Resilience Risk (RR) Senior Manager, Australia.
Some career choices have more impact than others.
We’re looking for progressive minds who are driven and forward-thinking, who are open to different ideas and cultures, who can connect with customers and colleagues and who’ll work with courageous integrity every day.
As an HSBC employee in Australia, you’ll have access to tailored professional development opportunities, competitive pay, an embedded flexible working culture and a range of employee benefits. These include market-leading subsidised private health cover, enhanced parental pay and support when returning to work, subsidised banking products and services and wellness programmes including discounted gym memberships.
Global Operational and Resilience Risk (ORR) is a sub function of Group Risk. It is a second line of defence function. Its purpose is to make sure HSBC understands, and is in control of its non-financial risk position. In addition, the function provides resilience risk stewardship to global businesses, functions and entities in the locations we operate in.
Resilience Risk (RR) Specialists provide deept technical expertise across the seven sub-risk types within Resilience Risk (RR) to ensure high quality advice, expertise and guidance is available across all of the risk types of Technology (including Cyber) Risk; Data and Information Security Risk; Third Party Risk; Contingency Risk; Physical Security Risk; Building Unavailability Risk; Workplace Safety Risk, and Transaction Processing Risk. This role will be specifically responsible for the Technology (including Cyber), Data and Information Security Risk elements of the overall RR Specialist portfolio. Coverage of the other portfolios may be required on a permanent or temporary basis.
The RR Specialists operate on an entity-wide basis and work closely with their ORR peers, specifically, the ORR Senior Risk Stewards who are Business and / or Functionally aligned, to support them by providing technical advice and guidance for their consumption and use in delivering their respective relationship management remits. The RR specialists also operate within a regional and global community.
Responsibilities of the RR Senior Manager include:
Providing technical advice and support to the Australia ORR Senior Risk Stewards ensure they understand and are aware of the control environment and assessment of risk within the country commensurate with the scale and nature of operations.
Supporting the ORR Senior Risk Stewards to explain in non-technical terms the impact of issues or events, and top and emerging risks that may require changes (for example, to controls, resources or business operations) to remain within respective Risk Appetites.
Supporting the ORR Senior Risk Stewards to ensure Risk and Control Owners have clear understanding of the effectiveness of the current control environment.
Monitoring the local external environment to get early sight of emerging risks and provide detailed guidance on controls required to mitigate against them. Build and maintain relevant cross-organisation and industry relationships.
Delivering tailored and specific expertise across Australia enabling the first line of defence to successfully deploy and operate mitigating key controls.
Providing technical guidance to support development and completion of Enterprise Risk and Regulatory reporting obligations (e.g. RAS, Top & Emerging Risks, Risk Profile Reporting, RMM, Board reporting where relevant, etc)
Ensuring root causes of relevant local operational risk issues and events are fully understood and correctly treated.
Ensuring concerns with key controls and material change programmes, relevant to their area of RR specialism, are understood and escalated (i.e. within country, to region and/or global peers) as needed.
Leading Australia regulator and audit engagement pertaining to their RR risk types; ensure regulatory compliance for the specialist area/s and timely completion of Audit actions and findings.
Supporting ORR Senior Risk Stewards in the development and implementation of localised Non-Financial Risk framework activity as required (e.g. Locally Significant Risks) or to meet local regulatory expectations.