← All jobs

Head of Technology Risk & Controls

Remote

Up to INR 35,000,000/ year

Cyber Assurance ManagerHead Of EngineeringHead of Service DeliveryHead of Service ManagementInformation Security LeaderOperations ManagerControl Systems Engineer

hackajob is partnering with HSBC to fill this position. Create a profile to be automatically considered for this role—and others that match your experience.

Role Purpose
The Head of Control Centre is a newly established leadership role created to bring clarity, 
consistency, and control to a set of critical operational disciplines that are currently 
distributed across the Client Connectivity department. The role exists to consolidate 
fragmented activity, eliminate duplication, and establish a single point of accountability for 
risk, resilience, cyber, release, and environment management.
In the near term, the Head of Control Centre will be responsible for identifying all individuals 
across the department currently performing Control Centre-related work, bringing them into a 
unified function, and aligning them around a common operating model and set of standards. 
Over time, this role will be the driving force behind a mature, proactive, and continuously 
improving control environment.
Key Responsibilities
1. Consolidation & Operating Model
– Conduct a comprehensive review of all Control Centre-related activity currently taking 
place across Client Connectivity
– Identify all personnel performing risk, resilience, cyber, and release management 
functions, regardless of their current reporting line
– Design and implement a unified Control Centre operating model, eliminating 
duplication and establishing clear ownership
– Build a cohesive team culture with shared goals, aligned processes, and a consistent 
approach to risk and control
– Act as the single point of escalation for all Control Centre matters across the 
department
2. Risk & Control
– Own and maintain the department's risk and control framework, ensuring it is current, 
comprehensive, and fit for purpose
INTERNAL
– Drive a proactive risk culture, ensuring issues are identified, logged, assessed, and 
remediated in a timely manner
– Lead engagement with internal audit, compliance, and regulatory stakeholders on 
behalf of Client Connectivity
– Produce risk reporting for senior management and governance forums
– Ensure all operational processes have appropriate controls in place and are regularly 
reviewed
3. Operational Resilience
– Own the department's operational resilience strategy, ensuring critical services are 
identified and protected
– Define and maintain impact tolerances in line with regulatory expectations
– Oversee business continuity planning, disaster recovery testing, and incident 
management processes
– Ensure the department is prepared for, and can respond effectively to, disruptive 
events
– Lead post-incident reviews and drive lessons-learned activity across the team
4. Cyber, Fraud & Surveillance
– Serve as the department's lead for cyber risk management, working closely with 
Group Information Security
– Ensure appropriate controls are in place to detect, prevent, and respond to cyber 
threats and fraudulent activity
– Oversee surveillance controls relevant to Client Connectivity, ensuring compliance 
with applicable policies and regulations
– Champion a security-first mindset across the department
– Represent Client Connectivity in firm-wide cyber and fraud governance forums
5. Release Management
– Establish and maintain clear, real-time visibility of all changes taking place across the 
Client Connectivity estate, ensuring nothing goes untracked or ungoverned
– Own the risk assessment framework for changes, ensuring every release is 
evaluated consistently and that risk is understood and accepted before deployment 
to production
– Work with delivery teams to drive up release cadence by encouraging smaller, safer, 
low-risk, non-breaking changes — moving away from large, infrequent releases 
towards a more controlled and continuous flow of change
– Champion engineering practices that make frequent releases achievable — including 
feature flags, backward-compatible changes, and robust automated testing — in 
partnership with engineering leads
– Track and report on release quality metrics, including change-related incidents, 
rollback rates, and post-implementation review outcomes
– Act as the escalation point for release-related risk decisions, providing clear guidance 
to teams on when changes are ready to proceed and when they are not
6. Engineering Lens & AI-Driven Efficiency
INTERNAL
– Apply an engineering mindset across all four Control Centre disciplines, challenging 
manual and repetitive processes and seeking opportunities to automate, streamline, 
and simplify
– Identify and prioritise use cases where AI and machine learning tooling can 
meaningfully reduce effort, improve accuracy, or enhance the speed of decisionmaking within risk, resilience, cyber, and release management
– Work with engineering and data teams to prototype, test, and embed AI-driven 
tooling into Control Centre workflows
– Establish a continuous improvement culture within the team, where efficiency 
opportunities are regularly surfaced and acted upon
– Ensure that automation and AI adoption is done responsibly — with appropriate 
controls, auditability, and governance in place
– Track and report on efficiency gains delivered through engineering and AI initiatives, 
demonstrating measurable impact over time
Skills & Experience
Essential
– Empathy with the software engineering discipline.
– Significant experience in a senior technology risk, control, or operational resilience 
role within financial services
– Strong understanding of risk and control frameworks, with proven experience 
designing and implementing them at scale
– Demonstrable experience across two or more of: cyber/fraud, release management, 
or operational resilience
– Appetite and ability to apply an engineering lens to operational problems —
comfortable working with engineers and data teams to identify and deliver 
automation and AI-driven improvements
– Track record of leading and motivating cross-functional teams, ideally within a large, 
matrixed organisation
– Excellent stakeholder management skills, with the ability to engage credibly at senior 
and executive level
– Strong analytical and problem-solving skills, with the ability to make decisions in 
ambiguous or complex environments
– Experience managing regulatory relationships and preparing material for governance 
forums
Desirable
– Experience in investment banking or financial markets technology
– Familiarity with HSBC's risk and control framework, operational resilience standards, 
or technology governance processes
– Knowledge of relevant regulatory requirements (e.g. DORA, PRA operational 
resilience policy, FCA expectations)
– Industry certifications such as CISM, CRISC, ITIL, or equivalent
INTERNAL
Leadership & Behaviours
The successful candidate will demonstrate the following behaviours:
– Collaborative — builds strong relationships across the department and broader 
organisation to drive shared outcomes
– Decisive — comfortable making sound judgements with imperfect information and 
taking accountability for decisions
– Inclusive — creates an environment where all team members can contribute, 
develop, and thrive
– Forward-thinking — anticipates risks and opportunities before they materialise, rather 
than simply reacting to events
– Clear communicator — able to translate complex risk and technical concepts into 
clear, actionable language for all audiences
What Success Looks Like
In the first six months, the Head of Control Centre will be expected to:
– Have mapped all Control Centre-related activity and personnel across Client 
Connectivity
– Have established a clear target operating model for the Control Centre function
– Have begun the process of aligning the team around common standards, processes, 
and ways of working
– Have built strong relationships with key stakeholders across the department and with 
second-line functions
– Have delivered an initial assessment of the department's risk and control posture
In the first twelve months, the Head of Control Centre will be expected to:
– Have a fully operational and cohesive Control Centre function in place
– Have eliminated material duplication of effort across the five Control Centre 
disciplines
– Have implemented consistent, documented processes and controls across all areas 
of remit
– Have identified and begun delivering a pipeline of AI and automation opportunities 
across the Control Centre remit
– Have achieved measurable improvements in the department's risk profile and 
resilience posture
– Have established the Control Centre as a trusted and valued partner across Client 
Connectivity

hackajob is partnering with HSBC to fill this position. Create a profile to be automatically considered for this role—and others that match your experience.

Upskill

Level up the hackajob way. Verify your skills, learn brand new ones and test your ability with Pathways, our learning and development platform.

Find out more

Ready to reach your potential?

Find out more