where all employees are valued, respected and opinions count. We take pride in providing a workplace that fosters continuous professional development, flexible working and opportunities to grow within an inclusive and diverse environment. Personal data held by the Bank relating to employment applications will be used in accordance with our Privacy Statement, which is available on our website. Issued by – HSBC Software Development India