CRCS Business Engagement Lead for MSS and Wholesale

Some careers shine brighter than others.

If you’re looking for a career that will help you stand out, join HSBC, and fulfil your potential. Whether you want a

career that could take you to the top, or simply take you in an exciting new direction, HSBC offers opportunities,

support and rewards that will take you further.

Your career opportunity

The CRCS Business Engagement Lead will play a key role in coordinating activities required to implement the Cybersecurity Risk and Controls Strategy across the global businesses and functions. This role will report into the Global Head of CRCS Business Engagement, and closely collaborate with the CRCS Business Engagement Leads supporting regions and businesses HSBC operates in, as well as with the rest of core CRCS functions. The key part of the role will be establishing and executing processes across all global businesses and functions, to strengthen engagement for control design and monitoring, tailoring reports, metrics, and management updates across all tiers of the organisation.

The ideal candidate will possess strong leadership and communication skills, a wide knowledge across all cybersecurity domains and strong experience in managing international teams and stakeholders. The role holder will be required to manage senior stakeholders including the regional and business CIOs and COOs; Cybersecurity Leadership and staff; regional, in-country, and global business teams; Chief Controls Office (CCO) Technology, 2LoD Resilience Risk and 3LoD Internal Audit teams. 

What you’ll do

• Build out and manage the CRCS Business Engagement activities to support the Global Businesses and Functions.
• Work closely with core CRCS functions and the wider Cybersecurity teams to ensure the designed controls are embedded, fully understood, and adhered to, emphasising the adoption on business and geographical level.
• Represent CRCS in regional and business senior management forums. 
• Work with the Control Owners, 2LoD, 3LoD and CCO Technology to ensure that the Cybersecurity owned controls in the Risk and Controls Library and federated controls owned by the business, are designed according to the Bank’s requirements and industry standards and best practises (e.g., NIST FSS).
• Work with Cybersecurity Control Design and Continuous Control Monitoring teams to ensure local control issues are properly fed into global control design, monitoring and governance.
• Work with Cybersecurity MI & Reporting team to feed requirements from the business and geographies, ensuring continuous evolution of MI reporting, tailored to our global audience.
• Work with Cybersecurity Risk & Control Strategy (CRCS) teams to ensure that the measurements defined provide sufficient data for regional and business stakeholder reports and are aligned with the Cyber Risk Quantification (CRQ) model.
• Support the Global Head of CRCS Business Engagement with designing, managing, and maintaining processes and engagement model for the CRCS Business Engagement function.

What you need to have to succeed in this role

• Strong Risk and Controls Background. This includes but is not limited to controls design and implementation and control assessment, as well as MI and executive reporting. 
• Wide general cybersecurity knowledge; understanding of cybersecurity concepts such as threats, vulnerabilities, attack vectors, inherent/residual risk.
• Understanding of regulatory landscape.
• Understanding metrics and measures in managing risks and controls (KPIs, KCIs, KRIs) is a must.
• Nice to have: familiarity with the NIST Cyber Security Framework (CSF); knowledge of Centre for Internet Security (CIS) Measures and Metrics; experience with GRC Tools (such as HELIOS, ServiceNow, Archer).
• Strong stakeholder management and communications skills.
• Experience within fast-moving, complex, and demanding corporate environments where Cybersecurity controls issues must be handled on a large scale and with a need to multi-task whilst dealing with ambiguity and change.
• Being influential, credible, and persuasive active listener. Having good judgement and demonstrating high level of communication skills to achieve effective stakeholder management.  

What we offer

• Competitive salary
• Annual performance-based bonus
• Additional bonuses for recognition awards
• Multisport card
• Private medical care
• Life insurance
• One-time reimbursement of home office set-up (up to 800 PLN).
• Corporate parties & events
• CSR initiatives
• Nursery discounts
• Financial support with trainings and education
• Social fund
• Flexible working hours
• Free parking

If your CV meets our criteria, you should expect the following steps in the recruitment process:

• Online behavioural test (for external candidates only)
• Telephone screen (for external candidates only)
• Zoom interview with the hiring manager.

We are looking to hire as soon as possible so don’t wait and apply now!

You'll achieve more when you join HSBC.