At HSBC, the health and well-being of our employees remains of utmost importance. Many of our roles are permitted to work from home (in states in which HSBC is licensed to operate) until further notice. Upon resumption of normal operations, this role may be performed at our Arlington heights, Illinois, Buffalo, New York, New York, New York or Jersey City, NJ offices.
The Cybersecurity function is responsible for enabling businesses and functions to manage their Information and Cybersecurity risks as well as ensuring risk and controls are assessed and implemented appropriately, objectively and independently through professional and specialized subject matter experts. The Regional Information Security Officer (RISO) role is responsible for providing regional input into, and executing the Group Information Security and Cybersecurity strategy across the designated Region. The key responsibilities include handling Governance & Reporting, Information Security Risk and Remediation, Secure Business Transformation, Compliance to local legal entity regulations and reporting the cyber risk posture to the regional legal entity boards, senior management and risk management forums.
The role requires the ability to translate highly technical Cybersecurity concepts into consumable language, in order to drive continuous assessment and improvement of cybersecurity and information security risk in line with defined and agreed risk appetites and the constantly evolving cyber-threat landscape. The role ensures the execution of the global Cybersecurity strategy through the delivery and operation of specific cybersecurity services and controls within their respective Region and through coordination with the central Cybersecurity functions in execution of change-the-bank programs.
This role holder and the Regional cybersecurity team works in partnership with the central functions of Group Cybersecurity, the virtual team (PODs), technology teams, information security control owners, non-cyber control owners and the regional/ business Chief Controls Office to achieve their goals.
The RISO role is accountable for leading the Cybersecurity function, part of the 1LOD (1st line of defense), in the designated Region, to define and implement an industry-leading Cybersecurity Service that supersedes the Bank's constantly changing information security threats. In addition, the role acts as the single point of contact for managing Information and Cybersecurity risks and controls (including cyber owned and non-cyber owned controls), relating to their governance, operation, monitoring and reporting.
The RISO role reports into the Global Head of Cybersecurity Business Enablement, which in turn reports into the Group CISO for HSBC. At an entity level the role reports to the Regional Chief Information Officer who in turn reports to the Regional Chief Operating Officer.
Primary responsibilities will cover:
Governance and Reporting
Information Security Risk Management & Remediation
Secure Business Transformation
Regulatory Compliance, Industry and Customer Engagement
Team and Stakeholder Management
Work with the Compliance department, to implement the Compliance Policy and to contain compliance risk. The term 'compliance' embraces all relevant financial services laws, rules and codes with which the Region must comply.
Adhere to and be able to demonstrate adherence to internal controls.
Ensure compliance with all relevant internal instructions (FIMs, GSMs, circulars) and external regulatory requirements, including the management of operational risk and adherence to the Group's standards of ethical behavior.
Customer focus. Lead a customer-centered culture, campaign activities encouraging outstanding customer advocacy. Proactively seek opportunities to maximize Cybersecurity to improve region/country/service line operations.
Understanding markets and customers. Understands the financial services industry security and threat landscape. Analyses, interprets and communicates developments in the customer's and business segment's local marketplace. Have an in depth understanding of the business and the related threat landscape to enhance cybersecurity resilience and enable / influence strategic business decisions as applicable.
Minimum Bachelor Degree and/or experience in IT security governance and operational processes, preferably in the Financial Services industry or global corporate service provider
Background - desirable but NOT crucial experience in one or more of risk management, Audit, Information Security Management
Qualifications -one or more industry-recognized cybersecurity-related certifications required (as per Regional Regulatory Requirements) including ISO270001, CISA, CISM, CISSP, CRISC
Availability to travel (if required) for this role, i.e. travel within country as well as occasional International travel
Positive and professional attitude, team player, flexible and adaptable, open to change(s)
Confident and takes responsibility and ownership for work and personal development
Good spoken and written communication and ability to adapt style based on audience
Ability to communicate technical subject matter to non-technical stakeholders
Previous experience of delivering an excellent customer service
Ability to quickly develop good working relationships with stakeholders
Ability and self-motivation to learn and pick things up quickly
As an HSBC employee, you will have access to tailored professional development opportunities to ensure you have the right skills for today and tomorrow. We offer a competitive pay and benefits package including a robust Wellness Hub, all in a welcoming, diverse and inclusive work environment. You will be empowered to drive HSBC's engagement with the communities we serve through an industry-leading volunteerism policy, a generous matching gift program, and a comprehensive program of immersive Sustainability and Climate Change Initiatives. You'll want to join our Employee Resource Groups as they play an integral part in life at HSBC, including the development of our employees and networking inside and outside of HSBC. We value difference. We succeed together. We take ownership. We get it done. And we want you to help us build the bank of the future!
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.
Internal Number: 0000GXJR
HSBC was born from one small idea: a local bank serving international needs. We started our business in Hong Kong in 1865. In 2015, HSBC celebrates its 150th year anniversary. Over the years, HSBC grew through expanding its branch network, offering new products and establishing its own investment banking arm.
We aim to be where the growth is, connecting customers to opportunities, enabling businesses to thrive and economies to prosper, and ultimately helping people fulfill their hopes and realize their ambitions.
•Located in 72 countries and territories
•Serving around 48 million customers
•Supported by over 268,000* people
•Head office in US is New York City
We aim to be dependable, open and connected in everything we do. We want to ensure that our employees feel able to stand up for what is right, highlight potential risks and act with integrity, even when faced with pressure to act otherwise. By doing so, we will be able to meet expectations of society, customers, regulators and investors. To make sure everybody at HSBC lives up to these values, they are a part of everyone's annual performance review.
At HSBC, you will find that we are dependable, open ...to different ideas and cultures, and connected to customers, communities, regulators and each other. Our culture has a family feel to it – our employees are encouraged to work together to reach a common goal. This idea is supported and encouraged at the leadership level and passed down.
Our size and global reach mean more opportunities for you to grow your career with us.
We are looking for forward-thinking, driven, perceptive candidates to help our customers realise their hopes, dreams and ambitions.
This means people who are dependable, open to different ideas and cultures, and enjoy being part of a team; people who have the potential to become the future leaders of HSBC.
We encourage you to drive your own development and build your network within your office and around the world.
We provide the opportunities for you to connect with customers, colleagues and the communities in which we operate.