HSBC Service Delivery (Polska) Sp. z o.o. is a part of HSBC Holdings plc, the parent company of the HSBC Group, headquartered in London. The Group serves customers worldwide from over 6,300 offices in over 75 countries and territories in Europe, Asia, North and Latin America, and the Middle East and North Africa. HSBC is one of the world’s largest banking and financial services organisations. Currently, we are looking for a candidate for the position of:
(Cybersecurity)
Cyber Business Enablement Delivery Support Manager Location: Kraków
Ref No: Ref. No.: HTP/CS/DST/11/2020
The Cybersecurity function is responsible for enabling businesses and functions to manage their Information and Cybersecurity risks as well as ensuring risk and controls are assessed and implemented appropriately, objectively and independently through professional and specialized subject matter experts.
The Cybersecurity Business Enablement function enables the delivery of streamlined and consistent cybersecurity services to business and technology teams within Global Businesses/ Global Functions/ Regions through effective business engagement. The function comprises of the Regional Information Security Officer (RISO) and the Business Information Security Officer (BISO), who lead and represent the Cybersecurity team within the regions and businesses respectively, and their local teams.
The Delivery Support is an internal-facing role within the Cybersecurity Business Enablement (CBE) function with specific responsibility for supporting the delivery of a range of critical support services to ensure the effective and efficient running of the function including, responding to external demand as appropriate and driving strategy execution for the function.
The role holder will require to be flexible and able to perform varying duties depending on the shifting needs of the CBE function.
The role holder will work closely with the Delivery Support Lead and Head of CBE to support the delivery of the function’s goals and commitments.
Primary Responsibilities
- Work with the Delivery Support Lead to run and perform the function specific team management activities including resource planning and management, process and procedure management, budget/ finance management, departmental communication and vendor/ supplier management (performance management and contract management, working in collaboration with the Procurement function).
- Work with Delivery Support Lead to support function specific delivery support activities across the four key responsibility areas defined for the CBE function:
- Governance & Reporting
- Support the Head of CBE in defining and implementing necessary governance structure within the team.
- Develop and maintain team specific processes and procedures for delivering the goals and commitments of the team.
- Collate cybersecurity submissions to governance meetings across GB/ GF/ Regions.
- Own and be responsible for specific function reporting and work together with the Cybersecurity Sciences & Analytics (CSA) function to gather reporting requirements and informing the development of specific reports/ dashboards as needed.
- Promote adherence to project/ programme governance model and use defined standards and tools for processes such as risk logs, change control and resource requests.
- Provide inputs to senior management to allow portfolio risks and issues to be addressed.
- Contribute and publish function - roles, positions, responsibilities, process, activities and output.
- Provide support to head of function to track team goals and ensure proper accountability and resources are in place to meet goals and commitments.
- Risk Management & Remediation
- Maintain a consolidated view of information and cybersecurity risks and controls across all Global Business, Global Function and Regions. Work with CSA team to extract trends, comparative views and rolled up analysis for reporting to Group CISO and other senior management.
- Support the maintenance of a consolidated remediation tracker and extract relevant MI for tracking remediation work across GB/ GF/ Regions.
- Secure business transformation
- Maintain a consolidated view of Cybersecurity led or business led change programmes and initiatives, across the Global Business, Global Function and Regions, that captures a snapshot of progress, cybersecurity support needs/fulfilment and key risks and issues.
- Engage with RISOs/ BISOs and their teams to develop a consolidated view of business requirements. Coordinate with central Cybersecurity function for change programme and investment planning.
- Provide audit support where applicable, work with Cybersecurity Risk and Controls Strategy function to drive controls assessment, risk and compliance reporting and provide internal controls assurance.
Mentoring / Coaching / Guidance for other team members.
Local Job Requirements
- Strategic input - Providing influence and input to ensure alignment between Cybersecurity, function and, regional (if applicable), strategic outcomes and business goals. Uses extensive technical knowledge and experience to solve complex problems and propose implementable solutions, to deliver ongoing improvements in line with business strategy.
- Relationships - Key relationships include other Cybersecurity Service Lines, ITID and HOST and extends to peers across regions, other GB/GF and Cybersecurity Function heads. Will also include external relationships with vendors, focusing on vendor management and acting as a key engagement partner.
- Vendor/Supplier Management – Liaison with Cybersecurity vendors, consultants or suppliers.
- Budget & people - The role in many cases will a direct headcount to ensure smooth operation of the Delivery Support sub-function and the respective Cybersecurity function. The role will not own the budgets, but will be accountable for management of the Cybersecurity function budget.
- Regulatory & Risk Management - Working closely with peers in the Cybersecurity functions to deliver sustainable results, build strong relationships with internal and external stakeholders to understand the IT/ Information Security risk profile, monitor compliance with policies and standards and identify and address any regional or country specific requirements.
Technology - The role holder will have excellent knowledge of their technical environment and will have significant responsibility in setting the way forward in the types of technology their team utilises. Forward thinking, making the right decisions based on strategy.
Management of Risk
This is a high profile area so risk management is the key underlying objective. This will be achieved by:
- Ensure the fair treatment (service excellence) of our customers is at the heart of everything we do, both personally and as an organisation.
- Consistently displaying the behaviours that form part of the HSBC values and culture and adhering to HSBC risk policies and procedures, including notification and escalation of any concerns and taking required action in relation to points raised by regulators and/ or third parties.
- Continually reassess the operational risks associated with the role and inherent in the business, taking account of changing economic or market conditions, legal and regulatory requirements, operating procedures and practices, management restructurings, and the impact of new technology.
Ensuring all actions take account of the likelihood of operational risk occurring. Also by addressing any areas of concern in conjunction with Head of the function and other service line leads as appropriate.
Observation of Internal Controls