At HSBC, the health and well-being of our employees remains of utmost importance. Many of our roles are permitted to work from home (in states in which HSBC is licensed to operate) until further notice. Upon resumption of normal operations, this role may be performed at our Arlington heights, Illinois, Buffalo, New York, New York, New York or Jersey City, NJ offices.

The Cybersecurity function is responsible for enabling businesses and functions to manage their Information and Cybersecurity risks as well as ensuring risk and controls are assessed and implemented appropriately, objectively and independently through professional and specialized subject matter experts. The Regional Information Security Officer (RISO) role is responsible for providing regional input into, and executing the Group Information Security and Cybersecurity strategy across the designated Region. The key responsibilities include handling Governance & Reporting, Information Security Risk and Remediation, Secure Business Transformation, Compliance to local legal entity regulations and reporting the cyber risk posture to the regional legal entity boards, senior management and risk management forums.

The role requires the ability to translate highly technical Cybersecurity concepts into consumable language, in order to drive continuous assessment and improvement of cybersecurity and information security risk in line with defined and agreed risk appetites and the constantly evolving cyber-threat landscape. The role ensures the execution of the global Cybersecurity strategy through the delivery and operation of specific cybersecurity services and controls within their respective Region and through coordination with the central Cybersecurity functions in execution of change-the-bank programs.

This role holder and the Regional cybersecurity team works in partnership with the central functions of Group Cybersecurity, the virtual team (PODs), technology teams, information security control owners, non-cyber control owners and the regional/ business Chief Controls Office to achieve their goals.

The RISO role is accountable for leading the Cybersecurity function, part of the 1LOD (1st line of defense), in the designated Region, to define and implement an industry-leading Cybersecurity Service that supersedes the Bank's constantly changing information security threats. In addition, the role acts as the single point of contact for managing Information and Cybersecurity risks and controls (including cyber owned and non-cyber owned controls), relating to their governance, operation, monitoring and reporting.

The RISO role reports into the Global Head of Cybersecurity Business Enablement, which in turn reports into the Group CISO for HSBC. At an entity level the role reports to the Regional Chief Information Officer who in turn reports to the Regional Chief Operating Officer.

Primary responsibilities will cover:

• Governance and Reporting
• Information Security Risk Management & Remediation
• Secure Business Transformation
• Regulatory Compliance, Industry and Customer Engagement
• Team and Stakeholder Management
• Work with the Compliance department, to implement the Compliance Policy and to contain compliance risk. The term 'compliance' embraces all relevant financial services laws, rules and codes with which the Region must comply.
• Adhere to and be able to demonstrate adherence to internal controls.
• Ensure compliance with all relevant internal instructions (FIMs, GSMs, circulars) and external regulatory requirements, including the management of operational risk and adherence to the Group's standards of ethical behavior.
• Customer focus. Lead a customer-centered culture, campaign activities encouraging outstanding customer advocacy. Proactively seek opportunities to maximize Cybersecurity to improve region/country/service line operations.
• Understanding markets and customers. Understands the financial services industry security and threat landscape. Analyses, interprets and communicates developments in the customer's and business segment's local marketplace. Have an in depth understanding of the business and the related threat landscape to enhance cybersecurity resilience and enable / influence strategic business decisions as applicable.

• Minimum Bachelor Degree and/or experience in IT security governance and operational processes, preferably in the Financial Services industry or global corporate service provider
• Background - desirable but NOT crucial experience in one or more of risk management, Audit, Information Security Management
• Qualifications -one or more industry-recognized cybersecurity-related certifications required (as per Regional Regulatory Requirements) including ISO270001, CISA, CISM, CISSP, CRISC
• Availability to travel (if required) for this role, i.e. travel within country as well as occasional International travel
• Positive and professional attitude, team player, flexible and adaptable, open to change(s)
• Confident and takes responsibility and ownership for work and personal development
• Good spoken and written communication and ability to adapt style based on audience
• Ability to communicate technical subject matter to non-technical stakeholders
• Previous experience of delivering an excellent customer service
• Ability to quickly develop good working relationships with stakeholders
• Ability and self-motivation to learn and pick things up quickly

As an HSBC employee, you will have access to tailored professional development opportunities to ensure you have the right skills for today and tomorrow. We offer a competitive pay and benefits package including a robust Wellness Hub, all in a welcoming, diverse and inclusive work environment. You will be empowered to drive HSBC's engagement with the communities we serve through an industry-leading volunteerism policy, a generous matching gift program, and a comprehensive program of immersive Sustainability and Climate Change Initiatives. You'll want to join our Employee Resource Groups as they play an integral part in life at HSBC, including the development of our employees and networking inside and outside of HSBC. We value difference. We succeed together. We take ownership. We get it done. And we want you to help us build the bank of the future!

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.