Oferta pracy

HSBC Service Delivery (Polska) Sp. z o.o.

(Cybersecurity Operations) Compliance Lead

HSBC Service Delivery (Polska) Sp. z o.o.O firmie

Rekrutacja zdalna

Rekrutacja zdalna

To wyróżnienie ofert oznacza, że cały proces rekrutacyjny jest prowadzony zdalnie. Dowiedz się więcej
Rekrutacja zdalna

HSBC Service Delivery (Polska) Sp. z o.o.

Kapelanka 42A

Kraków

HSBC Service Delivery (Polska) Sp. z o.o. is a part of HSBC Holdings plc, the parent company of the HSBC Group, headquartered in London. The Group serves customers worldwide from over 6,300 offices in over 75 countries and territories in Europe, Asia, North and Latin America, and the Middle East and North Africa. HSBC is one of the world’s largest banking and financial services organisations. Currently, we are looking for a candidate for the position of:

(Cybersecurity Operations)
Compliance Lead
Location: Kraków

Cybersecurity is responsible for enabling businesses and functions to manage their information security risks as well as ensuring risk and controls are assessed and implemented appropriately, objectively and independently through professional and specialized subject matter experts.

The Regulatory & Third-Party Management Lead is a senior role within the Cybersecurity Risk Assessment, Compliance & Engagement function with specific responsibility for overseeing the day-to-day operations of the capability and ensuring that consistent and accurate information relating to HSBC Cybersecurity is provided in response to Regulatory and Third-Party requests.

Key Accountabilities:

  • Drive strategic development of the capability and its services.
  • Ensure that coherent and precise information is provided to Regulatory and Third Party exams, audits, assessments and due diligence questionnaires; incorporating applicable stakeholder feedback into the regulatory responses.
  • Ensure timely management of annual industry accreditation across HSBC as required.
  • Support the GB/GF/Regional Cybersecurity Governance and Compliance leads on regulatory engagement.
  • Provide ad hoc advice and guidance on cyber regulation as and when required by internal Cybersecurity functions, Global businesses and regions.
  • Act as escalation point for any challenges to the provision of timely, accurate information to the Regulator.
  • Establish templates and standards for providing information to regulator to ensure consistency across the capability.
  • Proactively work towards compliance with forthcoming regulations/ legislation.
  • Promote a proactive approach to changing regulatory landscape by actively communicating changes and their potential impact on HSBC Cybersecurity, to the relevant internal stakeholders.
  • Work collaboratively with Cybersecurity Risk and Controls Strategy (CRCS) to support the provision of analysis of Cybersecurity controls against Regulatory and Third Party text including new or amended Regulations.
  • Establish and maintain a process to collate and securely store every regulatory and third party interaction, demonstrating a clear lifecycle of accountability and ownership across all areas of Cybersecurity for evidence collation and provision.
  • Oversee and maintain an evidence library by classifying and storing reusable evidence for future submissions.
  • Oversee the administration of GRC tool (i.e. Archer), ensuring information is kept up to date and accurate.
  • Perform role with a focus on service, driving continuous improvement to achieve efficiencies and excellent customer service.
  • Provision of information to relevant governance forums, escalate potential deficiencies in controls to relevant committees.
  • Developing, managing and maintaining a highly skilled, efficient and effective team across Regulatory & Third-Party Management including the definition, management and continuous improvement of core processes and activities.
  • Participate in Cybersecurity forums with industry peers.
  • Embedding a culture of individual self-improvement, development and self-directed learning, whereby staff are expected to maintain subject matter expertise within their area of focus and within the realm of cyber security more broadly.
  • Mentoring / Coaching / Guidance for other team members.

Essential Experience/Knowledge:

  • Minimum Bachelor Degree and/or experience in IT security governance and operational processes, preferably in the Financial Services industry or global corporate service provider.
  • Excellent understanding of Cybersecurity Control Framework and familiarity with Information Security standards, policies and key cyber regulations as well as experience in dealing with and automating regulatory requirements and other risk and compliance matters.
  • Background – experience in one or more of Risk and Compliance Management, Internal Audit, Internal Security Review, Third-Party Audit, Regulatory Reviews, etc.
  • Qualifications – one or more industry-recognised cybersecurity-related certifications including CISA, CRISC, CISM, CISSP, CGEIT.
  • Availability to travel in-country as well as internationally as required for this role.
  • Positive and professional attitude, team player, flexible and adaptable, open to change(s).
  • Confident and takes responsibility and ownership for work and personal development.
  • Excellent understanding of global financial services business models, regional compliance regulations and applicable laws.  
  • Ability to produce clear and concise reports for targeted audiences including senior management.
  • Good spoken and written communication and ability to adapt style based on audience (Fluent in spoken / written English).
  • Ability to build strong relationships and communicate on complex issues with a wide spectrum of stakeholders.
  • Previous experience of delivering an excellent customer service.

We offer:

  • Contact with top IT technologies available in the market.
  • Employees’ benefits: Multisport Card, private medical and dental health care, life insurance.
  • Free parking space for our employees – few minutes from the office.
  • Internal training events and workshops.
  • Realistic career progression opportunities in an international organization.
  • Casual dress code.
  • Cultural exchange.

 

You'll achieve more when you join HSBC.

We thank all interested candidates for their applications. We reserve the right to contact only selected candidates.

Applications sent to us will be taken into consideration only if they include the following statement: 

I hereby declare that I have familiarized myself with the Privacy Statement for Applicants published at http://www.about.hsbc.pl/careers and I hereby give consent for personal data included in my application to be processed for the purposes of recruitment in HSBC Service Delivery (Polska) Sp. z o. o. according to rules described in the Privacy Statement for Applicants, as per the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (GDPR).”

