Risk & Control Officer/ Lead Consultant Specialist

Some careers shine brighter than others.

If you’re looking for a career that will help you stand out, join HSBC and fulfil your potential. Whether you want a career that could take you to the top, or simply take you in an exciting new direction, HSBC offers opportunities, support and rewards that will take you further.

HSBC is one of the largest banking and financial services organisations in the world, with operations in 64 countries and territories. We aim to be where the growth is, enabling businesses to thrive and economies to prosper, and, ultimately, helping people to fulfil their hopes and realise their ambitions.

We are currently seeking an experienced professional to join our team in the role of  Lead Consultant Specialist

In this role, you will:

• Create forward looking view of what the strategy should be with regards to Risk & Control. Consult on technology projects and provide risk and control subject matter expertise during IT audits and managing sustainable control compliance posture. 
• Partner with the Business service owners, Business Risk and Chief Control Office Technology functions to promote and provide guidance to relevant policies, standards and governance within the department.
• Provide updates with respect to global IT Control uplift programs to stakeholders. Lead IT engagement with internal / external / client audit and Regulatory Exams, including oversight of field work, collation of artefacts and partnership with CCO tech to remediate issues.
• Communicate residual risk through reporting, business governance processes and forums. Provide visibility of status of action plans and external/internal audit issues through different MIs/Dashboards
• Partner with IT Service Owners and Service line head to identify and assess controls, determine mitigating actions and remediation activities, and understand the overall risk profile. Attend relevant governance forums to represent service line risk position and remediation plan through different MIs.
• Act as a gatekeeper in collection of artefacts and / or evidence for internal/external audits and assessments, and act as POC for auditors and reviewers. Manage the Risk Acceptance and Exception process through group standard process.
• Lead the delivery of risk & control projects and programmes for the Digital IT. Assist IT Service Owners in responding appropriately and effectively to firm-wide risk, Cybersecurity and corporate control initiative.
• Drive ownership and accountability for Risk/Issue and Action Plan Ownership within Service line. Ability to converse with technical teams and assess their solutions for gaps and issues as well as propose mitigating or compensating controls.