Join to apply for the Senior Control Manager (Cyber IDAM) role at HSBC

Get AI-powered advice on this job and more exclusive features.

HSBC Service Delivery (Polska) Sp. z o.o. is HSBCs global finance, operations, risk and technology centre. We use our unique expertise and capabilities to provide specialised services – our people range from technologists transforming the banking experience to operations professionals managing 1.7 trillion payments a year.

Our Purpose – Opening up a world of opportunity – explains why we exist. We are bringing together the people, ideas and capital that nurture progress and growth, helping to create a better world – for our customers, our people, our investors, our communities and the planet we all share.

The GCIO Chief Control Office (CCO) team plays an important role in enabling the bank to operate within its risk appetite by ensuring efficient and effective risk and control management. We do this by providing operational risk and control expertise, specialist technical knowledge and a deep understanding of the businesses and functions we serve.

Key activities include implementation and oversight of the Group’s Risk Management Framework, ongoing and targeted controls assessments, implementing and maintaining robust risk governance, and championing a proactive risk culture. GCIO CCO works closely with partners across all lines of defence and is responsible for maintaining positive relationships with our regulators and external partners.

What you’ll be doing:

• Act as a trusted advisor to senior management, overseeing the operational risk and control portfolio for Identity and Access Management (IDAM) services.
• Promote data-driven, accountable decision-making and challenge inefficient or excessive controls.
• Provide specialist insights to improve the control environment across key IDAM areas such as Joiners, Movers, Leavers (JML), Access Recertification, Segregation of Duties, MFA, and Privileged Access Management.
• Design and implement practical, effective, and commercially viable risk controls.
• Identify trends and anticipate future developments in the cyber risk and control landscape.
• Influence the development and implementation of future-fit risk management and regulatory frameworks.Deliver clear, evidence-based updates to senior management on operational risk and control changes.
• Collaborate globally across regions to maintain a strong and consistent cyber risk profile.

You’re a great candidate if you have these:

• At least 5 years of hands-on experience in cyber risk control, particularly in IDAM domains such as JML, Access Recertification, SoD, MFA, and PAM.
• Strong expertise in operational, non-financial, and information security risk management.
• Experience across IT, Cybersecurity, Risk Management, Operations, or Audit functions.
• Proven ability to influence and challenge stakeholders at all levels.
• Strong communication skills, with the ability to present complex issues clearly to non-technical audiences.
• Demonstrated leadership experience, including remote team management.
• Relevant certifications (e.g., CISA, CISSP, CRISC, CCSP) are a plus.
• Ability to work independently, prioritize effectively, and adapt in a fast-paced, regulated environment.

What you’ll get with us:

• Annual performance-based bonus
• Additional bonuses for recognition awards
• Multisport card
• Private medical care
• Life insurance
• One-time reimbursement of home office set-up (up to 800 PLN)
• Corporate parties & events
• CSR initiatives
• Nursery discounts
• Financial support with trainings and education
• Social fund
• Free parking

If your CV meets our criteria, you should expect the following steps in the recruitment process:

• Online behavioural test
• Telephone screen
• Job interviews with the hiring managers

In case you would like to resign from participation in recruitment process or withdraw previously sent to us application, please email us at: hr.krakow.pl@hsbc.com.