Opis oferty:

Your career opportunity Cybersecurity Controls Design Manager will play a key role in the design and maintenance of the Cybersecurity control environment. The role holder will be tasked with defining and maintaining operational controls instances, their measurements as well as Policies, Procedures and Standards for Group Cybersecurity. The role will also help Control Owners to provide timely and accurate internal & external reporting, keep on top of day to day operations for our controls and continuously assess and improve operational processes to enhance the effectiveness of our controls.

What you’ll do:

• Work with the Control Owners, 2LoD and CCO Technology to ensure that the Cybersecurity owned controls in the Risk and Controls Library are designed according to the Bank’s requirements and industry standards and best practices (e.g. NIST 800-53);
• Work with the Control Owners and other stakeholders to ensure that Cybersecurity control measurements are defined in accordance with HSBC’s KCI Design Framework and industry best practices (CIS);
• Work with Control Owner teams and CCO to ensure that the defined controls are compliant with Legal/Regulatory/Mandatory requirements and that measurements provide sufficient data for stakeholder reports;
• Design, manage and maintain Policies, Procedures and Standards for Cybersecurity controls, covering all areas across Engineering, Operations and Security Assessment and Testing;
• Provide key representation for and source of expertise on all (Helios) issues and actions;
• Be responsible for proactively managing the issues & actions due date, including senior stakeholder engagement;
• Prepare and present control governance related reports that feed into the Cyber and Tech RCMM.

Wymagania:

• Strong Risk and Controls Background;
• Subject matter expertise in Control Management. This includes but is not limited to controls design and implementation and control assessment;
• Ability to translate difficult IT concepts into business-friendly language;
• Familiarity with Helios is a plus;
• Knowledge of Cybersecurity - at least a generalist with specialist area expertise welcome;
• Understanding of metrics and measures in managing risks and controls (KCIs, KRIs, KPIs) is a must;
• Strong stakeholder management and communications skills;
• Team-oriented mentality combined with ability to complete tasks independently to a high quality standard.

Dodatki i korzyści:

• Competitive salary;
• Annual performance-based bonus;
• Additional bonuses for recognition awards;
• Multisport card;
• Private medical care;
• Life insurance;
• One-time reimbursement of home office set-up (up to 800 PLN);
• Corporate parties & events;
• CSR initiatives;
• Nursery discounts;
• Financial support with trainings and education;
• Social fund;
• Flexible working hours;
• Free parking.