Senior Control Manager (HCIB Technology)

The GCIO Chief Control Office (CCO) team at HSBC Technology Poland enables the bank to operate within its risk appetite by ensuring efficient and effective risk and control management. The team provides operational risk and control expertise, specialist technical knowledge, and a deep understanding of the businesses and functions served. Key activities include implementation and oversight of the Group’s Risk Management Framework, ongoing and targeted controls assessments, maintaining robust risk governance, and championing a proactive risk culture. The team works closely with partners across all lines of defence and maintains positive relationships with regulators and external partners.

• At least 5 years of hands-on experience with one or more control capabilities in the Technology and Cyber Risk domain either directly or as a 1/2/3LOD control management function.
• At least 5 years of hands-on experience and subject matter expertise in management of operational risk, non-financial risk, and/or technology and information security risk.
• Experience across IT, Operations, Risk Management, and/or Audit roles requiring management of diverse risk types is desirable.
• Previous experience identifying, defining, and solving problems impacting work or wider business.
• Ability to present complex issues concisely to senior partners using non-technical language.
• Financial Services or other highly regulated industry experience/exposure preferred including dealing with regulatory bodies and engagement.
• Strong communication skills to influence and challenge stakeholders.
• Ability to work independently with limited supervision.
• Active industry recognized certificates are an asset, e.g., CISA, CISSP, CRISC, CCSP.

• Actively review TCS GRAS and KCIs position and discuss risk impact with relevant stakeholders to achieve compliance trajectory for HCIB technology estate.
• Oversee consumed position for HCIB Technology, identify parties owning the remediation and drive discussions on required uplifts to achieve expected compliance position.
• Act as trusted advisor for senior management within remit area on managing operational risk including risk assessments, control environment, and issues management.
• Partner with Regional Risk Owners / Business Risk Teams to ensure impact of control effectiveness including key remediation timelines and key issues are adequately messaged.
• Provide Senior Management with updates on relevant changes to policy or projects related to operational risk impacting their area.
• Ensure issues are proactively identified and documented in Helios with appropriate detail including impact assessment and success criteria, owning control linkage decisions for issues.
• Support issue closure process including advice on closure documentation to ensure sustainable remediation and driving formal concurrence documentation for high/very high issues.
• Execute read across activities and drive thematic issues reviews across control domains.
• Support governance submissions pertaining to Risk and Controls management.
• Drive consistent responses to Internal Audits for HCIB coverage areas.
• Coordinate cyclic regulatory reviews for HCIB Tech including horizon scanning for emerging regulatory asks.
• Ensure events are appropriately documented in Helios with the right level of detail and own control reviews following PIRs/MIRs.