I. Summary of Position
Function/Overview:
The Manager will be part of the Application Security Design and Consulting team who are responsible for the security risk assessments of HSBC systems and projects for HBIO and HBUS. While it is preferred that the incumbent locates in Chicago it is negotiable if this position is located in Chicago, Buffalo, or Bridgewater.
The manager will be responsible for ensuring that HBUS and HBIO applications are secure by managing the risk assessment of projects and applications within the areas of responsibility. This includes managing a team of Information Security Analysts, Consultants and Sr. Consultants, assist with development of information security standards, defining strategic security requirements and resource priorities. This position will also be responsible for building solid relationships with peers in Development and will consult with all areas of HTSU and businesses to market the value of Information Security, establish Information Security as a competitive business advantage, and facilitate compliance to Group IT Security policies. The Jobholder will collaborate closely with other NAIS teams and with colleagues across HSBC Group.
This individual will join a dynamic and challenging environment and have an opportunity of contributing to the success of HSBC by providing our customers with secure products and services.
II. Principal Accountabilities
Duties and Responsibilities:
1. Manage and provide liaison services between Information Security and assigned business facing development areas in HTSU.
2. Proactively contribute to transforming the Information Security function to more clearly support business strategies, and to establishing a more commercial orientation to this function. This includes establishing metrics and participating in industry and internal HSBC Group benchmarking related to this function.
3. Collaborate and provide direction to systems development and businesses to define functional security requirements for systems and applications taking into consideration Information Security policies and standards for controlling access to corporate data
4. Lead and/or participate in Group Information Security work groups and virtual teams addressing global Information Security initiatives.
5. Define data security requirements for new/existing applications and operating systems, business and software in accordance with Group and North American security standards and policies.
6. Participate in review of Group and North American Security policies and practices to ensure compliance to Federal and Local regulations. Provide input into corporate information security policy and standards for controlled access to corporate data, including access to and from public networks and high risk technologies (eg, web-based banking)
7. Assist with defining strategic security requirements. Oversees the implementation of approved projects. Coordinate and establish priorities for project completion.
8. Provide oversight of the application of the Group Standard Security Risk Assessment policy.
9. Assure the availability of qualified and trained Information Security Personnel and direct the activities of the Information Security staff.
Provide input to and manage the budget and annual technology plan for assigned area of responsibility.
10. Provide management direction to foster selection, development and reward of staff while contributing to initiatives in support of the Company’s Diversity programs.
11. Identify and manage security projects to improve efficiencies and controls. Experience: III. Knowledge, Skills & Abilities
This position requires an individual with:
- A Bachelor?s degree in business, computer science or related field and eight to ten years progressive Information technology experience of equivalent specialized skills in a critical technology discipline
- CISM of CISSP certification would be an asset
- Excellent leadership attributes and management skills required for managing a geographically dispersed team of direct report
- Strong verbal and written communication skills along with strong interpersonal and presentation skills.
- Strong relationship management skills are important as this position will be responsible for establishing and maintaining relationships with multiple NA lines of business.
- Demonstrated experience in project management
- An understanding of security and control principles
- An understanding of HSBC businesses as well as the technology organization would be a definite asset
- Familiarity with Internet technologies, application design, encryption technologies and secure networking.
- Positive negotiation skills, motivated change agent, high level of initiative, decision making important.
- A recognized certification in Information Security certification is strongly desirable.
- This position will require some travel mostly within NA. Some international travel may be required To Apply to this job go to http://www.GadBall.com or click here