1. Home
  2. IT development
  3. Ctrls Mon Testing Generalist/Cloud Platform and Shared Services Engineering

Offers “HSBC”

Expires soon
HSBC

Ctrls Mon Testing Generalist/Cloud Platform and Shared Services Engineering

  • Pune (Pune)
  • IT development
Apply Now

Job description



Principal Accountabilities

The primary objectives of the role is to:

·
Oversee the continued development and evolution of the cloud control framework and governance processes, including underlying toolsets.

·
Lead and co-ordinate the production of monthly CEMM material, along with MI and reporting to management, stakeholders, and customers.

·
Operating as a Subject Matter Expert Role for the Risk Management Framework

·
Act as central point for cloud-related audit (internal and external) and risk related regulatory engagement.

·
Instigate and manage initiatives to drive improvements to the Technology control environment, including the effective design of material controls

·
Partner with the Global Cloud Services team to create effective design, analysis and remediation of control measures

·
Provide risk and controls consultancy, advice and guidance to the Global Cloud Services and GB/GF teams deploying to Cloud.

·
Lead the application and critique of the Technology risk and controls framework

·
Ensure the appropriate application of policies control standards and procedures

·
Member of relevant governance forums, Audit and regulatory reviews etc.

·
Advocate the desired behavioural changes across the CIO community required to mature the understanding and management of technology risk controls

Impact on the Business/Function

Control Expertise

·
Influencing, explaining and managing effective design, analysis and remediation of control measures

·
Work with Technology to create an effective design and efficient operation of

·
Accountable for the deployment of the Operational Risk Management Framework

·
Responsible for identifying emerging risks and threats and deficiencies with deployed key controls

·
Opine on control environment, form risk assessments, provide advice on remediation plans

Governance

·
Implement robust governance in relation to risks and ensuring all stakeholders have visibility of key risks and remediation activity

·
Ensure Technology remains within its risk appetite

·
Work with Technology to design and deploy key controls, key control indicators, evidence requirements and tools to ensure control effectiveness

·
Validate control measures include RCA, KRIs, KCIs, control operation, test approaches, reviews, audits, judgment based attestations, supplier audits, sampling of supplier procedures

·
Engage the key stakeholders to promote positive behaviour and actively manage risk

·
Work closely with Technology to develop and monitor risk remediation program activities and actions to ensure delivery within acceptable timelines

·
Focusing on Technology top risks and threats, including new/emerging top risks, to ensure they are fully understood and that controls that mitigate these risks (key controls) are effective, efficient and where possible automated, rather than being comprehensive

·
Responsible for embedding risk and control management framework

Customers / Stakeholders

·
Work closely with senior level CIO/COO stakeholders and ensure visibility of key risks and remediation activity necessary to appropriately manage the Banks services and data in a Cloud computing environment

·
Provide ongoing assurance to external regulators and auditors as to the rigour of the control environment managed by HSBC with key vendors and suppliers over the extended Cloud computing environment

·
Partner with key core cloud migration project teams and stakeholders across Technology and business division to define the control requirements and provide ongoing assurance of controls effectiveness

·
Present complex Cloud issues confidently and concisely to Technology and HOST stakeholders using non-technical easily understood language

·
Partner with 2nd & 3rd LOD including Information Security Risk, Operational Risk, Compliance, ISR, and Audit

Leadership & Teamwork

·
Role model a positive internal risk and control culture across Technology teams and shape the climate, tone and environment in which people work

·
Make considered decisions that protect and enhance HSBC values, reputation and business

·
Lead the execution and remediation of thematic reviews / investigations / compliance reviews in response to internal or external events within Technology

Operational Effectiveness & Control

Apply and critique Risk & Control Framework by:

·
Working with Technology to define and apply Technology Risk & Control standards and processes in order to drive consistency across Technology

·
Partner with Technology to identify, measure, mitigate, monitor and report Technology's top risks (including new/emerging top risks)

Apply and critique definition and application of policies, control standards and procedures by:

·
Working with Technology to influence definition of policies and control standards

·
Implementing clear policy framework across dispensations and waivers

·
To innovate and enhance the control framework and contribute towards reduction of findings noted in Audits, Internal Control reviews, 2LoD reviews, etc.

Knowledge & Experience

·
Strong knowledge of Cloud technologies across one or more of AWS, Google Cloud Platform, MS Azure

·
Demonstrable expert knowledge in operational risk management, internal control, or internal audit preferably within a banking operations and / or IT Function

·
Proven project / process management experience with a solid delivery track record driving change

·
Self-starter and effective collaborator

·
Influencing across all levels and boundaries

·
Navigating a matrix management structure

·
Ability to present complex issues confidently and concisely to senior stakeholders using non-technical easily understood language

·
Strong communication and interpersonal skills to a wide range of individuals and groups and at different levels of seniority

·
Innovative and able to assess needs and propose solutions

·
Ability to influence without direct management authority

·
Previous management experience – notably building and developing teams

·
Able to actively engage with senior stakeholders

·
Ability to drill down to root cause and write/review clearly articulated risk documentation

·
Certifications CISA, CISM, CISSP, CRISC, COBIT or ITIL desirable

·
At least 5 years relevant experience preferably within a risk management related role

·
Relevant working experience in Financial Services industry

Desired profile



Qualifications :

Principal Accountabilities

The primary objectives of the role is to:

· 
Oversee the continued development and evolution of the cloud control framework and governance processes, including underlying toolsets.

