Join to apply for the Control Manager (Cyber CSAT) role at HSBC

1 day ago Be among the first 25 applicants

HSBC Service Delivery (Polska) Sp. z o.o. is HSBCs global finance, operations, risk and technology centre. We use our unique expertise and capabilities to provide specialised services – our people range from technologists transforming the banking experience to operations professionals managing 1.7 trillion payments a year.

Our Purpose – Opening up a world of opportunity – explains why we exist. We are bringing together the people, ideas and capital that nurture progress and growth, helping to create a better world – for our customers, our people, our investors, our communities and the planet we all share.

The GCIO Chief Control Office (CCO) team plays an important role in enabling the bank to operate within its risk appetite by ensuring efficient and effective risk and control management. We do this by providing operational risk and control expertise, specialist technical knowledge and a deep understanding of the businesses and functions we serve.

Key activities include implementation and oversight of the Group’s Risk Management Framework, ongoing and targeted controls assessments, implementing and maintaining robust risk governance, and championing a proactive risk culture. GCIO CCO works closely with partners across all lines of defence and is responsible for maintaining positive relationships with our regulators and external partners.

The role is part of a global team and will be expected to support and collaborate with other team members across multiple regions, as well as manage their portfolio in maintaining an acceptable risk profile.

Responsibilities

• Partnering with the CISO CCO to oversee the risk and control portfolio related to the services Cybersecurity Assessment & Testing (CSAT) provides to the Group. CSAT covers Vulnerability Identification, Assessment and resolution oversight, as well as coverage of Cloud and Third-Party Management. The controls consist of Scanning, Threat Modelling, Offensive Security, Assessment Prioritisation & Resolution oversight.
• You will be a leader within the GCIO Chief Control Office (GCIO CCO) Function that directly supports the Group CISO within HSBC.
• Act as trusted advisor for senior management by partnering to manage their operational risk i.e., risk assessments, control environment, issues management.
• Promote accountable risk and control decision‑making based on quality data and analysis, actively challenging poor, inefficient or excessive controls, related tasks and behaviours.
• Provide specialist risk and control knowledge and insights, leading efforts to continuously improve the control environment and monitoring of risk, including behaviours.
• Advise and design process and controls in a commercially viable, practical and effective manner. Identify trends to anticipate future developments in the risk and control environment.
• Influence and shape the development and implementation of future‑fit risk management and regulatory frameworks.
• Provide Senior Management with updates on any relevant changes to policy or projects related to operational risk that have an impact on their area of responsibility.

Candidate Requirements

• At least 3 years of hands‑on experience with one or more of the control capabilities in the domain (Scanning, Cloud, Threat Modelling, Offensive Security, Assessment / Vulnerability Management) either directly or as a 1/2/3 LOD control management function.
• At least 3 years of hands‑on experience and subject matter expertise in management of operational risk, non‑financial risk and/or technology and information security risk.
• Experience across IT, Operations, Risk Management, and/or Audit roles requiring management of diverse risk types is desirable.
• Previous experience of identifying, defining and solving problems that have impact on your work or the wider business.
• Financial Services or other highly regulated industry experience/exposure is preferred.
• Strong communication skills to influence and challenge stakeholders.
• Ability to work independently with limited supervision and to present complex issues concisely to senior partners using non‑technical language.
• Active industry‑recognized certificates will be an asset, e.g. CISA, CISSP, CRISC, CCSP etc.

Benefits and Compensation

The pay range for this role is 18.775 – 23.000 PLN (monthly, gross).

Additional car allowance in the amount of 4,620 PLN (monthly, gross). FOR GCB 4 ROLES ONLY.

Variable pay is discretionary, but influenced by Group performance, business/function performance and individual performance.

• Annual performance‑based bonus
• Additional bonuses for recognition awards
• Multisport card
• Private medical care
• Life insurance
• One‑time reimbursement of home office set‑up (up to 800 PLN)
• Corporate parties & events
• CSR initiatives
• Nursery discounts
• Financial support with trainings and education
• Social fund
• Free parking

Recruitment Process

• Online behavioural test
• Telephone screen
• Job interviews with the hiring managers

In case you would like to resign from participation in the recruitment process or withdraw a previously sent application, please email us at: hr.krakow.pl@hsbc.com.

Seniorities and Classification

Seniorities: Mid‑Senior level

Employment type: Full‑time

Job function: Information Technology and Finance

Industries: Financial Services and Banking