The GCIO Chief Control Office (CCO) team plays an important role in enabling the bank to operate within its risk appetite by ensuring efficient and effective risk and control management. We do this by providing operational risk and control expertise, specialist technical knowledge and a deep understanding of the businesses and functions we serve.
Key activities include implementation and oversight of the Group’s Risk Management Framework, ongoing and targeted controls assessments, implementing and maintaining robust risk governance, and championing a proactive risk culture. GCIO CCO works closely with partners across all lines of defence and is responsible for maintaining positive relationships with our regulators and external partners.
The role is part of a global team and will be expected to support and collaborate with other team members across multiple regions, as well as manage their portfolio in maintaining an acceptable risk profile.
responsibilities :
Partnering with the CISO CCO to oversee the risk and control portfolio related to the services Cyber Operations and Intelligence (COI) provides to the Group. COI capabilities include Cyber Operations, the Security Operations Centre, Cyber and Data Incident Management and Threat Intelligence.
You will be a leader within the GCIO Chief Control Office (GCIO CCO) Function that directly supports the Group CISO within HSBC.
Act as trusted advisor for senior management by partnering to manage their operational risk i.e., risk assessments, control environment, issues management.
Promote accountable risk and control decision-making based on quality data and analysis, actively challenging poor, inefficient or excessive controls, related tasks and behaviours.
Provide specialist risk and control knowledge and insights, leading efforts to continuously improve the control environment and monitoring of risk, including behaviours
Advise and design process and controls in a commercially viable, practical and effective manner.
Identify trends to anticipate future developments in the risk and control environment.
Influence and shape the development and implementation of future-fit risk management and regulatory frameworks.
Provide Senior Management with updates on any relevant changes to policy or projects related to operational risk that have an impact on their area of responsibility.
requirements-expected :
At least 3 years of hands-on experience with one or more or the control capabilities in the domain (Cyber Operations, Security Operations Centres, Cyber and/or Data Incident Management, Threat Intelligence) either directly or as a 1/2/3LOD control management function
At least 3 years of hands-on experience and subject matter expertise in management of operational risk, non-financial risk and/or technology and information security risk.
Experience across IT, Operations, Risk Management, and / or Audit roles requiring management of diverse risk types is desirable.
Previous experience of identifying, defining and solving problems that have impact on your work or the wider business. Proven track record of process improvement and delivering as promised.
Financial Services or other highly regulated industry experience/exposure is preferred.
Strong communication skills to influence and challenge stakeholders. Ability to work independently with limited supervision.
Ability to present complex issues concisely to senior partners using non-technical language.
Active industry recognized certificates will be an asset, e.g. CISA, CISSP, CRISC, CCSP etc.
offered :
Competitive salary
Annual performance-based bonus
Additional bonuses for recognition awards
Multisport card
Private medical care
Life insurance
One-time reimbursement of home office set-up (up to 800 PLN).
Corporate parties & events
CSR initiatives
Nursery discounts
Financial support with trainings and education
Social fund
Flexible working hours
Free parking
benefits :
sharing the costs of sports activities
private medical care
sharing the costs of professional training & courses
