Cybersecurity Control Design Manager – Risk & Compliance

Nasze wymagania: At least 5 years of experience in Risk, Controls, or Cybersecurity management. Strong subject matter expertise in control design, implementation, and ongoing assessment. Knowledge of cybersecurity principles, with a generalist background and specialized expertise welcomed. Technical understanding of metrics and measures (KCIs, KRIs, KPIs) to manage risks and controls. Excellent technical writing skills and highly proficient in written English to ensure quality policies, procedures, and standards documentation. Strong stakeholder management and communication skills. A team-oriented mentality with the ability to work independently while maintaining high-quality standards. Influential and credible interpersonal skills, active listening, good judgment, and alignment with HSBC values. Mile widziane: Familiarity with NIST 800-53 or CIS Measures and Metrics. Experience with GRC tools, such as Helios. O projekcie: As a Cybersecurity Control Design Manager – Risk & Compliance, you will be working for a leading financial institution, shaping the cybersecurity control environment to safeguard critical digital assets. Your expertise will define and maintain operational controls, policies, and standards, ensuring compliance with regulatory requirements while continuously improving control effectiveness to support the organization’s security posture and growth. Unleash the Future of Cybersecurity — Design and Elevate Cutting-Edge Controls in a Dynamic Environment! Kraków-based opportunity with hybrid work model allowing up to 3 days remote per week. Zakres obowiązków: Collaborate with Control Owners, 2LoD, and CCO Technology to ensure cybersecurity controls in the Risk and Controls Library are designed according to industry standards such as NIST 800-53 and organizational requirements. Define and implement control measurements aligned with HSBC’s KCIDesign Framework and industry best practices like CIS. Partner with Control Owners and stakeholders to ensure controls meet legal, regulatory, and mandatory standards, and provide reliable data for stakeholder reporting. Design, manage, and update Policies, Procedures, and Standards related to cybersecurity controls across Engineering, Operations, and Security Assessment teams. Act as a key representor and expert on all issues and actions related to controls within the organization. Manage issues & actions proactively, engaging with senior stakeholders to ensure timely resolution. Prepare and deliver control governance reports that support risk management and compliance monitoring. Oferujemy: Stable and long-term cooperation with very good conditions Enhance your skills and develop your expertise in the financial industry Work on the most strategic projects available in the market Define your career roadmap and develop yourself in the best and fastest possible way by delivering strategic projects for different clients of ITDS over several years Participate in Social Events, training, and work in an international environment Access to attractive Medical Package Access to Multisport Program Access to Pluralsight Flexible hours