25 days old

Regional Information Security Officer

Poughkeepsie, NY 12603
  • Job Code

At HSBC, the health and well-being of our employees remains of utmost importance.  Many of our roles are permitted to work from home (in states in which HSBC is licensed to operate) until further notice. Upon resumption of normal operations, this role may be performed at our Arlington heights, Illinois, Buffalo, New York, New York, New York or Jersey City, NJ offices.

The Cybersecurity function is responsible for enabling businesses and functions to manage their Information and Cybersecurity risks as well as ensuring risk and controls are assessed and implemented appropriately, objectively and independently through professional and specialized subject matter experts. The Regional Information Security Officer (RISO) role is responsible for providing regional input into, and executing the Group Information Security and Cybersecurity strategy across the designated Region. The key responsibilities include handling Governance & Reporting, Information Security Risk and Remediation, Secure Business Transformation, Compliance to local legal entity regulations and reporting the cyber risk posture to the regional legal entity boards, senior management and risk management forums.

The role requires the ability to translate highly technical Cybersecurity concepts into consumable language, in order to drive continuous assessment and improvement of cybersecurity and information security risk in line with defined and agreed risk appetites and the constantly evolving cyber-threat landscape. The role ensures the execution of the global Cybersecurity strategy through the delivery and operation of specific cybersecurity services and controls within their respective Region and through coordination with the central Cybersecurity functions in execution of change-the-bank programs.

This role holder and the Regional cybersecurity team works in partnership with the central functions of Group Cybersecurity, the virtual team (PODs), technology teams, information security control owners, non-cyber control owners and the regional/ business Chief Controls Office to achieve their goals.

The RISO role is accountable for leading the Cybersecurity function, part of the 1LOD (1st line of defense), in the designated Region, to define and implement an industry-leading Cybersecurity Service that supersedes the Bank’s constantly changing information security threats. In addition, the role acts as the single point of contact for managing Information and Cybersecurity risks and controls (including cyber owned and non-cyber owned controls), relating to their governance, operation, monitoring and reporting.

The RISO role reports into the Global Head of Cybersecurity Business Enablement, which in turn reports into the Group CISO for HSBC. At an entity level the role reports to the Regional Chief Information Officer who in turn reports to the Regional Chief Operating Officer. 

Primary responsibilities will cover:

  • Governance and Reporting
  • Information Security Risk Management & Remediation
  • Secure Business Transformation
  • Regulatory Compliance, Industry and Customer Engagement
  • Team and Stakeholder Management
  • Work with the Compliance department, to implement the Compliance Policy and to contain compliance risk. The term ‘compliance’ embraces all relevant financial services laws, rules and codes with which the Region must comply.
  • Adhere to and be able to demonstrate adherence to internal controls.
  • Ensure compliance with all relevant internal instructions (FIMs, GSMs, circulars) and external regulatory requirements, including the management of operational risk and adherence to the Group’s standards of ethical behavior.
  • Customer focus. Lead a customer-centered culture, campaign activities encouraging outstanding customer advocacy. Proactively seek opportunities to maximize Cybersecurity to improve region/country/service line operations.
  • Understanding markets and customers. Understands the financial services industry security and threat landscape. Analyses, interprets and communicates developments in the customer's and business segment's local marketplace. Have an in depth understanding of the business and the related threat landscape to enhance cybersecurity resilience and enable / influence strategic business decisions as applicable.


Posted: 2022-04-20 Expires: 2022-05-20

HSBC offers the opportunity to develop a fulfilling career within a supportive and inclusive environment. We aim to be a place where everyone can achieve their full potential, regardless of their background.

Before you go...

Our free job seeker tools include alerts for new jobs, saving your favorites, optimized job matching, and more! Just enter your email below.

Share this job:

Regional Information Security Officer

Poughkeepsie, NY 12603

Join us to start saving your Favorite Jobs!

Sign In Create Account
Powered ByCareerCast