Cybersecurity Lead for Core Banking/ Lead Consultant Specialist/ Hyderabad & Pune/ Cybersecurity: 0000KBI6

Some careers shine brighter than others.

If you’re looking for a career that will help you stand out, join HSBC, and fulfil your potential. Whether you want a career that could take you to the top, or simply take you in an exciting new direction, HSBC offers opportunities, support and rewards that will take you further.

HSBC is one of the largest banking and financial services organizations in the world, with operations in 64 countries and territories. We aim to be where the growth is, enabling businesses to thrive and economies to prosper, and, ultimately, helping people to fulfil their hopes and realize their ambitions.

We are currently seeking an experienced professional to join our team in the role of Lead Consultant Specialist

In this role you will:

• The key responsibilities include Governance & Reporting, Information Security Risk Management and Remediation and Regulatory Compliance.

Governance & Reporting: 

• Collate Information Security monitoring and risk reports and translate technical information into consumable reports that can be shared with business and technology stakeholders.
• Represent Cybersecurity in relevant management and governance forums.
• Ensure security requirements from Enterprise Technology are shared with the central Cybersecurity functions, so that there is sufficient coverage and prioritisation within change programmes and initiatives.

Information security Risk Management & Remediation

• Understand the Cybersecurity risk in Enterprise Technology. In particular, understand the critical assets for Core Banking, the threats and vulnerabilities faced, and the security control requirements required.
• Drive and support Cybersecurity risk management and improvement activities. Ensure remediation activities are completed within agreed timelines.
• Ensure adherence to cybersecurity controls and enable access to cybersecurity services to support business projects
• Work with stakeholders in Enterprise Technology and beyond to support the resolution / remediation of all major security incidents. 

Regulatory compliance 

• Provide support to Regional Information Security Officers (RISO) to meet the local cybersecurity requirements to respond to Regulators.
• Collaborate with Cybersecurity central functions to drive the management and reporting of compliance requirements with Industry standards, e.g., PCI-DSS and SWIFT. 
• Provide support to regulatory, audit and external security engagements e.g SOX/ EARS review by external auditors.

Team & stakeholder Management 

• Establish strong stakeholder relationships within Enterprise Technology and Cybersecurity.
• Act as a key point of contact for Cybersecurity monitoring and risk reporting for the respective Global Business/ Global Function.
• The role holder would be responsible for assisting the respective business/ service line with their information security and cybersecurity controls and risk management.
• Timely implementation and closure of internal and external audit points, including issues raised by external regulators.
• Timely management/remediation of security vulnerabilities.
• Maintain a list of high priority Business or IT projects and ensure projects meet security requirements.
• This is a high profile area so risk management is the key underlying objective. 
• The role holder will adhere to and be able to demonstrate adherence to internal controls. Achieved by adherence to all relevant procedures, keeping appropriate records and, where appropriate, by the timely implementation of internal and external audit points, including issues raised by external regulators.
• The role holder will implement the group compliance policy by containing compliance risk in liaison with Global Head of Compliance, Global Compliance Officer, Area Compliance Officer or Local Compliance Officer. The term ‘compliance’ embraces all relevant financial services laws, rules and codes with which the business must comply.
• This will be achieved by adhering to all relevant processes/procedures and by liaising with compliance department about new business initiatives at the earliest opportunity. Also, when applicable, fostering a compliance culture and optimizing relations with regulators.