New hire must be able to communicate any security issues that arises from potential acquisitions and big business moves.
HSBC Australia is looking to ramp up its cybersecurity, with a new chief information security officer (CISO) in Australia. According to recent job advertisement, the CISO will be responsible for defining and implementing an industry-leading cybersecurity service that “supersedes” its constantly changing information security threats.
The CISO will also be responsible for:
- Collaborating with the global, regional, and country representatives of technology, plus other peer managers to implement the team’s goals within entity policy, expense and regulatory constraints
- Lead and support peers in developing, implementing, and monitoring a strategic, comprehensive enterprise cyber security management program
- Assist group/region with the overall business technology planning, providing a current knowledge and future vision of technology and systems.
- Contribute to the sub-function/region cybersecurity strategy to secure the bank’s technology from the inside out
- Carefully considers the security requirements of an organisation as well as the business requirements to address any security risks as well as satisfy the organisation’s business goals.
- Keeping abreast of developing security threats and helping the country board understand potential security problems that might arise from acquisitions or other big business moves.
- Brief country management about ongoing Cybersecurity improvement projects benefits, status and challenges which require their attention and/or involvement to make it success.
- Provide guidance and ensure country regulatory requirements related to Cybersecurity are addressed in a timely fashion to implement relevant controls and to develop/amend policies/standards to comply with the requirements.
The CISO will be required to have the following skills:
- Extensive leadership experience in a combination of risk management, cyber security and IT jobs required.
- Experience within the financial services industry is preferred, but we are also open to consider applications from other similarly regulated industries – eg telco, healthcare, energy, management consulting, airline, etc.
- Degree in business administration or a technology-related field preferred
- Professional security management certification (e.g. CISSP,CISM,CISA,CRISC etc) preferred
- Knowledge of common information security management frameworks and best practices (e.g. ISO/IEC 27001, GASSP, NIST etc)
- Excellent written and verbal communication skills and the ability to influence senior executives
- Innovative thinking and leadership with an ability to lead and motivate cross-functional, interdisciplinary teams
- Proficiency in multiple technical disciplines and applicable security/risk concepts and methodologies
- Experience in Agile principles adoption or other best in class development practices
HSBC’s current Head of Cyber Security (AU/NZ) Neil Hopkins. However, CIO, Ben Tabell left in June last year to eftpos Payments Australia.