Senior Manager, Resilience Risk, Data, Tech. and Cyber Security - Hang Seng Bank (HK)
HSBC
- Central, Hong Kong
- Permanent
- Full-time
- Responsible for the review of controls relating to Data, Technology and Cybersecurity risks.
- Responsible for supporting the Risk Stewards with internal and external events, providing insight and learnings relevant to controls relating to Technology risks.
- Partner with ERM Business & Functions team and 1LOD to identify, measure, mitigate, monitor and report Data, Technology and Cybersecurity risks.
- Provides 2LOD oversight of top and emerging risks, ensuring the business can mitigate these timely and effectively.
- Influence and provide direction to the 1LOD and ERM Business & Functions team to ensure they fulfil own roles and responsibilities and manage resilience risk according to the Group’s frameworks and within stated appetite.
- Provide technical guidance to support development and completion of ERM and regulatory reporting obligations (e.g. RAS, top & emerging risks, risk profile reporting, RMM, Board reporting where relevant, etc.)
- Partner with ERM Business & Functions team regarding Implementation of country Internal Audit and ERM recommendations and directions for the improved use of the Risk Framework related to Data, Technology and Cybersecurity risk.
- Supporting with thematic reviews across to ensure that risk and control environment is commensurate with the scale and nature of operations.
- Build and maintain relationships with external partners, regulators, industry bodies and others to keep up to date with developments.
- Support training and capability uplift for the ERM Business & Functions teams to ensure robust understanding of Data, Technology and Cybersecurity risks.
- A university graduate with degree in IT, finance or a related discipline.
- Minimum 10 years of IT / finance related work experiences.
- Business and technical knowledge on banking system would be an advantage.
- Familiarity with the HSBC standards and processes would be useful.
- Able to work independently, under pressure and proactively.
- Team lead or line manager experiences would be an advantage.
- Professional certificate in Technology Risk such as CISA, CISSP would be an advantage.
- Strong Technology risk expertise including risks, threats, common controls & techniques.
- Mobile development and delivery experiences is a bonus.
- Excellent verbal, written and interpersonal communication skills.
- Great sense of ownership and servicing mindset to ensure efficient and effective customer service processes.