CAIA's Career Center is an easy-to-use, comprehensive resource connecting job seekers with employers in the growing AI field. Use your knowledge and credibility to advance your career or build a talented team for your organization. Opportunities targeted to CAIA Charterholders are prioritized.
In order to search for jobs specifically for CAIA Charterholders or those pursuing the CAIA Charter please enter “CAIA” in the search panel.
This will enable you to search for CAIA specific roles globally.
The team actively manages a varied and dynamic range of risk types, including security, fraud, information security, contingency, geopolitical, operational, credit, pension, insurance, financial crime and regulatory compliance, market and reputation risks. All parts of the Global Risk team use their skills, insight and integrity to handle established threats and those they see emerging, acting to protect and enable HSBC to deliver sustainable growth.
We are currently seeking an ambitious individual to join our Global Risk team, working together with colleagues to define, manage and achieve divisional business targets.
In this role, you will:
Conduct Assurance Reviews of Information Security Risk in business areas and within Information Security Risk
Provide an assessment of information security control effectiveness and possible improvements
Track and assess remediation of review findings
Undertake pre-assurance data gathering activities
Develop techniques to improve the quality or ease of data gathering
Liaise with interested parties including Audit, and other 2LoD functions external to ISR such as Operational Risk
Advise on and supporting GB/GF work to remediate findings and improve information security controls
Work with the relevant SMEs to ensure that Assurance Reviews cover all aspects of Information Security Risk
Work with Risk Analysis to understand how metrics can be improved and production regularised
Collaborate effectively with SMEs from a number of different ISR teams to deliver an effective Assurance Review
Work as part of virtual Assurance Review teams as either a Lead Reviewer or Assurance Analyst as required
Support the global Assurance Review process through collaboration with colleagues around the world and sharing best practice
Make suggestions on improvements to assurance review processes
To be successful in the role, you should meet the following requirements:
Minimum Bachelor Degree and/or related experience in the Financial Services industry or global corporate service provider
The role requires a good knowledge of Information Security Risk policies, standards and controls
Should possess strong analytical skills to undertake analysis and interpretation of information risk related data for the area under review and to analyse the responses and information supplied by the 1LoD Representative(s) during the review
Have the ability to assess the effective application of Information security Controls in GBs/GFs by the first line of defence
Have experience of dealing with senior management across Global Businesses and Functions
Experience working in relevant environment/s, i.e. Information Security, IT Operations, Software Delivery, IT Audit, or Risk
Able to explain information security risks clearly and in non-technical language to the business and how these apply to them
Have knowledge of ISR's role within the three lines of defence and the Operational Risk framework
Able to assess the design effectiveness and operational effectiveness of information risk related controls in Risk & Control Assessments (RCAs) and Internal Control Monitoring Plans (ICMPs)
When required, be able to provide advice to areas that have been reviewed on how to address any identified information security weaknesses
Have an understanding of the Operational Risk framework, in particular RCAs, ICMPs and issue and incident management
Have a strong knowledge of the Business Information Risk Officer (BIRO) and Business Risk & Control Monitoring (BRCM) programmes and what the responsibilities of BIROs and BRCMs are in relation to Information risk
Good technical writing skills to allow the results of assurance reviews to be presented clearly, concisely and consistently
Able to build connections and work effectively with a virtual team of people across boundaries working on global assurance reviews
When required, able to escalate issues appropriately in order to ensure that remedial action is taken by areas that have been reviewed to address any weaknesses identified.
Able to work effectively with other areas outside of ISR such as Audit and other second line of defence areas, especially Operational Risk
Need to have strong interpersonal skills to build and maintain relationships with a wide range of people during the assurance review process, even when conveying difficult messages
A flexible and adaptable approach to change and will support others to respond in a similar way
A flexible and adaptable management style with experience of developing yourself and others
Professional Security Qualifications such as CISA, CISM, CRISC - preferable
For further details and application information please visit our careers site, searching under reference number 0000AZY5
You'll achieve more when you join HSBC.
HSBC is committed to building a culture where all employees are valued, respected and opinions count. We take pride in providing a workplace that fosters continuous professional development, flexible working and opportunities to grow within an inclusive and diverse environment. Personal data held by the Bank relating to employment applications will be used in accordance with our Privacy Statement, which is available on our website.