· 
Lead and co-ordinate the production of monthly CEMM material, along with MI and reporting to management, stakeholders, and customers.

· 
Operating as a Subject Matter Expert Role for the Risk Management Framework

· 
Act as central point for cloud-related audit (internal and external) and risk related regulatory engagement.

· 
Instigate and manage initiatives to drive improvements to the Technology control environment, including the effective design of material controls

· 
Partner with the Global Cloud Services team to create effective design, analysis and remediation of control measures

· 
Provide risk and controls consultancy, advice and guidance to the Global Cloud Services and GB/GF teams deploying to Cloud.

· 
Lead the application and critique of the Technology risk and controls framework

· 
Ensure the appropriate application of policies control standards and procedures

· 
Member of relevant governance forums, Audit and regulatory reviews etc.

· 
Advocate the desired behavioural changes across the CIO community required to mature the understanding and management of technology risk controls



Impact on the Business/Function

Control Expertise

· 
Influencing, explaining and managing effective design, analysis and remediation of control measures

· 
Work with Technology to create an effective design and efficient operation of

· 
Accountable for the deployment of the Operational Risk Management Framework

· 
Responsible for identifying emerging risks and threats and deficiencies with deployed key controls

· 
Opine on control environment, form risk assessments, provide advice on remediation plans

Governance

· 
Implement robust governance in relation to risks and ensuring all stakeholders have visibility of key risks and remediation activity

· 
Ensure Technology remains within its risk appetite

· 
Work with Technology to design and deploy key controls, key control indicators, evidence requirements and tools to ensure control effectiveness

· 
Validate control measures include RCA, KRIs, KCIs, control operation, test approaches, reviews, audits, judgment based attestations, supplier audits, sampling of supplier procedures

· 
Engage the key stakeholders to promote positive behaviour and actively manage risk

· 
Work closely with Technology to develop and monitor risk remediation program activities and actions to ensure delivery within acceptable timelines

· 
Focusing on Technology top risks and threats, including new/emerging top risks, to ensure they are fully understood and that controls that mitigate these risks (key controls) are effective, efficient and where possible automated, rather than being comprehensive

· 
Responsible for embedding risk and control management framework

Customers / Stakeholders

· 
Work closely with senior level CIO/COO stakeholders and ensure visibility of key risks and remediation activity necessary to appropriately manage the Banks services and data in a Cloud computing environment

· 
Provide ongoing assurance to external regulators and auditors as to the rigour of the control environment managed by HSBC with key vendors and suppliers over the extended Cloud computing environment

· 
Partner with key core cloud migration project teams and stakeholders across Technology and business division to define the control requirements and provide ongoing assurance of controls effectiveness

· 
Present complex Cloud issues confidently and concisely to Technology and HOST stakeholders using non-technical easily understood language

· 
Partner with 2nd & 3rd LOD including Information Security Risk, Operational Risk, Compliance, ISR, and Audit

Leadership & Teamwork

· 
Role model a positive internal risk and control culture across Technology teams and shape the climate, tone and environment in which people work

· 
Make considered decisions that protect and enhance HSBC values, reputation and business

· 
Lead the execution and remediation of thematic reviews / investigations / compliance reviews in response to internal or external events within Technology



Operational Effectiveness & Control

Apply and critique Risk & Control Framework by:

· 
Working with Technology to define and apply Technology Risk & Control standards and processes in order to drive consistency across Technology

· 
Partner with Technology to identify, measure, mitigate, monitor and report Technology's top risks (including new/emerging top risks)

Apply and critique definition and application of policies, control standards and procedures by:

· 
Working with Technology to influence definition of policies and control standards

· 
Implementing clear policy framework across dispensations and waivers

· 
To innovate and enhance the control framework and contribute towards reduction of findings noted in Audits, Internal Control reviews, 2LoD reviews, etc.

Knowledge & Experience

· 
Strong knowledge of Cloud technologies across one or more of AWS, Google Cloud Platform, MS Azure

· 
Demonstrable expert knowledge in operational risk management, internal control, or internal audit preferably within a banking operations and / or IT Function

· 
Proven project / process management experience with a solid delivery track record driving change

· 
Self-starter and effective collaborator

· 
Influencing across all levels and boundaries

· 
Navigating a matrix management structure

· 
Ability to present complex issues confidently and concisely to senior stakeholders using non-technical easily understood language

· 
Strong communication and interpersonal skills to a wide range of individuals and groups and at different levels of seniority

· 
Innovative and able to assess needs and propose solutions

· 
Ability to influence without direct management authority

· 
Previous management experience – notably building and developing teams

· 
Able to actively engage with senior stakeholders

· 
Ability to drill down to root cause and write/review clearly articulated risk documentation

· 
Certifications CISA, CISM, CISSP, CRISC, COBIT or ITIL desirable

· 
At least 5 years relevant experience preferably within a risk management related role

· 
Relevant working experience in Financial Services industry

Make every future a success.
  • Job directory
  • Business directory
    •