Associate Director, Service Management

HSBC


Job Location:

Guangzhou - China

Monthly Salary: Not Disclosed
Posted on: 30+ days ago
Vacancies: 1 Vacancy

Job Summary

Some careers have more impact than others.

If youre looking for a career where you can make a real impression join HSBC and discover how valued youll be.

We are currently seeking an experienced professional to join our team in the role ofAssociate Director Service Management.

Business: MSS Operations Technology

Job ID: 48253

Principal responsibilities:

1) Regional risk & control leadership

Define and execute the regional Risk & Control strategy for MSS Operations Technology aligned to TRCB priorities and HSBC risk appetite.

Establish consistent control execution across applications and teams ensuring secure-by-design is embedded in delivery ways of working.

Provide oversight of key technology and cyber risks ensuring appropriate governance and escalation where required.

2) Control assessment monitoring and remediation

Partner with Asset Class RCOs service owners and relevant Risk Functions to assess control design and operating effectiveness.

Identify control gaps and drive remediation plans with clear ownership milestones and measurable outcomes.

Challenge and support teams to ensure remediation is proportionate sustainable and reduces residual risk.

3) Issue and action plan lifecycle ownership

Own the regional issue/action plan lifecycle: raise categorise prioritise track challenge and close.

Ensure issues are accurately articulated (root cause impact risk statement) and supported by robust evidence for closure.

Maintain a clear view of thematic issues and systemic control weaknesses; drive cross-team fixes where needed.

4) Audit and regulatory readiness (including ICMP)

Act as the regional SME for technology controls and cybersecurity topics during audits and regulatory examinations.

Coordinate audit/regulatory evidence collection ensuring completeness quality and timeliness.

Lead and coordinate ICMP responses and follow-ups ensuring actions are owned tracked and delivered to commitment.

5) Governance MI and residual risk reporting

Produce and present regional governance packs including KRIs/KPIs control health issue status and residual risk views.

Provide forward-looking insights (emerging risks hotspots delivery impacts) to support decision-making.

Ensure reporting is consistent accurate and aligned to stakeholder expectations across Technology and Risk.

6) Secure delivery enablement (Agile/DevOps engagement)

Work directly with Agile/DevOps teams to embed security and control requirements into delivery artefacts (e.g. security stories/use cases acceptance criteria).

Support adoption of security tooling and interpret outputs from testing/scanning (e.g. vulnerability results code quality/security findings) to drive remediation.

Promote pragmatic automation-friendly controls that improve speed and safety.

7) Capability building and culture

Build regional capability through training playbooks best-practice sharing and coaching.

Foster a strong risk culture where teams understand why controls matter and how to implement them efficiently.

Create communities of practice across MSS Ops Tech to scale consistent control execution.

Knowledge & Experience/Qualifications:

1) Strong experience in technology risk and controls cybersecurity risk or technology assurance within a large financial services environment.

2) Proven track record managing issues/action plans end-to-end including evidence-based closure and effective challenge.

3) Experience supporting audits and/or regulatory exams including evidence coordination and response management.

4) Working knowledge of secure SDLC and Agile/DevOps delivery practices with the ability to translate control requirements into delivery actions.

5) Strong stakeholder management skillsable to influence across engineering operations and risk functions.

6) Excellent written and verbal communication including governance reporting and senior-level presentations.

What additional skills will be good to have

1) Familiarity with common control and security frameworks (e.g. NIST ISO 27001 COBIT) and technology control domains (access change vulnerability resilience third-party logging/monitoring).

2) Experience with security/testing tooling outputs (e.g. SAST/DAST vulnerability scanning dependency scanning) and interpreting results for remediation prioritisation.

3) Experience operating in a regional/global matrix organisation with multiple application portfolios.

Job Board Tags:

/WX

/51

/LP

Youll achieve more when you join HSBC.

HSBC is an equal opportunity employer committed to building a culture where all employees are valued respected and opinions count. We take pride in providing a workplace that fosters continuous professional development flexible working and opportunities to grow within an inclusive and diverse environment. We encourage applications from all suitably qualified persons irrespective of but not limited to their gender or genetic information sexual orientation ethnicity religion social status medical care leave requirements political affiliation people with disabilities color national origin veteran status etc. We consider all applications based on merit and suitability to the role.

Personal data held by the Bank relating to employment applications will be used in accordance with our Privacy Statement which is available on our website.

***Issued By HSBC Software Development (GuangDong) Limited***


Required Experience:

Director

Some careers have more impact than others.If youre looking for a career where you can make a real impression join HSBC and discover how valued youll be.We are currently seeking an experienced professional to join our team in the role ofAssociate Director Service Management.Business: MSS Operations T...

About Company

Company Logo

HSBC Holdings plc is a British multinational investment bank and financial services holding company. It was the 7th largest bank in the world by 2018, and the largest in Europe, with total assets of US$2.558 trillion.

View Profile View Profile