Third Party Security Assessment - Regional Lead

Opening up a world of opportunity.
We're a financial services organization serving more than 40 million customers across the globe through our Wealth &
Personal Banking, Commercial Banking and Global Banking &
Markets businesses.
We’re here to use our unique expertise, capabilities, breadth and perspectives to open up a world of new opportunities for our customers, our people and our communities.
HSBC Global Services Canada Limited (HGCA), is a subsidiary of HSBC Global Services Limited, owned by HSBC Holdings plc. HGCA provides operational services to countries across the HSBC Group which is the largest and leading international bank in the Canada.
We help companies and individuals across Canada to manage their finances through three global business lines:
Commercial Banking, Global Banking and Markets, and Wealth and Personal Banking.
It’s this global connectivity that you will find yourself inspired and collaborating with colleagues not just locally but also across continents and cultures.
About Global Banking &
Markets, IT
Global Banking and Markets (GBM) provides financial services and products to corporates, governments and institutions worldwide, building partnerships with them to help them achieve consistent, long-term performance. We use the strength of HSBC’s international network to connect emerging and mature markets, covering key growth areas. Our products and services include advisory, financing, prime services, research and analysis, securities services, trading and sales, and transaction banking.
The Global Banking and Markets Technology team is dedicated to supporting Global Banking and Markets by working in partnership with business leaders who rely on us for delivering innovative, robust, stable platforms to enable their investment and financial solutions for clients. Join Global Banking and Markets Technology and be part of the global connectivity, collaboration and team that spans across 20 countries. The total number of successful production releases surpass some of the biggest blue chip tech companies. Canada is a key location in Global Banking and Markets Technology’s global growth strategy and is receiving global attention for its deliveries.
About the role:
The Cybersecurity Assessment and Testing (CSAT) function, part of Cybersecurity, is accountable for Vulnerability Management, Secure Development (inc. DevSecOps), Threat and Controls Assessment (inc. threat modelling) and Third Party Security Assessment. The function drives the identification, capture, assessment, testing/verification and ultimately the remediation of security defects, gaps and vulnerabilities across HSBC’s estate in concert with business and technology teams - on premise, within the Cloud and for those resulting from 3rd party engagements.
**Responsibilities**:
- Conducting Local and Global TPSAs (reviews, reports, identify deficiencies, quality assurance)
- Engaging with the Global TPSA team to support TPSA work
- Articulate and able to explain information security assessment results to business
- Closure of identified deficiencies (verifying evidence to confirm closure or advise what is needed to close them)
- Support evolution of the third party security assessment approach and service
- Work with Control Officers, Risk Stewards, Internal and External Audit, and Regulators on assurance reviews, examinations and information requests. Drive to closure all action items.
- Support global head and global delivery lead to ensure supporting processes (such as accurate inventories) are appropriately defined and delivered with key stakeholders, and peers within Businesses, Procurement and Tech.
- May manage other team members where appropriate
- Act as a role model to more junior members of the team
- Engagement with other Cybersecurity teams, senior management and members of the Business
- May co-ordinate work delivered by identified outsourced providers supporting the team
Requirements
- Minimum Bachelor Degree and/or experience in operational processes or third party information security reviews in the Financial Services industry or global corporate service provider
- Background - desirable but NOT essential one or more;
risk management, Audit,Information Security Risk, Cyber Security.
- Availability to travel (if required) for this role, i.E. within country as well as occasional International travel
- Positive and professional attitude, team player, flexible and adaptable, open to change(s)
- Confident and takes responsibility and ownership for work and personal development
- Fluent in English spoken and written communication and ability to adapt style based on audience
- Previous experience of delivering an excellent customer service
- Relevant risk and controls certifications, such as CISSP, CISA, CRISC, CISM, ISO, PCI-DSS QSA are desirable
HSBC Proud
HSBC is committed to building a culture where all employees are valued, respected and opinions count. We take pride in providing a workpl