Logo Pracuj.pl

(CCO) Global Head of Controls Cybersecurity

HSBC Service Delivery (Polska) Sp. z o.o.

  • Kraków, Lesser Poland
  • offer expired 2 months ago
  • contract of employment
  • full-time
  • director
  • hybrid work
  • remote recruitment
  • запрошуємо працівників з України
Запрошуємо працівників з України
Роботодавець відкритий для працевлаштування громадян України
  • Specializations:Security

HSBC Service Delivery (Polska) Sp. z o.o.

Kapelanka 42a



Technologies we use

Operating system

About the project

The Chief Control Office (CCO) plays an important role in enabling the bank to operate within its risk appetite, by ensuring efficient and effective risk and control management. CCO achieves this by providing operational risk and control expertise, conducting high quality reviews of the bank's control environment, conducting end to end control assurance reviews on key controls, maintaining robust risk governance focused on material risk and issues, and evolving a culture of continuous and consistent risk management.

• The role holder will partner with the HSBC Cybersecurity to ensure delivery of risk based, strategic outcomes globally, including informing and advising on relevant risk and control based issues, initiatives and updates that impact the Group.

• You will be a leader within the Global Chief Control Office (GCCO) Function that directly supports the Global Head Technology Chief Control Office within HSBC. The purpose of the CCO function is to enable colleagues within HSBC DBS to deliver safe and secure services to all our customers, colleagues and the Bank itself. This will be achieved by:

o Enforcing robust risk governance and ensuring all stakeholders have visibility of key risks and any

o remediation activity.

o Partner and advise on setting, communicating and monitoring risk appetite in line with business

o requirements, including appropriate support and challenge.

o Conducting high quality and efficient reviews of our control performance.

o Facilitating controls remediation where required.

o Raising awareness and understanding of risks, controls and risk management.

o Continuously improving the control and monitoring of risk, including behaviours.

o Embedding the Bank’s Risk Management Framework

• The role holder will be responsible for global CCO activity supporting Cybersecurity.

• The role will have global responsibility and ensure that partnership support is provided to entities as appropriate.

• The role holder will be responsible for delivering robust risk management practices and control governance across DBS to ensure Cybersecurity security risk management is transparent and clear to all Global Business and Functions (GB/GF), regions and entities.

• The role holder will be expected to demonstrate the ability to lead the CCO Cybersecurity team to a value based, and outcome focussed way of working, including driving cultural change across to driver strong integrated risk management across Cybersecurity and the business.

Your responsibilities

  • Support CCO operating model, service catalogue, procedures, and toolkits

  • Act as a key contact point between 1LOD and 2LOD/3LOD partners – drive risk and audit reviews and subsequent actions through to resolution by partnering with 1LOD/CIO teams

  • Leading the Team of trusted advisers for senior management within remit area on how to accurately manage their operational risk i.e. risk assessments, control environment, issues management

  • Develop and manage stakeholder relationships with CCO Tech and Cybersecurity, Architecture, Data

  • Constructive challenge on control environment and assessment of risk

  • Manage executive updates to IT ExCo and DBS CCO ExCo

  • Support consistent and insightful reporting and escalation of identified issues

  • Drive consistency of reporting and Risk & Control management across the HSBC Group

  • Oversight of emerging risks, strategic business initiatives and local change activity and new/materially

  • Promote accountable risk and control decision-making based on quality data and commercial analysis, actively challenging poor, inefficient or excessive controls, related tasks and behaviours

  • Provide specialist risk and control knowledge and insights, leading efforts to continuously improve the control environment and monitoring of risk, including behaviours

  • Identify trends to anticipate future developments in the risk and control environment

  • Influence and shape the development and implementation of future-fit risk management and regulatory frameworks

  • Provide Senior Management with updates on any relevant changes to policy or projects related to operational risk that have an impact on their area of responsibility.

