Some careers have more impact than others.
If you’re looking for a career where you can make a real impression, join HSBC and discover how valued you’ll be.
We are currently seeking an experienced professional to join our team in the role of Consultant Specialist.
Business: HASE Technology
Principal responsibilities
- Ensure all IT practices align with local cybersecurity regulations and internal cybersecurity standards for both banking and insurance sectors (e.g., HKMA C-RAF, HK IA GL20, etc.), and maintain proper and timely communication with various stakeholders.
- Streamline the assessment process, monitor outstanding issues, and lead or facilitate remediation efforts.
- Provide expertise, consultancy, and support as the Subject Matter - - - Expert in Cybersecurity to various business units/functions to identify risks and determine the necessary IT security controls.
- Perform thorough security assessments and reviews focused on cloud security, third-party security, and application security, and provide actionable recommendations for security controls to address identified cybersecurity risks.
Support projects involving emerging technologies, including Artificial Intelligence (AI) and Distributed Ledger Technology (DLT), by assessing associated cybersecurity risks and recommending appropriate security controls.
Conduct IT and application risk assessments and provide design consultancy for software delivery.
Monitor security incidents and coordinate incident response activities, including investigation, containment, eradication, and lessons learned.
Stay abreast of the latest cybersecurity threat landscape and evaluate potential impacts on the bank.
Deliver security awareness training to internal staff as well as third parties.
Qualifications - External
- Bachelor’s degree in computer science or a related discipline.
- Proven experience in IT security and risk management; candidates with less experience may be considered for an Associate role.
- Solid experience in cybersecurity controls, and IT risk management frameworks.
- Strong understandings of all IT and cybersecurity domains.
- Strong knowledge of banking and insurance regulations and guidelines related to cybersecurity and technology risk management, including Fintech.
- Strong self-motivation, with good leadership, communication, interpersonal and analytical skills.
- Great sense of ownership and a customer-centric mindset.
- Excellent command of both spoken and written English and Chinese; Cantonese is an advantage.
- Professional qualifications such as CISM, CISA, CISSP and CEH are preferred.
- Experienced in performing security risk assessment and audits based on industry standards.
Familiar with ISO 27001 Information Security Management Systems (ISMS).
You’ll achieve more when you join HSBC.
HSBC is an equal opportunity employer committed to building a culture where all employees are valued, respected and opinions count. We take pride in providing a workplace that fosters continuous professional development, flexible working and, opportunities to grow within an inclusive and diverse environment. We encourage applications from all suitably qualified persons irrespective of, but not limited to, their gender or genetic information, sexual orientation, ethnicity, religion, social status, medical care leave requirements, political affiliation, people with disabilities, color, national origin, veteran status, etc., We consider all applications based on merit and suitability to the role.
Personal data held by the Bank relating to employment applications will be used in accordance with our Privacy Statement, which is available on our website.
***Issued By HSBC Software Development (GuangDong) Limited***