Data Privacy and Protection

Job ID: 0000JEGJ

Location: London, United Kingdom

Area of interest: Commercial Banking

Job type: Permanent - Full Time

Work style: Hybrid Working

Opening date: 25-Apr-2024

Closing date: 09-May-2024

Job description

The Senior Associate, Information Security & Privacy, UK will support and report to the Senior Manager, Information Security & Privacy, UK with regulatory responsibilities for the business aspects of privacy and information security at HSBC Innovation Banking. This role is within COO, with a reporting lineup into the EMEA COO.

This role will support the Head of Information Security & Privacy to oversee and monitor HSBC Innovation Banking to ensure compliance with applicable existing and emerging laws and regulations.

Key Responsibilities

· Support the Head of Information Security & Privacy in the delivery and maintenance of the Bank's information security and privacy activities.

· Operate within the terms of the applicable decision-making frameworks and RACI models to ensure that the Bank can provide the required level of evidence to the UK regulators regarding independence and risk management activities.

· Partnering with the First and Second line of defence Controls, Risk and Compliance functions to monitor and review output including UK ROPA, DPIA and LIAs, DSRs, data breach management.

· Ensure that privacy and security risks are identified and managed through the specified channels.

· Support the drafting, assessing and implementation of policies, guidance and process relating to information security and privacy.

· Review internal monitoring of the Bank's compliance against information security, privacy and related compliance areas in line with identified key performance indicators and measures.

· Administer the Bank's Internal information security and privacy Forum, liaising with attendees on agenda items, preparing papers, attending and minuting meetings.

· Support projects and/or initiatives which entail UK information security or privacy requirements.

· Contribute to and assist in the delivery of the information security and privacy training and awareness programmes.

· Promote a culture of choice, control, transparency and proportionate security in handling personal data by working with and influencing internal and external stakeholders

· Support the Head of in the provision of advice on compliance, regulatory and risk management issues relating to privacy and information security matters.

Requirements

Person Specification

· Experience working within information security and privacy and broader risk management.

· Experience of assessing key documents such as frameworks, policies and procedures.

· Understanding and working knowledge of Privacy, Data Protection and Information Security principles and protocols.

· Flexible and responsive with a proactive approach to problem solving.

· Able to inspire, influence and enthuse others.

· Thorough and detailed approach to assessing records.

High degree of accuracy and attention to detail