(Cybersecurity) Cybersecurity Continuous Control Monitoring Manager

HSBC Service Delivery (Polska) Sp. z o.o.

  • Kapelanka 42a, Dębniki, Kraków
    Kraków, Lesser Poland
  • offer expired over a month ago
  • contract of employment
  • full-time
  • manager / supervisor
  • hybrid work
  • remote recruitment
  • запрошуємо працівників з України
ukrainian-friendly-overlay
Запрошуємо працівників з України
Роботодавець відкритий для працевлаштування громадян України

HSBC Service Delivery (Polska) Sp. z o.o.

Kapelanka 42a

Dębniki

Kraków

Technologies we use

Optional

  • Confluence

  • JIRA

  • Helios

About the project

This role is within the 1st Line of Defence and will play a key role in the development of new, data driven control environment that will provide the Business with better understanding of their exposure to risk and effectiveness of protective measures deployed by HSBC Cybersecurity. The role holder will be part of the team of experts working closely with the Control Owners and provide technical expertise in monitoring the overall controls environment and providing controls assessment of all Cybersecurity controls.

They will also be part of Cybersecurity Risk and Controls Strategy Team and will be responsible for providing an overall guidance and ensuring that the Control Continuous Monitoring Team deliverables supports other CRCS activities.

Your responsibilities

  • Representing Cybersecurity Controls in senior management forums

  • Working with the Control Owners to ensure timely execution of the Cybersecurity controls self-assessments and to reflect the monitoring results into control rationale;

  • Provide constructive challenge and advice to Control Owners on the assessments

  • Ensure and maintain accurate evidence repository

  • Improve the accuracy and quality of the Cybersecurity controls management and governance

  • Monitor the monthly control performance through Key Control Indicators (KCIs) and Issues & Actions to ensure the effectiveness of the control is accurate and provide constructive challenge if needed

  • Working with 2LoD, Chief Control Office Technology and Audit (internal and external)

  • Review Cybersecurity Mandatory Procedures and Operating Instructions

  • Manage escalation of issues through appropriate channels based on the results of continuous control monitoring process

Our requirements

  • Strong Risk and Controls Background

  • Significant, subject matter expertise in Control and Risk Management. This includes but is not limited to controls monitoring and implementation and control assessment;

  • Ability to translate difficult IT concepts into business-friendly language;

  • Experience with Technology risks and controls. Knowledge of Cybersecurity is a must.

  • Technical background

  • Understanding of Cybersecurity concepts such as threats, vulnerabilities, attack vectors, inherent/residual risk;

  • Experience in control monitoring and control effectiveness assessment is a must

  • Strong stakeholder management and communications skills

  • Experience of working at an operational level in international environments which drive a true international perspective;

  • Experience in dealing with Senior Management, internal and external audit

  • Assertiveness is a key requirement for this role, whilst remaining strong relationship with a wide range of stakeholders

  • Team-oriented mentality combined with ability to complete tasks independently to a high quality standard

  • Experience within fast-moving, complex and demanding corporate environments where Cybersecurity controls issues have to be handled on a large scale and with a need to multi-task whilst dealing with ambiguity and change.

  • Proven organisational, planning, interpersonal, managerial, analytical, problem-solving, decision-making, and team building skills.

  • Ability to manage conflicting priorities effectively and proven ability to meet challenging deadlines.

  • Interpersonal Skills

  • Influential, credible and persuasive, active listener, embraces HSBC Values and Conduct pillars, shows good judgement and demonstrating high level of communication skills in order to achieve effective stakeholder management.

  • Creative Thinking

  • Able to think out of the box with capability to think creatively, critically and propose solutions to the challenges faced

Optional

  • Understanding metrics and measures in managing risks and controls (KPIs, KCIs, KRIs) is a plus

  • Knowledge of Centre for Internet Security (CIS) Measures and Metrics is a plus

  • Experience with GRC Tools (such as HELIOS) is a plus

What we offer

  • Employees’ benefits: Multisport Card, private medical and dental health care, life insurance

  • Flexible working in hybrid model

  • Free parking space for our employees – few minutes from the office

  • Internal training events and workshops

  • Realistic career progression opportunities in an international organization

  • Casual dress code

  • Cultural exchange

Benefits

  • sharing the costs of sports activities

  • private medical care

  • sharing the costs of foreign language classes

  • sharing the costs of professional training & courses

  • life insurance

  • remote work opportunities

  • flexible working time

  • integration events

  • corporate sports team

  • doctor’s duty hours in the office

  • retirement pension plan

  • corporate library

  • no dress code

  • video games at work

  • coffee / tea

  • parking space for employees

  • leisure zone

  • extra social benefits

  • employee referral program

  • opportunity to obtain permits and licenses

  • charity initiatives

  • family picnics

  • extra leave

Recruitment stages
1

Phone interview

2

Online assessment

3

Zoom interview

4

Welcome to HSBC!

HSBC Service Delivery (Polska) Sp. z o.o.

HSBC is one of the world’s largest banking and financial services organisations. Our global businesses serve more than 40 million customers worldwide through a network that covers 63 countries and territories.

HSBC Service Delivery (Polska) Sp. z o.o. is HSBC's global finance, operations, risk and technology centre. We use our unique expertise and capabilities to provide specialised services – our people range from technologists transforming the banking experience to operations professionals managing 1.7 trillion payments a year.

Our Purpose – Opening up a world of opportunity – explains why we exist. We are bringing together the people, ideas and capital that nurture progress and growth, helping to create a better world – for our customers, our people, our investors, our communities and the planet we all share.

Scroll to the company’s profile