GSC: Control Manager (Cyber)

Some careers shine brighter than others.

If you’re looking for a career that will help you stand out, join HSBC, and fulfil your potential. Whether you want a career that could take you to the top, or simply take you in an exciting new direction, HSBC offers opportunities, support and rewards that will take you further.

The GCIO Chief Control Office (CCO) team plays an important role in enabling the bank to operate within its risk appetite by ensuring efficient and effective risk and control management. We do this by providing operational risk and control expertise, specialist technical knowledge and a deep understanding of the businesses and functions we serve.

Key activities include implementation and oversight of the Group’s Risk Management Framework, ongoing and targeted controls assessments, implementing and maintaining robust risk governance, and championing a proactive risk culture. GCIO CCO works closely with partners across all lines of defence and is responsible for maintaining positive relationships with our regulators and external partners.

• Partner with the CISO CCO to oversee the risk and control portfolio related to the services Cyber Identity and Access management (IDAM) provides to the Group. IDAM controls include Joiners, Movers, Leavers Management; Access Recertification; Segregation of Duties; Multi-factor Authentication and Privilege Access Management.
• You will be a leader within the GCIO Chief Control Office (GCIO CCO) Function that directly supports the Group CISO within HSBC.
• Act as trusted advisor for senior management by partnering to manage their operational risk i.e., risk assessments, control environment, issues management.
• Promote accountable risk and control decision-making based on quality data and analysis, actively challenging poor, inefficient or excessive controls, related tasks and behaviours.
• Provide specialist risk and control knowledge and insights, leading efforts to continuously improve the control environment and monitoring of risk, including behaviours
• Advise and design process and controls in a commercially viable, practical and effective manner.
• Identify trends to anticipate future developments in the risk and control environment.
• Influence and shape the development and implementation of future‑fit risk management and regulatory frameworks.

• At least 3 years of hands‑on experience with one or more of the control capabilities in the domain (Joiners, Movers, Leavers Management; Access Recertification; Segregation of Duties; Multi‑factor Authentication and Privilege Access Management) either directly or as a 1/2/3LOD control management function.
• At least 3 years of hands‑on experience and subject matter expertise in management of operational risk, non‑financial risk and/or technology and information security risk.
• Experience across IT, Operations, Risk Management, and / or Audit roles requiring management of diverse risk types is desirable.
• Financial Services or other highly regulated industry experience/exposure is preferred.
• Strong communication skills to influence and challenge stakeholders.
• Ability to work independently with limited supervision.
• Flexible and adaptable, able to handle and prioritize competing demands in a fast‑paced environment.
• Active industry recognised certificates will be an asset, e.g. CISA, CISSP, CRISC, CCSP etc.

The pay range for this role is 15025 PLN - 23000 PLN (monthly, gross).

Variable pay is discretionary, but influenced by Group performance, business/function performance and individual performance.

We offer a comprehensive and competitive package of benefits covering healthcare, family friendly leaves, pension and life assurance, as well as many other benefits to support your wellbeing.

• Annual performance‑based bonus
• Additional bonuses for recognition awards
• Multisport card
• Private medical care
• Life insurance
• One‑time reimbursement of home office set‑up (up to 800 PLN).
• Corporate parties & events
• CSR initiatives
• Nursery discounts
• Financial support with trainings and education
• Social fund
• Free parking

If your CV meets our criteria, you should expect the following steps in the recruitment process:

• Online behavioural test (for external candidates only)
• Telephone screen (for external candidates only)
• Job interview with the hiring manager

You’ll achieve more when you join HSBC.

We thank all interested candidates for their applications. We reserve the right to contact only selected candidates.

In case you would like to resign from participation in recruitment process or withdraw previously sent to us application, please email us at: krakow.recruitment@hsbc.com

Join our Talent Community so that we can keep you updated and informed of the latest happenings at HSBC.