Cybersecurity Controls Oversight Manager

Some careers shine brighter than others.

If you’re looking for a career that will help you stand out, join HSBC, and fulfil your potential. Whether you want a career that could take you to the top, or simply take you in an exciting new direction, HSBC offers opportunities, support and rewards that will take you further.

Your career opportunity

Cybersecurity Controls Oversight Manager will play a key role in the monitoring and assessing effectiveness of the Cybersecurity control environment. The role holder will also be tasked with defining and maintaining operational control instances, their measurement, Policies, Procedures and Standards for Group Cybersecurity.

Whilst the job holder will be based in Krakow, Poland, this is a Global role covering Global Cybersecurity Controls applicable to all countries and legal entities.

What you’ll do

• Represent Cybersecurity Controls in senior management forums.

• Work with the Control Owners and other stakeholders to ensure timely execution of self-assessments.

• Collect and maintain accurate evidence and maturity scoring reviews for cybersecurity controls.

• Ensure that the defined controls are compliant with Legal/Regulatory/Internal requirements and that measurements provide sufficient data for stakeholder reports;

• Work with Enterprise Risk Management, Chief Control Office and Audit (internal and external) to ensure that the Cybersecurity owned controls are monitored, assessed and tested according to the internal requirements, Risk Management Framework (RMF) and industry standards and best practices.

• Manage escalation of issues through appropriate channels based on the results of oversight process.

• Ensure improvement actions are updated regularly and aligned to the control objectives

What you need to have to succeed in this role

• Risk and Controls Background: subject matter expertise in Control Monitoring and Assessment, ability to translate difficult IT concepts into business-friendly language, experience with Technology risks and controls. 

• Technical background: knowledge of Cybersecurity – at least a generalist with specialist area expertise welcome, possession of recognized certificates will be an advantage, understanding of metrics and measures in managing risks and controls (KCIs, KRIs, KPIs) is a must, technical writing skills and highly proficient use of written English is required to ensure quality output for Control, Policies, Procedure and Standards design and maintenance.

• Strong stakeholder management and communications skills: experience of working at an operational level in international environments which drive a true international perspective; managing stakeholders including the Group CISO, Cybersecurity Leadership and staff, Chief Controls Office and Resilience Risk teams.

• Team-oriented mentality combined with ability to complete tasks independently to a high-quality standard: experience within fast-moving, complex and demanding corporate environments where Cybersecurity controls issues must be handled on a large scale and multi-task.

• Interpersonal Skills: influential, credible and persuasive, active listener embraces HSBC Values, shows good judgement and demonstrates high communication skills to achieve effective stakeholder management.  

What we offer

• Competitive salary

• Annual performance-based bonus

• Additional bonuses for recognition awards

• Multisport card

• Private medical care

• Life insurance

• One-time reimbursement of home office set-up (up to 800 PLN).

• Corporate parties & events

• CSR initiatives

• Nursery discounts

• Financial support with trainings and education

• Social fund

• Flexible working hours 

• Free parking

If your CV meets our criteria, you should expect the following steps in the recruitment process:

• Online behavioural test

• Telephone screen

• Zoom interview with the hiring manager 

We are looking to hire as soon as possible so don’t wait and apply now!

You'll achieve more when you join HSBC.