Gps Risk And Control Lead

Join a digital first bank that’s powered by people.

Our technology team builds innovative digital solutions rapidly and at scale to deliver the next generation of banking services for our customers around the world.

We have an entrepreneurial mindset. Our people work together, creating an agile, collaborative, and innovative culture. You’ll learn and expand your skills, plus we will support you every step of the way as you grow your career.

This role reports to the head of Payments IT and will be responsible for maintaining oversight of the entire GPS Tech Risk and Control environment. You will be providing expertise, advice and challenge to IT Control Owners and Application Owners in support of their activities.

Risk Management and Oversight

• Work with IT Control Owners and Application Owners to understand the scope, state of control effectiveness and drive proactive activities for ongoing control compliance.
• Liaise with key Technology stakeholders, partners and vendors on topics impacting GPS Risk and control profile.
• Lead on control compliance remediation and incident read across activities including development and implementation of remediation plans. Report on compliance levels and manage follow up actions.

Regulatory

• Lead on the assessment of risks and Controls associated with GPS Technology, taking account of changing economic or market conditions, legal and regulatory requirements, operating procedures and practices, management restructurings, and the impact of new technology and responding quickly and effectively to remediate.
• Lead and embed regulatory/schemes agenda within GPS Technology (i.e. Swift Attestation, T2).
• Develop and deploy checks and Controls to meet Regulatory/Schemes control mandates.

Risk & Tech Governance

• Be key point of contact for 2LOD and Business CCO in determining and assisting with GPS Business on control impacts stemming from technology risks, issues, and Control deficiencies.
• Perform periodic control assurance activities across a range of controls.
• Manage the Risk & Control metrics input to the GPS Technology Leadership scorecard and provide input on a monthly basis.
• Run GPS forums and group risk reporting tools providing summary of position and closing out remediating actions.

De-risking

• Focus on control automation uplift in partnership with CCO and Service Line partners for ongoing improvement of control operation.
• Assist business with periodic scenario analysis, various Risk and Control reviews (Cyber tests, Brute force attacks etc.).
• Partner with Engineering leadership to lead the adoption of automation that improves our adherence to technology controls.
• Stay vigilant to top and emerging risks including management and oversight of any potential risks / impact to GPS Tech/Business as we continue to scale adoption of AI / Gen AI.
• Lead on driving periodic Risk and Control educational sessions across GPS and business. 

Qualification and Skills:

• Very strong knowledge on HSBC Non-Financial Risk Management Framework, control environment including linkage to Business Risk Control Assessment as well as associated policies and Functional Instruction Manuals (FIM).
• Good understanding on Technology, Cyber and Data controls both from a design and operational perspective.

• Good understanding of evolving Technology evolving risk and control landscape including top and emerging risks.

• Strong interpersonal skills – ability to influence, lead and drive teams to deliver.

• Demonstrate good judgement and a high level of communication skills to achieve effective stakeholder management.

• Very strong knowledge of the external environment – regulatory, political, competitors, innovation etc.

• Proven ability to articulate complex issues concisely, suitable for all levels across the HSBC group.

• Outstanding relationship management and influencing skills.

• Exposure to 1st and 2nd Lines of Defence processes

• Be a good team player and lead by example.

• Ability to review problems / issues at Value Stream level and lead on the execution of remediation activities across GPS Technology with clear narrative.

• Ability to work in an agile and constantly evolving and challenging environment dealing with multiple conflicting priorities.

Being open to different points of view is important for our business and the communities we serve. At HSBC, we’re dedicated to creating diverse and inclusive workplaces. Our recruitment processes are accessible to everyone - no matter their gender, ethnicity, disability, religion, sexual orientation, or age.

We take pride in being part of the Disability Confident Scheme. This helps make sure you can be interviewed fairly if you have a disability, long term health condition, or are neurodiverse.

If you’d like to apply for one of our roles and need adjustments made, please get in touch with our Recruitment Helpdesk:

Email: hsbc.recruitment@hsbc.com
Telephone: +44 207 832 8500