Senior Resilience Risk Manager
Some careers open more doors than others.
If you're looking for a career that will unlock new opportunities, join HSBC and experience the possibilities. Whether you want a career that could take you to the top, or simply take you in an exciting new direction, HSBC offers opportunities, support and rewards that will take you further. Global Risk
Global Risk is a thriving and expert risk management function supporting HSBC globally with all aspects of risk management and Global Operational and Resilience Risk (ORR) is a sub function of Group Risk. Its purpose is to make sure HSBC understands, and is in control of its non-financial risk position. In addition, the function provides resilience risk stewardship to global businesses, functions and entities we operate in.
We are now inviting qualified individuals to join this team in the role of Senior Resilience Risk Manager
Resilience Risk (RR) Specialists provide expert advice covering specific RR risk lens to ensure high quality advice, expertise and guidance is available across all of the risk types of Technology (including Cyber) Risk; Data and Information Security Risk; Third Party Risk; Contingency Risk; Physical Security Risk; Building Unavailability Risk; Workplace Safety Risk; Payments and Transaction Processing Risk
The Senior Resilience Risk Manager is responsible for supporting and delivering the following minimum outcomes:
- Provide technical advice and support to Malaysia the ORR Business and Functions team ensure they understand and are aware of the control environment and assessment of risk within the country commensurate with the scale and nature of operations.
- Support the ORR Business & Functions team to explain in non-technical terms the impact of issues or events, and top and emerging risks that may require changes (for example, to controls, resources or business operations) to remain within respective Risk Appetites. Support the ORR Business & Functions teams to ensure Risk and Control Owners have clear understanding of the effectiveness of the current control environment.
- Monitor the local external environment to get early sight of emerging risks and provide detailed guidance on controls required to mitigate against them. Build and maintain relevant cross-organisation and industry relationships.
- Deliver tailored and specific expertise across Malaysia enabling 1LOD to successfully deploy and operate mitigating key controls.
- Provide technical guidance to support development and completion of Enterprise Risk and Regulatory reporting obligations (e.g. RAS, Top & Emerging Risks, Risk Profile Reporting, RMM, Board reporting where relevant, etc)
- Ensure the root cause of relevant local operational risk issues and events are fully understood and correctly treated.
- Ensure any concerns with key controls and material change programmes, relevant to their area of RR specialism, are understood and escalated (i.e. within country, to region and/or global peers) as needed.
- Work in conjunction with the ORR Business & Functions team and 1LOD to escalate any matters within the RR classes when needed.
- Lead Malaysia regulator and audit engagement pertaining to RR risk types; ensure regulatory compliance for the specialist area/s and timely completion of Audit actions and findings.
- Support ORR Business & Functions team in the development and implementation of localised Non-Financial Risk framework activity as required (e.g. Locally Significant Risks) or to meet local regulatory expectations.
- Support training and capability uplift for the ORR Business & Functions team and to the wider HSBC community to ensure robust understanding of all RR risk areas
- Support the region/ global RR Specialist teams to leverage niche expertise and knowledge as required
- Additional specific Country responsibilities may be added to this role profile at the direction of the CRO and the country reporting line.
- Strong level of business knowledge and experience of working in one or more resilience risk specialist areas
- Strong level of risk management knowledge and relevant experience
- Comprehensive knowledge of the internal control environment
- A BA or BS University Degree, professional certificate in one or more Resilience Risk specialist disciplines
- Professional qualifications (e.g. HKMA Enhanced Competency Framework on Cybersecurity, Information Systems Audit and Control Association certification or equivalent qualification from a recognised professional body) may be advantageous.