At HSBC, the health and well-being of our employees remains of utmost importance.  Many of our roles are permitted to work from home (in states in which HSBC is licensed to operate) until further notice. Upon resumption of normal operations, this role may be performed at our Arlington Heights, Illinois office.

The US Chief Control Office is accountable for driving the effective governance and management of non-financial risks in the First Line of Defense across DBS (Technology, Operations, DCOO) and the Functions (Finance, Risk, Compliance, HR, Legal). As part of the First Line of Defense, the CCO ensures the bank operates within its risk appetite by providing specialist risk and control knowledge and promoting ongoing risk and control monitoring as our Bank becomes simpler, more efficient, more customer-focused, and leaner.

This proactive, centralized organization is designed to strengthen risk frameworks, risk management, and risk governance to enable a safer bank; partner with Risk and Control Owners to serve as trusted advisors and create a culture of continuous improvement and consistent risk management; enable accountability of Risk and Control owners to positively impact the control environment; and improve the risk and control landscape through forward-looking expertise and knowledge of industry trends.

About Us

HSBC is one of the largest banking and financial services organizations in the world, with operations in 64 countries and territories. We aim to be where the growth is, enabling businesses to thrive and economies to prosper, and, ultimately, helping people to fulfill their hopes and realize their ambitions.

Impact on the Business

• Assist in over-sight and management to ensure appropriate handling of all relationships with an emphasis on moderate to high risk vendors.
• Serve as business point of contact on vendor related issues.
• Work with business areas including Purchasing, Cyber Security, Information Security and US TPRM to facilitate the completion of vendor engagement process and management of risk.
• Provide ongoing reporting on vendor risk related activities, including vendor performance and risk levels to VMRG. Supporting the contract owners by assisting with the creation of the third party contract monitoring plans and assisting the COs with identifying and providing description relative to the monitoring tasks.
• Oversee contract monitoring to ensure FIM compliance and regular monitoring takes place.
• Act as Business Information Risk Officer (BIRO) and coordinate with business teams and Subject Matter Experts to drive the regular and ad-hoc projects to comply with Information, Technology, and Cyber Security policies accordingly
• Provide support to the Business or Function to ensure staff receive adequate information security and cyber awareness and training.  
• Provide support on the application of information risk policies, procedures and operating instructions and how their application drives compliance within the Business or Function, and where applicable enable solutions and recommendations where necessary. 
• End User Information Security 
• Support the Business or Function to ensure the controls in place for end user devices are understood and applied. 
• Support the Business or Function in the identification and risk assessment of end user created software tools defined as End User Computing (EUC’s).  Raise awareness and assist EUC owners to ensure EUC’s are appropriately managed and controlled.  
• Promote operational risk awareness, including briefing and training to staff, sharing of internal/external incidents, etc

• Ensure compliance, operational risk controls in accordance with HSBC or regulatory standards and policies; and optimize relations with regulators by addressing any issues.