Risk & Control/Control Manager/Pune/CCO HSBC

The health and safety of our employees and candidates is very important to us. Due to the current situation related to the Novel Coronavirus (2019-nCoV), we're leveraging our digital capabilities to ensure we can continue to recruit top talent at the HSBC Group. As your application progresses, you may be asked to use one of our digital tools to help you through your recruitment journey. If so, one of our Resourcing colleagues will explain how our video-interviewing technology will be used throughout the recruitment process and will be on hand to answer any questions you might have.

Some careers shine brighter than others. If you're looking for a career that will help you stand out, join HSBC and fulfil your potential. Whether you want a career that could take you to the top, or simply take you in an exciting new direction, HSBC offers opportunities, support and rewards that will take you further.

HSBC is one of the largest banking and financial services organisations in the world, with operations in 64

countries and territories. We aim to be where the growth is, enabling businesses to thrive and economies to prosper, and, ultimately, helping people to fulfil their hopes and realise their ambitions.

Department: CCO Global Tech

About the role:

• Oversee the end-to-end health of the technology control environment

• Support internal and external audit and risk related regulatory engagement

• Identity improvements to the Technology control environment including the effective design of material controls.

• Support effective design, analysis and remediation of control measures

•Provide risk and controls consultancy, advice and guidance.

• Support the application and critique of the Technology risk and controls

• Contribute to relevant governance forums, including Audit and Compliance Reviews etc.

Advocate the desired behavioural changes across the CIO community required to mature the understanding and management of technology risk controls.

In this role you will:

• Support the delivery of the CCO technology risk and control agenda Engage and partner with stakeholders, across all three LOD

•Support preparation of technology risk and control governance meeting materials Advise and challenge inefficient and ineffective process or excessive control design

• Advise and design process and controls in a commercially viable, practical and effective manner Design and drive improvements to technology risk and control information metrics

• Promote and advise risk and control decision-making base on quality data analytics

• Support senior management on risk and control messages, promote risk and control mind set, culture and behaviour

•Support internal CCO matters, including coordination and administration activities

•Principal Accountabilities.

•CCO Execution

• Supporting the CIO and their management team providing risk and controls consultancy, advice and guidance

•Providing a subject matter expertise for the Risk Management Framework

• Feedback from CCO and Technology leadership teams

• Support internal and external Audit and risk related regulatory engagement

Effective use of analytics to identify potential new and emerging risks

• Review and Monitor the control measures to meet the needs of all stakeholders

Risk Culture

•Engage with colleagues to promote positive behaviour and actively manage risk

• Work closely with Technology to develop and monitor risk remediation program activities and actions to

ensure progress and delivery within acceptable timelines

• Focusing on Technology top risks and threats, including new/emerging top risks, to ensure they are fully understood and that controls that mitigate these risks (key controls) are effective, efficient and where possible automated

Meeting needs of Technology Leads to promote a proactive risk culture

• Raise awareness and understanding of risks, controls and risk management

• Positive and constructive feedback

• Regular and timely communication to stakeholders

Leadership & Teamwork

• Role model a positive internal risk and control culture across Technology teams and help shape the climate.

tone and environment in which people work

• Stakeholder feedback, 1:1 meetings, objectives & performance reviews output • Make considered decisions that protect and enhance HSBC values, reputation and business

Support the execution and remediation of thematic reviews/investigations/compliance reviews in

response to internal or external events within Technology

Domtinns Hinne & Control

Working with Technology to define and apply Technology Risk & Control standards and processes in ord to drive consistency across Technology

•Provide tailored solutions which aim to meet and exceed stakeholder expectations • Partner with Technology to identify, measure, mitigate, monitor and report Technology's top risks (includin

new/emerging top risks) • Successful, timely implementation of audit and 2LoD recommendations

Apply and critique definition and application of policies, control standards and procedures by • Working with Technology to influence definition of policies and control standards

• Implementing clear policy framework across dispensations and waivers

• Identification & implementation of best practice, standard tools and improvements to the Risk Management Framework

• To share best practices and enhance the control framework and contribute towards reduction of findings

noted in Group Audits, Internal Control reviews, 2LoD reviews, etc.

Requirements

To be successful in this role, you should meet the following requirements:

• Knowledge of Cyber and Technology Controls

A good degree of knowledge covering Agile, Devops, Business Transformation Framework, Project Management and System Design

Service management and controls governance experience

•Experience in a technology risk/audit or control related role

Service management and controls governance experience Experience in a technology risk/audit or control related role

•Experience in financial services, ideally with experience across automation, operations, and enterprise technology services

• Experience working across the risk management lifecycle for technology controls • Previous experience of identifying, defining and solving problems that impact on your work or the wider business

Strong communication skills to influence and challenge stakeholders A good understanding of the products used in this business area

Ability to work independently with limited supervision •Ability to present complex issues expertly and concisely to senior partners using non-technical language

Strong written, verbal and presentation skills

• Flexible and adaptable, able to handle and prioritise competing demands in a fast-paced environment