This list contains only the countries for which job offers have been published in the selected language (e.g., in the French version, only job offers written in French are displayed, and in the English version, only those in English).
Your career opportunity Technology teams in the UK work closely with our global businesses to help design and build digital services that allow our millions of customers around the world, to bank quickly, simply and securely. They also run and manage our IT infrastructure, data centres and core banking systems that power the world's leading international bank. Our multi-disciplined teams include: DevOps engineers, IT architects, front and back-end developers, infrastructure specialists, cyber experts, as well as project and programme managers. Cybersecurity is responsible for fielding solutions that help defend HSBC against a wide range of threats to the business as well as its customers, clients, partners, and staff. The team works in concert, with partner teams across HSBC, to implement novel defensive capabilities that are effective and adaptable against a constantly evolving threat landscape. The function operates under the vision: "Enabling HSBC to be safely successful everywhere the Firm chooses to do business." Global Defense - Cybersecurity Engineering and Operations is comprised of several inter-joined teams: Technical Directors Office (TDO), Site Reliability Engineering (SRE), Global Defense Governance & Delivery (GDD), Global Cybersecurity Operations (GCO) and Cybersecurity Intelligence & Threat Analysis (CITA). Together, the function enables an adaptive and constantly evolving capacity to address risks borne through an ever-shifting threat landscape. The function serves as an engine for innovation and problem solving with partner teams across the Firm who share a common imperative to be the best for our customers and drive the Global HSBC Purpose of "Opening up a world of opportunity."
Job Responsibility
Provide the first line of defense (1LOD) for the organization for all matters relating to Cryptography controls. Drive implementation of controls to protect the group's key data
Risk Management: Maintain the accuracy and alignment of the CRYP control to the bank's Risk Control framework
Controls Governance: Control Design and Continuous Control Monitoring - MPs/OIs enhancements, Control effectiveness rationale. Manage, report, and improve performance metrics (KCIs)
Compliance: Ensure Cryptography controls align with relevant regulations, standards, and industry best practices, and support compliance efforts. Maintain internal control standards, including timely implementation of internal and external audit points together with any issues raised by external regulators
Stakeholder Management: 2LoD/3LoD engagement - Respond to informal control queries and formal review and challenges and observations. Collaborate with senior stakeholders to facilitate understanding and alignment of CRYP control objectives, including business units, audit and regulators. Provide specialist knowledge and timely feedback, working in partnership with those stakeholders
Cross Controls Collaboration: Foster a community of collaboration/knowledge sharing across all Control Owners in Global Defense - understand the implication a change in one control area has on other control areas. Build and maintain constructive working relationships with a diverse community of technical and non-technical audiences
Training and Awareness: Develop and deliver training and awareness programs to educate stakeholders and communities within Cyber about the Cryptography control strategy
Requirements
Technical Background: We are looking for someone who brings a deep understanding of technology (preferably in the Cryptography area) or who is willing to build up knowledge quick
Communication skills: Communication is key in that role. The CRYP Control Owner must be able to communicate complex technical information to non-technical stakeholders and explain Cryptography control policies and procedures in a clear and concise manner. The control owner must be able to communicate with stakeholders on senior level, addressing challenges and feedback
Collaboration skills: The CRYP Control Owner must be able to work effectively with cross-functional teams, including Cybersecurity and business units to ensure that Cryptography control strategies align with organizational goals and requirements. It is key that the Control Owner stays on top of developments in other controls areas
Stakeholder management skills: The CRYP Control Owner must be able to manage relationships with stakeholders, including business units and audit/regulatory bodies, to ensure that Cryptography control strategies are well received and adopted
Problem-solving skills: The CRYP Control Owner must be able to identify and remediate challenges in (governance) processes and must be able to get technical consultancy from the Cryptography Capability Lead to respond to issues
What we offer
Additional bonuses for recognition awards
Multisport card
Private medical care
Life insurance
One-time reimbursement of home office set-up (up to 800 PLN)
Cafeteria platform
Employee assistance program
Additional contributions to PPK scheme
Corporate parties & events
CSR initiatives
Nursery discounts
Financial support with trainings and education
Social fund
Flexible working hours
Free parking
Additional car allowance in the amount of 4786 PLN (monthly, gross)