Sr. Associate Director, Tech SME Specialist

• Lead the development, implementation, and monitoring of the risk and control framework for IWPB ASP technology.

• Own the identification, assessment, and mitigation of key risks (technology, regulatory, and third-party) impacting ASP applications and services.

• Ensure timely and accurate reporting of risk and control issues, incidents, and remediation progress to senior management and relevant governance forums.

• Support the delivery of the regional technology roadmap by proactively managing risks associated with product launches, market growth, and regulatory change.

• Drive cost efficiency and commercial outcomes through effective risk-based vendor management, application consolidation, and process improvement.

• Leverage data analytics and emerging technologies to enhance risk identification, monitoring, and reporting.

• Internal: Collaborate with Global & Regional CIOs, Architecture, Product Owners, IWPB Business Heads, Risk/Compliance, Operations, Finance, and HR to ensure risk and control requirements are understood and met.

• Work with Group IT horizontals (IT Security, IT Risk, Design & Application D&A, IT COO) and Global Technology leadership to align on risk appetite, policies, and standards.

• External: Engage with strategic vendors, cloud and platform providers, system integrators, and third-party partners to ensure robust risk management and compliance.

• Liaise with regulators, industry working groups, and market standards bodies as required.

• Collaborate with market/regional/global risk and control team, fostering a high-performance, inclusive culture across multiple jurisdictions and time zones.

• Represent ASP risk and control in global IWPB Tech leadership forums, sharing best practices and coordinating global risk initiatives.

• Cultivate an environment that supports diversity and reflects the HSBC brand.

• Ensure risk and control objectives are identified, communicated, documented, agreed, and delivered in a cost-effective manner.

• Identify key risks, issues, and interdependencies, and provide appropriate mitigation strategies.

• Support internal and external audits, regulatory reviews, and independent programme assessments as required.

• Ensure HSBC is not exposed to operational, regulatory, or reputational risk through robust controls and timely remediation of issues.

• At least a Bachelor’s degree in Risk Management, Computer Science, Engineering, or a related discipline; advanced degree desirable.

• Significant senior risk and control leadership experience (typically 12–20+ years) with responsibility for multi-market delivery and operational management in financial services technology.

• Deep technical knowledge of technology risk, cloud native architectures, microservices, API and digital platforms, DevOps/DevSecOps, and SRE/operations.

• Solid experience in financial services technology (wealth management, retail banking, or asset servicing) and familiarity with APAC regulatory environments.Demonstrated experience managing vendors from a risk perspective.

• Strong stakeholder management and influencing skills, with experience engaging senior business, risk, and regulator stakeholders.

HSBC