Some careers have more impact than others.
If you re looking for a career where you can make a real impression, join HSBC and discover how valued you ll be.
HSBC is one of the largest banking and financial services organisations in the world, with operations in 62 countries and territories. We aim to be where the growth is, enabling businesses to thrive and economies to prosper, and, ultimately, helping people to fulfil their hopes and realise their ambitions.
Global RR Specialist Technology and Cyber Risk Senior Manager
Business: Risk and Compliance
Principal responsibilities:
The role holder will be the primary point of accountability for Active Risk Management, including
- Provide technical advice and support globally to ensure stakeholders understand and are aware of the control environment and assessment of Technology risk globally commensurate with the scale and nature of operations
- Drive improved senior stakeholder insight and decision making via delivery of regular and consistent management reports, expert analysis, and papers on AI and Technology Risk including to the Non-Financial Risk Management Board (NFRMB) and respective Risk and Control Management Meetings (RCMM).
- Support ERM Leadership with AI related queries
- Oversee, escalate and provide guidance on the identification of conduct impacts in AI adoption and activities owned by the 1LOD, including where control weaknesses and risk events impact the delivery of good outcomes
- Support the ERM Business and Function teams to explain, in non-technical terms, the impact of issues or events, and top and emerging risks related to AI that may require changes (for example, to controls, resources or business operations) to remain within respective Risk Appetites.
- Monitor the local external environment to get early sight of emerging AI risks and provide detailed guidance on controls required to mitigate against them; build and maintain relevant cross-organisation and industry relationships.
- Provide guidance and support with policy writing, owning and monitoring compliance with a comprehensive set of clear and concise policies that outline the key principles and minimum requirements applicable to the management of AI Technology adoption areas.
- Promote and develop AI risk awareness and risk management culture to ensure material risks are both evident and effectively managed, leading the deployment of deep subject matter expertise around AI Technologies globally.
- Drive appropriate governance for AI Technologies across key stakeholders and senior control owners.
- Ensure concerns with key controls and in-scope material change programmes, relevant to AI Technologies, are understood and escalated as required
- Deliver tailored and specific expertise across AI Technology risk enabling 1LOD to successfully deploy and operate mitigating key control.
- Constructive challenge to the global businesses and functions on their control environment and assessment of risk
- Oversight of AI risks, strategic initiatives and local change activity and new/materially changed products.
- Analysis of risk exposure across all bank operations and territories to inform capital management and stress testing requirements.
- Complete thematic reviews and aggregated reporting of the Non-Financial Risk profile of the bank.
- Responsible for the implementation of a Risk Management Framework (RMF) that sets out governance, policies and practices to proactively identify, assess, measure and report on, mitigate and control operational risk exposures associated with HSBC s businesses and operations at all levels of the organisation.
- Ensure critical issues, events and incidents both in key controls and material change programmes are managed for AI Technologies, are understood by and escalated to appropriate governance forums for appropriate and timely resolution
- Ensurr that related risk initiatives are not adversely affected as a result of poor planning, testing and approach during the delivery of significant change
Leadership & Teamwork
- Represent ERM to your key internal stakeholders.
- Contribute to a forward-looking agenda for emerging risks and challenges that ERM and the Bank may face.
- Provide oversight to the First-line s adoption of Standards, Processes and Procedures required to implement the Policy objectives across the Group and support the embedding of the Risk Framework by working with the Risk Control owners in their area.
- Provide oversight, formal input, challenge and guidance to first-line risk and control owners across entities / countries within the Group enabling business growth and innovation while maintaining risk within appetite.
- Communicate across technical and business levels to ensure that stakeholders understand how their delivery is aligned with the Bank and ERMs goals.
- Support your team in accordance with the direction set by your functional manager, including the day-to-day management of your direct team members.
- Drive positive Risk culture behaviours including, supporting, guiding and mentoring all colleagues working as part of global virtual teams.
- Contribute to driving improvements in team engagement, maintaining an inclusive environment for all of your colleagues.
- As required, support relevant Transformation Programmes within the Group by engaging and assisting in the identification and mitigation of risk.
- As directed, partner with other oversight functions and Internal / External Audit to ensure a holistic view of risk profile, including leading on the delivery and closure of Audit points and Management Self-Identified Issues.
- Ensure delivery of relevant services set out under the service catalogue ensuring consistent implementation across entities, countries and markets, as appropriate.
- Effectively communicate with internal (first line, senior management, audit) stakeholders on risk identification, governance and management
- Drive efficiencies through consistently identifying better ways of working, including standardisation under the global framework.
- Ensure appropriate and timely escalations as and when challenges arise.
Requirements
- Experience in risk management at a Globally Significant Financial Institution (GSFI).
- Understands the impact of AI technology risk within HSBC Group and its commercial context and strategic ambitions.
- A good level of knowledge of the relevant regulatory landscape and ability to access the impact of proposed changes in regulatory rules to the bank, especially those pertaining to AI Technology risk.
- Knowledge of a financial institutions business model, products and key risk drivers.
- A deep understanding and technical expertise AI technology risk, including how this risk can be identified, assessed, monitored and controlled and mitigated where relevant.
- Ability to lead and promote a strong risk control culture and continually improve risk awareness.
- Proven ability to develop networks with key stakeholders in a matrix structure.
- Support a multi-locational team of professionals.
- Providing expert advice and robust challenge, delivering risk management policies and managing risks and controls.
- Exposure to AI Ethics and dealing with Banking/Government regulatory compliance
Skills:
- Ability to present complex technical concepts and results to non-technical audiences in a persuasive and compelling manner.
- Team-oriented mentality combined with ability to complete tasks independently to a high-quality standard.
- A change agent who challenges the status quo diplomatically, constructively and positively in order to lead relevant strategies that enable safe growth of HSBC.
Qualifications:
- Adequate professional certificate in Technology Risk such as CISA, CISSP, CRISC
- Any relevant AI Certification in information security or technology risk governance
- A BA or BS University Degree, advanced degrees preferable, (e. g. MBA, MSc, PhD)
Others
The job holder will be required to:
- Support the management of risk across a large complex banking group.
- Manage multiple senior stakeholder relationships across the HSBC matrix.
- Represent HSBC with external parties including Auditors and Regulators.
- Manage risk whilst significant transformational activity is being implemented, both regionally and globally.
- Operate and influence within a changing and rapidly developing regulatory environment.
- Continually support HSBCs approach to conduct and cultivate a positive risk aware culture, which is designed to ensure we deliver fair outcomes for our customers and do not disrupt the orderly and transparent operation of financial markets.
- Maintain awareness of operational risk and minimise the likelihood of it occurring, including its identification, assessment, mitigation and control, loss identification and reporting in accordance with the HSBC risk management.
- Adopt a risk management and internal control structure, referred to as the Three Lines of Defence, to ensure it achieves its commercial aims while meeting regulatory and legal requirements and its responsibilities to stakeholders, customers and staff. All staff must familiarise themselves and adhere at all times with the role and supporting responsibilities they play in the Three Lines of Defence.
You ll achieve more at HSBC
HSBC is an equal opportunity employer committed to building a culture where all employees are valued, respected and opinions count. We take pride in providing a workplace that fosters continuous professional development, flexible working and, opportunities to grow within an inclusive and diverse environment. We encourage applications from all suitably qualified persons irrespective of, but not limited to, their gender or genetic information, sexual orientation, ethnicity, religion, social status, medical care leave requirements, political affiliation, people with disabilities, color, national origin, veteran status, etc. , We consider all applications based on merit and suitability to the role.
Personal data held by the Bank relating to employment applications will be used in accordance with our Privacy Statement, which is available on our website.
