HSBC Service Delivery (Polska) Sp. z o.o. is a part of HSBC Holdings plc, the parent company of the HSBC Group, headquartered in London. The Group serves customers worldwide from over 6,300 offices in over 75 countries and territories in Europe, Asia, North and Latin America, and the Middle East and North Africa. HSBC is one of the world’s largest banking and financial services organisations. Currently, we are looking for a candidate for the position of:
CCO Technology – Senior Manager – Specialist Assurance
Ref No: CCOT/03/2019
The Technology Chief Controls Office (CCO Tech) is responsible for advice and support to Global Technology on all areas of technology risk. As well as supporting the design and implementation of all global and regional controls, CCO Tech leads controls-related engagements with internal audit and external regulators on a global and regional basis. The group consists of Global Business and Function aligned teams who act as the trusted partners to technology, and central functions who oversee the governance of control, provide subject matter expertise covering our control domains, and identify emerging threats and risks.
The role of Senior Manager, Specialist Assurance will report through to a Senior Manager to the Chief Operating Officer. This newly established position will be key to taking CCO Tech on the next stage of its journey into a best in class controls organization. The Specialist Assurance team is building a set of new capabilities to enable the paradigm shift from reactive to proactive risk management for the organization. The team will provide control assurance to major technology change programs of HSBC thus assuring a sustainable, efficient and effective control environment is built into change from the outset. In addition, the team will perform domain deep dives, analytical work to identify threats, evaluate internal and external trigger events and support thematic issue resolutions as well as establishing a Controls Surveillance.
- Support the development and design of a specialist control assurance framework across Global IT with an ambitious and well-defined program to enable design, launch and adoption across multiple lines of business and functions, for 40,000+ global technologists.
- The role will require partnership with a senior Technology leads; working across virtual teams Globally to provide control assurance and guidance in order to assure that a sound and sustainable control framework at every stage of the Technology lifecycle, across Architecture, DevOps, Infrastructure management etc. is implemented.
- Play a key role in the identification of recommended control assurance work based on internal and external events data as well as from proactive threat identification work and subsequently assure the execution and coordination of required field work and reporting.
- Create control assurance reports for consumption by both technical teams and senior management.
- Act as Subject Matter Expert and behavioral change agent to embed risk awareness and control adherence as part of the organizational DNA by training, guiding and raising awareness of technology risks and relevant control frameworks.
- As required, support the development and implementation of the multi-year CCO Tech strategy, designed to create a proactive controls environment fit to meet emerging risks.
- As required, support the design, delivery and implementation of a specialist control assurance framework and its execution plan.
- As required, assist with the automation of control assurance testing through the identification of requirements, creation of use cases, and coordination with teams throughout the organization to ensure implementation.
- The ability to support and control a dynamic and multi-faceted global program in way that adds value rather than constrains.
- Proven ability to handle and prioritize multiple and competing demands in a fast-paced environment.
- Ability to present complex control-related materials, briefs and reports in clear and unambiguous language that achieves the desired outcome with stakeholders - a strong and simple writing style will be key to this, and adeptness with MS Office will be an advantage.
- An enthusiastic, passionate and collaborative approach that brings all members of the group together in pursuit of common goals.
- Experience within or closely alongside a controls group and/or technology within a financial institution is a strong advantage but not a pre-requisite.
- Experience with major change programs in matrix led organizations utilizing Agile DevOps frameworks is a strong advantage.
- A demonstrable knowledge of IT control and assurance frameworks and relevant industry framework, standards and practices (NIST, COBIT, ITIL, CMMI, ISO 2700x, SOX, ITGC etc.).
- Ability to understand and navigate regulatory requirements in order to design controls meeting the spirit of the regulator while assuring minimal overhead and sustainability of the proposed controls.
- Broad knowledge of enterprise technology domains and general Technology Risk Management, preferably including cloud technologies, software development, API micro services, security testing etc. in order to provide end to end control assurance for HSBC Technology.
- Big 4 advisory experience on IT compliance, IT risk management, IT audit, or IT process controls is an advantage but not a pre-requisite.
- Competitive salary
- New and challenging position in the multinational environment
- Stable job in one of the largest banking and financial services organisation in the world
- Employees’ benefits: private medical and dental health care, Multisport Card, life insurance and many others
- Modern office in a good location – Kapelanka street
- Parking card
- Home working up to 40%