Resilience Risk Specialist, Data Privacy and Retention Risk Senior Manager - Global Risk
HSBC Group
Kowloon City, Hong Kong

Job description

Some careers have more impact than others.

If you’re looking for a career where you can make a real impression, join HSBC and discover how valued you’ll be. Whether you want a career that could take you to the top, or simply take you in an exciting new direction, HSBC offers opportunities, support and rewards that will take you further.

Global Risk is a thriving and expert risk management function supporting HSBC globally with all aspects of risk management.

The team actively manages a varied and dynamic range of risk types, including security, fraud, information security, contingency, geopolitical, operational, credit, pension, insurance, market and reputation risks.

All parts of the Global Risk team use their skills, insight and integrity to handle established threats and those they see emerging, acting to protect and enable HSBC to deliver sustainable growth.

We are currently seeking a high calibre professional to join our team as a Resilience Risk Specialist, Data Privacy and Retention Risk Senior Manager.

Principal Responsibilities

Regional Operational and Resilience Risk (ORR) is a sub function of Regional Risk. Its purpose is to make sure HSBC understands, and is in control of its non-financial risk position.

In addition, the function provides resilience risk stewardship to global businesses, functions and entities we operate in

  • Resilience Risk (RR) Specialists provide expert advice covering specific RR risk lens to ensure high quality advice, expertise and guidance is available across all of the risk types of technology (including cyber) risk;
  • data and information security risk.

    The RR Specialists work closely with their RR peers and the ORR Business and Functions they support, by providing RR technical advice and guidance for their consumption and use in delivering their respective relationship management remits

    The Resilience Risk Specialist, Privacy and Retention Risk Senior Manager is responsible for supporting and delivering the following minimum outcomes, within the context of their Region, Business or Function ORR team :

  • Provide technical advice and support globally to ensure stakeholders understand and are aware of the control environment and assessment of privacy and retention risk globally commensurate with the scale and nature of operations
  • Support the ORR Business & Functions team to explain in non-technical terms the impact of issues or events, and top and emerging risks that may require changes (for example, to controls, resources or business operations) to remain within respective risk appetites
  • Support the ORR Business & Functions teams to ensure risk and control owners have clear understanding of the effectiveness of the current control environment
  • Monitor the local external environment to get early sight of emerging data risks and provide detailed guidance on controls required to mitigate against them.
  • Build and maintain relevant cross-organisation and industry relationships

  • Deliver tailored and specific expertise across privacy and retention risk enabling 1LOD to successfully deploy and operate mitigating key controls
  • Provide technical guidance to support development and completion of ORR and regulatory reporting obligations (e.g. RAS, top & emerging risks, risk profile reporting, RMM, Board reporting where relevant, etc.)
  • Ensure the root cause of relevant operational risk issues and events are fully understood and correctly treated
  • Ensure any concerns with key controls and material change programmes, relevant to privacy and retention risk, are understood and escalated as needed
  • Work in conjunction with the ORR Business & Functions teams and 1LOD to escalate any matters when needed
  • Lead regulatory and audit engagement pertaining to privacy and retention risk; ensure regulatory compliance for privacy and retention risk and timely completion of audit actions and findings
  • Support training and capability uplift for the ORR Business & Functions teams to ensure robust understanding of privacy and retention risks
  • Requirements

  • Knowledge & Experience / Qualifications (For the role not the role holder. Minimum requirements of the role.)
  • Strong level of business knowledge and data risk expertise
  • Strong level of risk management knowledge and relevant experience
  • Comprehensive knowledge of the internal control environment
  • A BA or BS University Degree, professional certificate in one or more specialist disciplines
  • Key Capabilities

  • Providing Expert Advice and Robust Challenge
  • Delivering Risk Steward Policies
  • Oversee, Review, and Challenge Risks and Controls
  • Understanding and Applying Risk Management in Context
  • You’ll achieve more when you join HSBC.

    HSBC is committed to building a culture where all employees are valued, respected and opinions count. We take pride in providing a workplace that fosters continuous professional development, flexible working and opportunities to grow within an inclusive and diverse environment.

    Personal data held by the Bank relating to employment applications will be used in accordance with our Privacy Statement, which is available on our website.

    Issued by The Hongkong and Shanghai Banking Corporation Limited.


    Thank you for reporting this job!

    Your feedback will help us improve the quality of our services.

    通過點擊“繼續”,我允許neuvoo同意處理我的數據並向我發送電子郵件提醒,詳見neuvoo的 隱私政策 。我可以隨時撤回我的同意或退訂。