  • Leading ad hoc programmes supporting Vision 27 and key CCO and wider DBS initiatives

  • Plans effectively around delivery constraints and optimizes the plan to maximize benefits and minimize risk. Develops the plan within constraints, considering the delivery approach, key milestones and dependencies within the plan, requirements and scope, effort and resources, budgets and quality

  • Drive consistent communication clarifying impact of change on risk and control environment for HSBC

  • Ensuring lessons learnt in one line of business/impacting incident are properly understood for all of Technology with associated actions implemented in a timely manner

  • Apply programmatic approach to resolving key Control issues across Technology

  • Effectively manage stakeholder relationships across CCO, 2Lod, 3Lod, Tech and CCO communities

  • Embed risk culture and change delivery capability across the CCO Tech function

  • Drive continuous improvement of processes, policies and tooling across CCO Tech

  • Active and engaged member of the CCO Tech leadership team

  • Lead by example, demonstrate core behaviour and values including professionalism, teamwork, focus, drive and determination

Our requirements

  • Strong leadership background with a proven track-record of managing wide range of diverse stakeholders

  • Detailed knowledge of cyber/infra tech controls a must

  • Broad understanding of Non-Financial Risk framework

  • Experience in performing risk and control reviews

  • Must have a strong tech knowledge i.e. architecture, platforms, Cloud

  • Proven experience in a risk/audit or control related role

  • Proven track record of increasing business performance i.e. developing, aligning and translating strategies & plans to achieve business and functional goals

  • Negotiating skills to manage right outcomes for Technology across a diverse set of GB/GF’s, senior stakeholders and lines of defence often with competing objectives

  • Comprehensive understanding of HSBC structures, processes and objectives across the Group would be desirable.

  • Ideally has experience in global, regional and market roles

  • Strong knowledge of CCO Tech – functionally and operationally desirable

  • Proven ability to articulate complex issues concisely and in simple language to support problem analysis

  • Proven project management experience with an ability to influence senior stakeholders

  • Experience in writing and presenting board papers

  • Previous background of working in a matrix organization structure; ability to persuade individuals at different levels

  • Strong interpersonal skills, coupled with the ability to succeed within a matrix management structure and build and maintain regional team relationships

  • Ability to engage with team, colleagues and business partners collaboratively to deliver at pace

  • Ability to work well under pressure, demonstrate flexibility and adapt to rapidly changing priorities and tasks that are potentially highly restricted in nature, unpredictable, wide ranging, complex and time-sensitive


  • In-depth technical knowledge of cybersecurity/infrastructure technology an advantage

What we offer

  • Contact with top IT technologies available in the market

  • Employees’ benefits: Multisport Card, private medical and dental health care, life insurance

  • Free parking space for our employees – few minutes from the office

  • Internal training events and workshops

  • Realistic career progression opportunities in an international organization

  • Casual dress code

  • Cultural exchange

  • Remote work possible (up to individual discussion with hiring manager)


  • sharing the costs of sports activities

  • private medical care

  • sharing the costs of foreign language classes

  • sharing the costs of professional training & courses

  • life insurance

  • remote work opportunities

  • flexible working time

  • integration events

  • corporate sports team

  • doctor’s duty hours in the office

  • retirement pension plan

  • corporate library

  • no dress code

  • video games at work

  • coffee / tea

  • parking space for employees

  • leisure zone

  • extra social benefits

  • employee referral program

  • opportunity to obtain permits and licenses

  • charity initiatives

  • family picnics

  • extra leave

Recruitment stages

Online assessment


Phone interview


Zoom interview


Welcome to HSBC!

HSBC Service Delivery (Polska) Sp. z o.o.

HSBC is one of the world’s largest banking and financial services organisations. Our global businesses serve more than 40 million customers worldwide through a network that covers 63 countries and territories.

HSBC Service Delivery (Polska) Sp. z o.o. is HSBC's global finance, operations, risk and technology centre. We use our unique expertise and capabilities to provide specialised services – our people range from technologists transforming the banking experience to operations professionals managing 1.7 trillion payments a year.

Our Purpose – Opening up a world of opportunity – explains why we exist. We are bringing together the people, ideas and capital that nurture progress and growth, helping to create a better world – for our customers, our people, our investors, our communities and the planet we all share.

Scroll to the company’s profile