Head of Vulnerability and Resilience Management - Digital Business Services

Job description

Some careers have more impact than others.

If you’re looking for a career where you can make a real impression, join HSBC and discover how valued you’ll be. Whether you want a career that could take you to the top, or simply take you in an exciting new direction, HSBC offers opportunities, support and rewards that will take you further.

HSBC Digital Business Services is a pivotal part of the Group, providing essential operational and technical support to our global businesses and helping improve customer service and efficiency. Digital Business Services combines global expertise and technology to help keep us ahead of the competition. 

We are currently seeking a high calibre professional to join our team as a Head of Vulnerability and Resilience Management. 

Principal Responsibilities

• Responsible for the operational management of the function / discipline with a regional remit
• Manage and oversee the development / implementation of policies, standard operating procedures and strategy
• Collaborate within / across GB/GFs and regions to deliver collective goals in line with the IT Resilience and Vulnerability Management strategies and priorities
• Drive the maturity, implementation and adoption of IT Resilience and Vulnerability Management discipline best practice
• For Vulnerability Management (list non exhaustive):
  • Introduce and enforce the best practice to ensure the appropriate policies, control standards and procedures in place
  • Manage and drive the remediation activities for the vulnerability findings in ASP
  • Support the technology team in the Asia-Pacific markets on managing technology risk and vulnerability, designing and oversight of risk mitigation activities
  • Manage and oversee the Cyber risk in ASP, and coordinate the MSII to reflect the risk to the Senior management.
• For Tech Resilience Management (list non exhaustive):
  • Ensure governance is maintained, as per the stakeholders requirements, to cover the Tech Resilience topics on a regular basis
  • Prepare the supporting documents, and facilitate, where needed, the presentation of Changes, Incidents, Spotlights in the Resilience Forums
  • Drive the resolution of the actions and follow-ups emerging from the forums
  • Ensure controls are monitored, met, matured and are fit for purpose
  • Identify, plan, execute and measure process interventions, improvement actions, etc
• Interface with CCO, ORR and internal auditors
• Support peers across Tech Resilience and Vulnerability Management to deliver functional goals in line with Technology strategy and priorities
• Lead and develop resources and functional team/s, ensuring the resources have the appropriate capabilities, skills and knowledge via training and other materials to deliver goals and objectives
• Drive improvement of people, process, tooling

Requirements

• Strong knowledge and understanding of Technology Resilience and Vulnerability management domains with at least 10 years of relevant working experience
• Strong leadership and management ability within a complex matrix environment
• Strong sense of risk management with solution to mitigate operational risks
• Strong stakeholders management experience to interact with various level of seniority and departments
• Strong understanding of security control implementations and their ability to meet control objective
• Strong learning agility and adaptability to new environment and new requirements