Job Description
Some careers have more impact than others.
If you’re looking for further opportunities to develop your career, take the next step in fulfilling your potential right here at HSBC.
HSBC is one of the largest banking and financial services organizations in the world, with operations in 62 countries and territories. We aim to be where the growth is, enabling businesses to thrive and economies to prosper, and, ultimately, helping people to fulfil their hopes and realize their ambitions.
We are currently seeking an experienced professional to join our team in the role of Global Head of Data Protection.
Location: Pune / Hyderabad
Department Background:
Our Cybersecurity team helps maintain a strong, secure technology and data infrastructure – using industry leading techniques, real-time data analytics and controls to enhance protection against cyber-attacks.
The Opportunity:
- Our Technology teams work closely with HSBC’s Global Businesses to design, build and run digital services that allow millions of our customers around the world to bank quickly, simply and securely. We run and manage our Technology infrastructure, data centers and core banking systems that power the world’s leading international bank, with one of the largest technology estates in the industry.
- We are looking for a Cybersecurity leader to join us to shape our long-term strategy, and turbo-charge delivery, as the accountable owner for Data Protection across the bank. This senior role reports directly into the Global Head of Cyber Technology & Engineering.
What you’ll do:
- Strategy: Define and maintain the capability strategy for Data Protection, supported by engineers, architects and multiple Control Owners, enabling business success, meeting regulatory expectation and best practice, whilst responding to current and likely threat actor evolution. A customer-centric and engineering-led approach includes: the use of machine-learning for data identification, pattern maturity, blended security tooling across assets and channels and related meta-policy and behavioral analytics.
- Delivery: Own the investment roadmap for Data Protection and Data Security and its successful delivery across multiple partners. Ensure the transparent prioritization of a common backlog to drive risk reduction, simplification and wider strategic needs. Ensure risk-risk trade-offs are managed, particularly risk mitigation and operational needs.
- Innovation: Empower HSBC to successfully navigate cyber risk with innovative, responsive and frictionless technologies and services, both those delivered in-house and from external partners. Foster and empower a culture of innovation, experimentation, and continuous improvement.
- Partnership: Form close partnerships with engineering teams: as design partners – for how capabilities will be implemented and operated, at times in novel ways; as customers – understanding their needs as they consume data protection services or implement mandates, and as delivery partners – prioritizing change within respective Cyber Engineering teams, and to drive bank-wide adoption of uplifts. Close and successful partnership with the Data Office and CTO teams is essential to maintaining robust proactive mechanisms. Partner with external technology providers and security specialists to integrate best practice and leverage or build cutting-edge tooling.
- Services: ensure mature, consistent and high-quality centralized data protection consultancy and operations services are delivered in partnership with the service delivery team.
- Oversight: Ensure Data Protection is overseen end-to-end, robustly and throughout the organization: from software development, federated control operation through to secure erasure. Drive a data-centric approach to observability and assessment, wherever possible supported by automation, measures and analytics.
- Accountability: Ensure regulatory and risk management outcomes are being maintained or robustly managed. Ownership of High-Risk Audit, Regulator and self-identified issues. Ownership of the capability budget, balancing run and change investment. As a senior leader, contribute to and champion change across both Cybersecurity and Technology, occasionally outside of your primary remit.
- Talent: Lead, manage, invest in, recruit and inspire a team of highly skilled and performant SMEs across the globe. A culture driven by empowerment, experimentation, learning, partnership and delivery. A place where colleagues thrive, solving meaningful problems that keep the bank and its customers safe.