If you’re looking for a career where you can make a real impression, join global service center (gsc) hsbc and discover how valued you’ll be. Hsbc is one of the largest banking and financial services organisationsin the world, with operations in 64 countries and territories. We aim to be where the growth is, enabling businesses to thrive and economies to prosper, and, ultimately, helping people to fulfil their hopes and realisetheir ambitions.
we are currently seeking an experienced professional to join our team in the role of business information risk officer (biro)
business information risk officers (biro) are responsible for ensuring all staff are aware of the relevant information security risk policies and provide advice and guidance on how to ensure compliance. They perform risk based monitoring of information and cyber security risk controls / policies and standards to validate control effectiveness and monitor timely resolutions of information security issues including the capability to detect, respond and recover from incidents. The role will service dbs across mexico, lam and us.
in addition to these key responsibilities, the biro will be expected to:
·support the business with identification of and management of their information security risks that are specific to their line of business/function.
·provide regular reporting to senior management on risk and project progress, as required.
·engage business/department management as required to ensure ownership and remediation of information security risks to meet internal/external audit and regulatory requirements.
·participate in all relevant conferences and meetings with the regional / global business / function / security risk teams and it security structure
·support the roll-out of cyber security maturity projects and participating in the post-implementation initiatives that uplift the risk controls.
·act as an independent voice on behalf of the business to assess whether projects/initiatives adhere to information and cyber security practices and raise awareness of the need to remediate any identified issues.
·facilitate a community of deputy biros that consists of staff from within line of business/function.
·support the global exception approval request process (for when exceptions to policy are requested).
·provide security and risk advice to stakeholders upon request.
·oversee the response to data leakage protection (dlp) incidents.
·cascade security awareness and best practice information, and support cyber security education & awareness initiatives
·be proactively identify continuous improvement programmes and initiatives to further embed a cyber security practises/culture and simplify the processes for compliance
·undertake activities as defined by global biro, which may form a gb/gf’s annual biro plan
requirements
requirements
•excellent communication and interpersonal skills.
•positive and professional attitude, team player, flexible and adaptable, open to change.
•familiarity with the security risk sections of the global risk policy.
•effective stakeholder management skills in multi-cultural environments.
•working knowledge of applicable security risk concepts and methodologies.
•experience and/or certifications in information security and risk management.
•organised and autonomous.
• english language proficiency
due to the urgent hiring need, candidates with immediate right to work locally and no relocation need will be prioritized.
at hsbc we offer our colleagues a greater number of leave days so that they can fully enjoy their wedding, take care of the new member of the family, or grieve the loss of a family member. Our paid leave package is at the forefront in mexico, now you have one more reason to be hsbc and proudly live a culture of well-being, balance and care.
hsbc is an equal opportunity employer committed to building a culture where all employees are valued, respected and opinions count. We take pride in providing a workplace that fosters continuous professional development, flexible working and, opportunities to grow within an inclusive and diverse environment. We encourage applications from all suitably qualified personsirrespective of, but not limited to, their gender or genetic information, sexual orientation, ethnicity, religion, social status, medical care leave requirements, political affiliation, people with disabilities, color, national origin, veteran status, etc., we consider all applications based on merit and suitability to the role.