Global Head of GCIO Controls Cybersecurity

Global Head of GCIO Controls, Cybersecurity

Why HSBC

HSBC is one of the world’s largest banking and financial services organisations, serving millions of customers through our global network. We connect people, businesses and institutions to opportunities across international markets, supported by a broad range of banking and wealth services. At HSBC, we’re focused on opening up a world of opportunity - helping people and businesses thrive and supporting economies to prosper. If you’re looking for work with global reach, real-world impact and the chance to collaborate with colleagues across markets, you’ll find it here.

Role Purpose

As Global Head of Controls Cybersecurity you’ll lead the GCIO Chief Control Office (CCO) activity supporting Cybersecurity across the Group. You’ll partner closely with the Group CISO to deliver risk-based strategic outcomes and ensure Cybersecurity risk management is transparent and clear to global businesses functions regions and entities. This is a senior leadership role in a regulated environment where robust governance high quality review and timely remediation matter. You’ll set the tone for a strong risk culture and help colleagues deliver safe and secure services to customers colleagues and the Bank. Success means clear risk appetite effective control performance and issues driven to resolution with consistent reporting and escalation. You’ll lead a team of trusted advisers and influence across a complex matrix to continuously improve the control environment.

What you will be doing

• Partner with the Group CISO to inform and advise on key risk and control issues, initiatives and updates.
• Lead global CCO support for Cybersecurity ensuring effective partnership with entities as required.
• Enforce robust risk governance so stakeholders have clear visibility of key risks and remediation activity.
• Drive and challenge the setting communication and monitoring of risk appetite aligned to business needs.
• Conduct high quality efficient reviews of control performance and translate findings into action.
• Facilitate controls remediation and apply a programmatic approach to resolving key control issues across Technology.
• Act as a key contact point between 1LOD and 2LOD and 3LOD partners driving reviews and actions through to closure.
• Provide senior management updates including executive updates to the GCIO Leadership Team and clear escalation where needed.
• Identify emerging risks and trends linked to strategic initiatives and shape future-fit risk and regulatory frameworks.
• Embed the Bank’s Risk Management Framework and role model a consistent accountable risk culture across Cybersecurity.

What we are looking for

• Executive leadership experience in technology management roles within financial services, ideally multinational bank.
• Lead and develop IT risk and control teams delivering results in a complex matrixed organisation.
• Apply in-depth technical knowledge of cybersecurity infrastructure and modern application development practices.
• Bring familiarity with Generative and Agentic AI technologies and related risk and control considerations.
• Evidence experience performing risk and control reviews with a background in risk audit or control related roles.
• Build and manage relationships across Cybersecurity GCIO CCO and 2LOD and 3LOD stakeholders with strong influence and negotiation skills.
• Communicate complex issues clearly and concisely including writing and presenting board papers.
• Use strong analytical and problem-solving skills to make data-driven decisions and improve control effectiveness.
• Show project management capability with the ability to manage competing priorities and deliver at pace under pressure.
• Demonstrate understanding of HSBC’s strategy structures and processes and the external regulatory and market environment.

Leading resilient Cyber controls

You’ll thrive here if you enjoy bringing clarity to complexity and turning risk insight into practical action. This is a role for someone who can set direction, hold the line on governance and still partner constructively to get outcomes delivered. If you’re motivated by protecting customers, colleagues and the Bank through stronger Cybersecurity controls, we’d like to hear from you.

This role is based in London, UK.

Being open to different points of view is important for our business and the communities we serve. At HSBC, we’re dedicated to creating diverse and inclusive workplaces - no matter their gender, ethnicity, disability, religion, sexual orientation, socio-economic background or age. We are committed to removing barriers and ensuring careers at HSBC are inclusive and accessible for everyone to be at their best. We take pride in being a Disability Confident Leader and will offer an interview to people with disabilities, long term conditions or neurodivergent candidates who meet the minimum criteria for the role.

If you have a need that requires accommodations or changes during the recruitment process, please get in touch with our Recruitment Helpdesk via hsbc.recruitment@hsbc.com.