If you’re looking for a career where you can make a real impression, join our Global Service Center (GSC)- HSBC and discover how valued you’ll be.
We are currently seeking an experienced professional to join our team in the role of
Compliance Assurance Manager - Technology, Cyber Security and Data
Role purpose:
Controls Assurance (CA) reports into Risk & Control Assessment (RCAS) and is responsible for assuring the risk management of critical business processes and specified non-financial and financial risks across the Group, principally by testing mitigating controls. This is achieved by building out a centralized offshore capability that will deliver agile, insightful, and cost-efficient assurance. CA also provides a resource augmentation service to other assurance teams within the Bank, becoming a vehicle to effectively manage assurance costs and resources. Also, CA works together with the RCAS Automation and Analytics team to develop, test and deploy their Continuous Assurance objectives.
The role holder will be required to support the VicePresident, Technology, Cyber Security and Data (TCSD) and Head of CA (GSC Country Location Name) in leading or working with a team to assess the effectiveness of controls relating to the TCSD risks and identifying and raising issues where control gaps lead to material unaddressed risks.
Main activities:
- Evaluate a portfolio of controls for design effectiveness, operating effectiveness and/or risk management outcomes, raising issues as appropriate. Customize and localize standard test scripts and then evaluate assigned controls for design and operating effectiveness, raise issues as appropriate.
- Ensure that assigned control assessments are accurate, effective, abide by CA and RCAS methodology, procedures, and templates, and meet quality control requirements and are delivered on time, in accordance with the CA assessment plan.
- Supervise the delivery of assigned control assessments not limited to System Architecture, Operating Systems, Databases, Networks, Security Systems, Cloud Services, Asset Inventories, Change Management, Incident Management, Recovery Management, Software Development Lifecycle (SDLC), and other general controls; using experience and knowledge to intervene and redirect testing as required, resolving, or redirecting escalations as required.
- Manage control owners and other stakeholders, ensuring the success of each assigned reviews, minimizing contention where possible and requesting support, where deemed necessary.
- Manage the documentation of distinct control types, covering key aspects, such as remit, main processes, and handovers to other teams.
- Apply judgement and risk management concepts to identify, formulate findings and provide valuable insights to the TCSD control owners to improve processes and manage risks to achieving operational and strategic goals.
- Ensure that issue owners complete sufficient root cause analysis for all material issues and have appropriate remediation plans in place.
- Support the Head of Control Assurance (GSC Country Location Name) in fulfilling CA responsibilities as required, including budget management, resourcing, and feeding into the development of procedures and templates.