In case you would like to resign from participation in recruitment process or withdraw previously sent to us application, please email us at: [email protected]

HSBC Service Delivery (Polska) Sp. z o.o. is a part of HSBC Holdings plc, the parent company of the HSBC Group, headquartered in London. The Group serves customers worldwide from over 6,300 offices in over 75 countries and territories in Europe, Asia, North and Latin America, and the Middle East and North Africa. HSBC is one of the world’s largest banking and financial services organisations.

 

Currently, we are looking for a candidate for the position of:

(Cybersecurity Operations)
Compliance Lead

Cybersecurity is responsible for enabling businesses and functions to manage their information security risks as well as ensuring risk and controls are assessed and implemented appropriately, objectively and independently through professional and specialized subject matter experts.

The Regulatory & Third-Party Management Lead is a senior role within the Cybersecurity Risk Assessment, Compliance & Engagement function with specific responsibility for overseeing the day-to-day operations of the capability and ensuring that consistent and accurate information relating to HSBC Cybersecurity is provided in response to Regulatory and Third-Party requests.

Key Accountabilities:

  • Drive strategic development of the capability and its services.
  • Ensure that coherent and precise information is provided to Regulatory and Third Party exams, audits, assessments and due diligence questionnaires; incorporating applicable stakeholder feedback into the regulatory responses.
  • Ensure timely management of annual industry accreditation across HSBC as required.
  • Support the GB/GF/Regional Cybersecurity Governance and Compliance leads on regulatory engagement.
  • Provide ad hoc advice and guidance on cyber regulation as and when required by internal Cybersecurity functions, Global businesses and regions.
  • Act as escalation point for any challenges to the provision of timely, accurate information to the Regulator.
  • Establish templates and standards for providing information to regulator to ensure consistency across the capability.
  • Proactively work towards compliance with forthcoming regulations/ legislation.
  • Promote a proactive approach to changing regulatory landscape by actively communicating changes and their potential impact on HSBC Cybersecurity, to the relevant internal stakeholders.
  • Work collaboratively with Cybersecurity Risk and Controls Strategy (CRCS) to support the provision of analysis of Cybersecurity controls against Regulatory and Third Party text including new or amended Regulations.
  • Establish and maintain a process to collate and securely store every regulatory and third party interaction, demonstrating a clear lifecycle of accountability and ownership across all areas of Cybersecurity for evidence collation and provision.
  • Oversee and maintain an evidence library by classifying and storing reusable evidence for future submissions.
  • Oversee the administration of GRC tool (i.e. Archer), ensuring information is kept up to date and accurate.
  • Perform role with a focus on service, driving continuous improvement to achieve efficiencies and excellent customer service.
  • Provision of information to relevant governance forums, escalate potential deficiencies in controls to relevant committees.
  • Developing, managing and maintaining a highly skilled, efficient and effective team across Regulatory & Third-Party Management including the definition, management and continuous improvement of core processes and activities.
  • Participate in Cybersecurity forums with industry peers.
  • Embedding a culture of individual self-improvement, development and self-directed learning, whereby staff are expected to maintain subject matter expertise within their area of focus and within the realm of cyber security more broadly.
  • Mentoring / Coaching / Guidance for other team members.

Essential Experience/Knowledge:

  • Minimum Bachelor Degree and/or experience in IT security governance and operational processes, preferably in the Financial Services industry or global corporate service provider.
  • Excellent understanding of Cybersecurity Control Framework and familiarity with Information Security standards, policies and key cyber regulations as well as experience in dealing with and automating regulatory requirements and other risk and compliance matters.
  • Background – experience in one or more of Risk and Compliance Management, Internal Audit, Internal Security Review, Third-Party Audit, Regulatory Reviews, etc.
  • Qualifications – one or more industry-recognised cybersecurity-related certifications including CISA, CRISC, CISM, CISSP, CGEIT.
  • Availability to travel in-country as well as internationally as required for this role.
  • Positive and professional attitude, team player, flexible and adaptable, open to change(s).
  • Confident and takes responsibility and ownership for work and personal development.
  • Excellent understanding of global financial services business models, regional compliance regulations and applicable laws.  
  • Ability to produce clear and concise reports for targeted audiences including senior management.
  • Good spoken and written communication and ability to adapt style based on audience (Fluent in spoken / written English).
  • Ability to build strong relationships and communicate on complex issues with a wide spectrum of stakeholders.
  • Previous experience of delivering an excellent customer service.

We offer:

  • Contact with top IT technologies available in the market.
  • Employees’ benefits: Multisport Card, private medical and dental health care, life insurance.
  • Free parking space for our employees – few minutes from the office.
  • Internal training events and workshops.
  • Realistic career progression opportunities in an international organization.
  • Casual dress code.
  • Cultural exchange.

You'll achieve more when you join HSBC.

We thank all interested candidates for their applications. We reserve the right to contact only selected candidates.

Applications sent to us will be taken into consideration only if they include the following statement: 

I hereby declare that I have familiarized myself with the Privacy Statement for Applicants published at http://www.about.hsbc.pl/careers and I hereby give consent for personal data included in my application to be processed for the purposes of recruitment in HSBC Service Delivery (Polska) Sp. z o. o. according to rules described in the Privacy Statement for Applicants, as per the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (GDPR).”

In case you would like to resign from participation in recruitment process or withdraw previously sent to us application, please email us at: [email protected]

Ogłoszenie archiwalne