Some careers have more impact than others.

If you’re looking for a career where you can make a real impression, join HSBC and discover how valued you’ll be.

HSBC is one of the largest banking and financial services organisations in the world, with operations in 62 countries and territories. We aim to be where the growth is, enabling businesses to thrive and economies to prosper, and, ultimately, helping people to fulfil their hopes and realise their ambitions.

We are currently seeking an experienced professional to join our team in the role of Lead Business Risk Control Manager - Legal

Principal responsibilities

Supporting the execution of Cyber security reviews of Law firms/Vendors engaged by Group Legal (coordinate between Legal teams, Suppliers, and Cyber teams globally to complete Third Party Security Assessments and Reviews as well as providing guidance on risk remediation and treatment, monitoring findings and remediation plans and updating systems of record)Providing support, guidance, communications, and training to the function on the risk management framework from the 1st line of defense perspectiveEnsure the appropriate implementation and management of the Non-Financial Risk Framework (and Risk Framework in general) through the First Line of Defense (FLOD) responsibilities; this includes risk and control assessments and the management of issues owned by Legal.Operating theBusiness Information Risk Officer program and integration of the Resilience Risk framework for Information, Technology and Cyber Security Data Risk and/or control management and driving the embedding of the Resilience Risk framework activities within the FunctionSupport with the implementation of global initiatives related to Non Financial Risk and the Risk Framework in general cascaded from the global Legal teamsMinimize the scope for material operational breakdowns, losses and reputational damage via maintaining evolving an effective robust operational risk framework ensuring all key operational business risks are identified assessed then remediated addressed as required.Ensure Business Information Risk Officer disciplines are maintained and evolved over time such that they remain current effective in controlling the related information security risks, with all staff subject to routine periodic awareness training / involvement, working in close conjunction with Global Business Market.Support the key risk committees [Risk and Control Committees (RCCs)], GBM ORICs- Operational Risk Insurance Consortium and especially COE-(Center of Excellence) related within the service centers, and their linkage to relevant Global Banking.Maintain the accuracy and completeness of relevantBusiness Risk Control Manager related databases (principally Helios and any other Tools), notably the capture of risk and control assessments, CMA- (Credit Monitoring Arrangements) results and issues and actions relating to controls requiring improvement.

Some careers have more impact than others.

If you’re looking for a career where you can make a real impression, join HSBC and discover how valued you’ll be.

HSBC is one of the largest banking and financial services organisations in the world, with operations in 62 countries and territories. We aim to be where the growth is, enabling businesses to thrive and economies to prosper, and, ultimately, helping people to fulfil their hopes and realise their ambitions.

We are currently seeking an experienced professional to join our team in the role of Lead Business Risk Control Manager - Legal

Principal responsibilities

Supporting the execution of Cyber security reviews of Law firms/Vendors engaged by Group Legal (coordinate between Legal teams, Suppliers, and Cyber teams globally to complete Third Party Security Assessments and Reviews as well as providing guidance on risk remediation and treatment, monitoring findings and remediation plans and updating systems of record)Providing support, guidance, communications, and training to the function on the risk management framework from the 1st line of defense perspectiveEnsure the appropriate implementation and management of the Non-Financial Risk Framework (and Risk Framework in general) through the First Line of Defense (FLOD) responsibilities; this includes risk and control assessments and the management of issues owned by Legal.Operating theBusiness Information Risk Officer program and integration of the Resilience Risk framework for Information, Technology and Cyber Security Data Risk and/or control management and driving the embedding of the Resilience Risk framework activities within the FunctionSupport with the implementation of global initiatives related to Non Financial Risk and the Risk Framework in general cascaded from the global Legal teamsMinimize the scope for material operational breakdowns, losses and reputational damage via maintaining evolving an effective robust operational risk framework ensuring all key operational business risks are identified assessed then remediated addressed as required.Ensure Business Information Risk Officer disciplines are maintained and evolved over time such that they remain current effective in controlling the related information security risks, with all staff subject to routine periodic awareness training / involvement, working in close conjunction with Global Business Market.Support the key risk committees [Risk and Control Committees (RCCs)], GBM ORICs- Operational Risk Insurance Consortium and especially COE-(Center of Excellence) related within the service centers, and their linkage to relevant Global Banking.Maintain the accuracy and completeness of relevantBusiness Risk Control Manager related databases (principally Helios and any other Tools), notably the capture of risk and control assessments, CMA- (Credit Monitoring Arrangements) results and issues and actions relating to controls requiring improvement.5 years of experience in Risk / ComplianceA good background in risk management and / or internal audit; Audit, Risk or Compliance professional designation preferredStrong Helios skills/experience with a good understanding of the Non-Financial Risk frameworkGood understanding of Business Risk and controls, financial risk, cybersecurity riskKnowledge of information security trends and best practice (e.g. GASSP-(Generally Accepted System Security Principles) ISO27001, etc)Previous experience in developing and implementing information security strategies and projectsAbility to influence Senior Leaders Experience of implementing global control frameworks within complex environments

You’ll achieve more when you join HSBC.

HSBC is committed to building a culture where all employees are valued, respected and opinions count. We take pride in providing a workplace that fosters continuous professional development, flexible working and opportunities to grow within an inclusive and diverse environment. Personal data held by the Bank relating to employment applications will be used in accordance with our Privacy Statement, which is available on our website.

Issued by HSBC Electronic Data Processing (India) Private LTD

5 years of experience in Risk / ComplianceA good background in risk management and / or internal audit; Audit, Risk or Compliance professional designation preferredStrong Helios skills/experience with a good understanding of the Non-Financial Risk frameworkGood understanding of Business Risk and controls, financial risk, cybersecurity riskKnowledge of information security trends and best practice (e.g. GASSP-(Generally Accepted System Security Principles) ISO27001, etc)Previous experience in developing and implementing information security strategies and projectsAbility to influence Senior Leaders Experience of implementing global control frameworks within complex environments

You’ll achieve more when you join HSBC.

HSBC is committed to building a culture where all employees are valued, respected and opinions count. We take pride in providing a workplace that fosters continuous professional development, flexible working and opportunities to grow within an inclusive and diverse environment. Personal data held by the Bank relating to employment applications will be used in accordance with our Privacy Statement, which is available on our website.

Issued by HSBC Electronic Data Processing (India) Private LTD