Sr Technology Data, Risk and Controls Manager - Enterprise Technology MENAT

at  HSBC

Job description

SOME CAREERS GROW FASTER THAN OTHERS.

If you’re looking for a career that will give you plenty of opportunities to develop, join HSBC and your future will be rich with potential.

QUALIFICATION & EXPERIENCE:

• Bachelor’s degree (or equivalent experience) in Information Technology, Computer Science, or a related field; advanced degree or relevant certifications (e.g., CRISC, CISM, CISA) preferred.
• Thorough experience in technology risk management, with a track record of successfully implementing and enhancing control frameworks preferred.
• Experience of regional central bank landscape, UAE, Oman, Bahrain, Egypt, Qatar regulatory bodies and operational idiosyncrasies is preferred.
• Experience of both waterfall and agile enterprise methodologies and frameworks
• Preferred understanding in software design, development, and implementation of distributed and high-volume transactional systems with the following technologies:
• Microservices, including greenfield design and decomposing monolithic applications.
• BI tooling and reporting capabilities.
• Infrastructure as well as software development and deployment deliveries
• API Design & Management
• Understanding of applying event driven design and streaming technologies
• Understanding of build/deployment pipelines and their usage
• Understanding of application environment provisioning & measurement in Cloud
• Understanding of Technology Risk and Control principles, and industry best practices preferred
• Proven ability to effectively communicate complex technical concepts to diverse audiences, including leadership.
• Demonstrated experience in coordinating technology audits, both internal and external preferred
• Analytical and problem-solving skills, with the ability to navigate complex technology landscapes preferred.
• Knowledge of enterprise risk management software and tools in a large financial services organization preferred.
• A commitment to continuous learning and staying at the forefront of technology risk management trends and developments preferred.
• Understanding of Technology infrastructure as used in a Global financial organization preferred.
  For further details and application information please visit our careers site, searching under reference number 0000KGZO.
  We support our staff to adopt flexible and alternative ways of working where possible, including working from home and different hours subject to approvals.
  HSBC is committed to building a culture where all employees are valued, respected and opinions count. We take pride in providing a workplace that fosters continuous professional development, flexible working, and opportunities to grow within an inclusive and diverse environment. Personal data held by the Bank relating to employment applications will be used in accordance with our Privacy Statement, which is available on our website.
  Issued by The Hong Kong and Shanghai Banking Corporation Limited

ROLE OVERVIEW:

The role is part of the MENAT Enablement Risk & Control team within MENAT IT, DBS Technology and provides end to end oversight of technology risk and controls for Enterprise Technology (ET) portfolios, directly supporting MENAT ET CIO in meeting the risk & controls objectives for the function.
The position plays a significant role in enabling the bank to operate within its risk appetite, by ensuring efficient and effective risk and control management. This is achieved by providing operational risk and control expertise, conducting high-quality reviews of the bank’s control environment, maintaining robust risk governance focused on material risks and issues, and evolving a culture of continuous and consistent risk management.
This is a 1LOD (Line of Defense) role with responsibility to design and execute effective risk management discipline for ET including ownership of relevant forums in line with ET IT governance.
We are currently seeking an experienced Sr Technology Data, Risk & Controls Manager to join the Enterprise Technology (ET) MENAT Tech team.

DUTIES AND RESPONSIBILITIES:

• Act as the trusted advisor for senior management within MENAT Enterprise Technology on managing operational risk (risk assessments, control environment, issues management).
• Support the delivery of the Enterprise Technology risk & controls agenda through engagement and partnership with stakeholders across all three LODs.
• Promote accountable risk and control decision-making based on quality data and commercial analysis, actively challenging poor, inefficient, or excessive controls, related tasks, and behaviors.
• Advise and design processes and controls in a commercially viable, practical, and effective manner.
• Identify trends to anticipate future developments in the risk and control environment.
• Influence and shape the development and implementation of future fit risk management and regulatory frameworks.
• Provide Senior Management with updates on any relevant changes to policy or projects related to operational risk that impact their area of responsibility.
• Ensure understanding and application of IT FIMs and supporting standards across ET, including oversight on treatment paths and consistent risk assessment for all noncompliance instances.
• Partner with global ET control owners to achieve and maintain an effective control environment, liaise with the wider IT organization on domain issues impacting ET risk & controls and interface with all business lines on control impacts to the documented risk scenarios.
• Collaborate with the Global Head of Technology Controls Enterprise Technology RCO and CCO organizations to ensure ET IT maintains its controls posture and integrates into MENAT DBS CCO governance processes as required.
• Support all lines of Business facing conversations and partnership with the CCO team in discussions with 2LOD to achieve consistent application of framework/controls library for Enterprise IT.
• Work internally across service line RCOs, CCO Tech, all lines of business, and risk stewards to determine risk appetite, operate Group controls, help design federated controls, and validate the effectiveness of internal HSBC governance.
• Oversee and enhance technology control frameworks, ensuring they are effective, adaptable, and compliant with industry regulations and standards.
• Participate in high-level risk assessments to identify and evaluate potential risks, providing insights including regional regulatory risk reduction actions to senior leadership for informed decision-making.
• Collaborate closely with global functions, businesses, and regional management to integrate risk considerations into strategic technology planning and decision-making processes.
• Coordinate complex internal and external technology audits, ensuring efficient communication and resolution of audit findings.
• Stay abreast of emerging technologies, cybersecurity threats, and regulatory changes to anticipate and address potential risks.
• Develop and maintain relationships with key stakeholders to promote a unified approach to technology risk management across the organization.
• Establish and monitor consistent and interconnected risk and control environment reporting and governance e.g. key control indicators (KCIs) to track the effectiveness of risk mitigation efforts and report to management.
• Actively participate in Red and Amber project reviews to identify and raise concerns from a risk perspective.
• Partner with Service Line Leads to ensure the Change Framework is implemented across all projects in MENAT Enterprise Technology.
• Ensure regional issues are raised in Helios and actions tracked to completion.
• Partner with 2LOD for awareness of new and emerging risks and support major incidents leading to Helios issues.
• Support relevant teams with RMM preparation for issue presentation as required and represent MENAT ET CIO in Global and Regional CEMM meetings, responsible for all reporting in these committees.
• Excellent communication (oral and written) are essential and interpersonal skills, including the capacity to articulate the case for risk management in the language of business in a clear and accurate manner.
• Mentor and guide junior technology risk professionals, fostering a culture of excellence, collaboration, and continuous improvement.
• Proven ability to engage with senior stakeholders, including the ability to navigate challenging conversations in a professional manner.
  Requirements