Global Cybersecurity is responsible for enabling businesses and functions to manage their information, technology, and cybersecurity risks by ensuring these are well-understood, and that controls used the manage such events are defined, assessed, and implemented appropriately. Cybersecurity predominantly delivers this via objective, independent, professional, and specialized subject matter experts. The role forms part of the 1LoD in relation to the risk management framework.
The Cybersecurity Assessment and Testing (CSAT) function, part of Global Cybersecurity, is accountable for Vulnerability Management, Secure Development (inc. DevSecOps), Threat and Controls Assessment (inc. threat modelling) and Third-Party Security Assessment. The function drives the identification, capture, assessment, testing/ verification and ultimately the remediation of security defects, gaps, and vulnerabilities across HSBC’s estate in concert with business and technology teams - on-premises, within the Cloud and for those resulting from 3rd party engagements.
responsibilities :
Support the delivery of Vulnerability Management Control Owner activities and represent the Vulnerability Management Control Owners in meetings and responding to questions on the controls.
Lead Risk and Control Issue remediation activities including use of Helios.
Drive routine metric submissions e.g., KCIs, KRI, ensuring high quality, accurate commentary, and timely submission.
Supporting evolution of Vulnerability Management metrics, including KCIs and Group Risk Appetite Statement (GRAS). Ensuring activities in CTB/ RTB have considered control impacts.
Partner with key stakeholders including Enterprise Risk Management (ERM), CCO Technology, Cybersecurity Risk & Control Strategy (CRCS) and Cybersecurity Business Engagement (CBE).
Prepare/coordinate Vulnerability Management meeting material for senior management meetings (e.g., TGWG, DBS RCMM, Technology RCMM, Cybersecurity RCMM, Cloud RCMM)
Engage with the Global Head of Vulnerability Management, and relevant team members to review and gain approval for submissions and ensure information requests/ engagement meetings are supported by the correct SMEs.
Support the Head of CSAT Governance with ensuring that; priority tasks and escalations are actioned; and key commitments are monitored/delivered (formal actions (e.g. Helios).
requirements-expected :
Excellent written and verbal communication skills, including the experience of preparing Board level reports and responding to regulatory requests.
Proven ability to influence, challenge and manage senior stakeholders within 1, 2, 3LOD.
Ability to work under pressure with high accuracy and focus.
Curious and a creative problem solver, comfortable with a high level of ambiguity.
Pro-active, independent, collaborative team player with a positive attitude.
Process orientated, outstanding organizational skills.
Excellent understanding of Excel, Sharepoint, Microsoft Teams and Confluence.
Experience of working in roles within Risk Management, CCO and Governance.
offered :
Competitive salary
Annual performance-based bonus
Additional bonuses for recognition awards
Multisport card
Private medical care
Life insurance
One-time reimbursement of home office set-up (up to 800 PLN)
Corporate parties & events
CSR initiatives
Nursery discounts
Financial support with trainings and education
Social fund
Flexible working hours
Free parking
benefits :
sharing the costs of sports activities
private medical care
sharing the costs of professional training & courses
