Some careers have more impact than others.

If you’re looking for a career where you can make a real impression, join HSBC and discover how valued you’ll be.

We are currently seeking an experienced professional to join our team in the role of Business Manager

Business: COO IT

Principal responsibilities

Risk Identification

- Inventory Management:
- Develop and maintain a comprehensive inventory of all third - party relationships across the organization. This includes gathering details such as the nature of the service provided, contract terms, and the criticality of the third - party to business operations.
- Regularly update the inventory to account for new third - party on - boarding, changes in existing relationships, and terminations.
- Risk Categorization:
- Identify different types of risks associated with third - parties, such as financial risks (e.g., the third - party's financial stability), operational risks (e.g., service disruptions, quality issues), compliance risks (e.g., violations of regulatory requirements), and information security risks (e.g., data breaches).

Risk Assessment

- Risk Rating:
- Design and implement a risk - rating framework for third - parties. This framework should consider factors like the third - party's financial health, industry reputation, security controls, and past performance.
- Assign a risk rating to each third - party based on the assessment, ranging from low to high risk.
- In - Depth Analysis:
- For high - risk third - parties, conduct in - depth due - diligence reviews. This may involve financial statement analysis, on - site audits, and background checks on the third - party's management team.
- Use data analytics and industry benchmarks to support the assessment process and identify trends or outliers in third - party performance.

Risk Mitigation

- Contract Negotiation and Management:
- Collaborate with the legal and procurement departments to ensure that third - party contracts include appropriate risk - mitigation clauses. These may include service - level agreements (SLAs), indemnification provisions, and data security requirements.
- Monitor third - party compliance with contract terms throughout the relationship, and take appropriate action in case of non - compliance.
- Risk Mitigation Strategies:
- Develop and implement risk - mitigation strategies tailored to the specific risks identified for each third - party. For example, if a third - party is at high risk of financial failure, the strategy may involve having a contingency plan in place to quickly switch to an alternative provider.
- Work with business units to ensure that they understand and implement the risk - mitigation strategies related to their third - party relationships.

Monitoring and Reporting

- Ongoing Monitoring:
- Continuously monitor third - party relationships for any signs of emerging risks. This can be through regular performance reviews, financial monitoring, and staying updated on industry news related to the third - party.
- Use key risk indicators (KRIs) to track the health of third - party relationships and trigger alerts when thresholds are breached.
- Reporting:
- Prepare regular reports on third - party risk for senior management and the board of directors. These reports should summarize the overall risk profile, key risks identified, and the effectiveness of risk - mitigation measures.
- Provide timely and accurate information to support decision - making regarding third - party relationships, such as whether to continue, modify, or terminate a relationship.

Some careers have more impact than others.

If you’re looking for a career where you can make a real impression, join HSBC and discover how valued you’ll be.

We are currently seeking an experienced professional to join our team in the role of Business Manager

Business: COO IT

Principal responsibilities

Risk Identification

- Inventory Management:
- Develop and maintain a comprehensive inventory of all third - party relationships across the organization. This includes gathering details such as the nature of the service provided, contract terms, and the criticality of the third - party to business operations.
- Regularly update the inventory to account for new third - party on - boarding, changes in existing relationships, and terminations.
- Risk Categorization:
- Identify different types of risks associated with third - parties, such as financial risks (e.g., the third - party's financial stability), operational risks (e.g., service disruptions, quality issues), compliance risks (e.g., violations of regulatory requirements), and information security risks (e.g., data breaches).

Risk Assessment

- Risk Rating:
- Design and implement a risk - rating framework for third - parties. This framework should consider factors like the third - party's financial health, industry reputation, security controls, and past performance.
- Assign a risk rating to each third - party based on the assessment, ranging from low to high risk.
- In - Depth Analysis:
- For high - risk third - parties, conduct in - depth due - diligence reviews. This may involve financial statement analysis, on - site audits, and background checks on the third - party's management team.
- Use data analytics and industry benchmarks to support the assessment process and identify trends or outliers in third - party performance.

Risk Mitigation

- Contract Negotiation and Management:
- Collaborate with the legal and procurement departments to ensure that third - party contracts include appropriate risk - mitigation clauses. These may include service - level agreements (SLAs), indemnification provisions, and data security requirements.
- Monitor third - party compliance with contract terms throughout the relationship, and take appropriate action in case of non - compliance.
- Risk Mitigation Strategies:
- Develop and implement risk - mitigation strategies tailored to the specific risks identified for each third - party. For example, if a third - party is at high risk of financial failure, the strategy may involve having a contingency plan in place to quickly switch to an alternative provider.
- Work with business units to ensure that they understand and implement the risk - mitigation strategies related to their third - party relationships.

Monitoring and Reporting

- Ongoing Monitoring:
- Continuously monitor third - party relationships for any signs of emerging risks. This can be through regular performance reviews, financial monitoring, and staying updated on industry news related to the third - party.
- Use key risk indicators (KRIs) to track the health of third - party relationships and trigger alerts when thresholds are breached.
- Reporting:
- Prepare regular reports on third - party risk for senior management and the board of directors. These reports should summarize the overall risk profile, key risks identified, and the effectiveness of risk - mitigation measures.
- Provide timely and accurate information to support decision - making regarding third - party relationships, such as whether to continue, modify, or terminate a relationship.

Knowledge Experience / Qualifications

Skills

- Risk Management: In - depth knowledge of risk - management frameworks and methodologies, with the ability to apply them to third - party relationships.
- Analytical Skills: Strong analytical skills to assess complex data, identify risks, and develop appropriate mitigation strategies.
- Communication: Excellent communication skills, both written and verbal, to effectively communicate risk information to different levels of the organization.
- Contractual and Legal Knowledge: Understanding of contract law and the ability to interpret and negotiate third - party contracts.

Qualifications

- Education: A bachelor's degree in business, finance, risk management, or a related field. A master's degree or relevant professional certifications (e.g., CRISC - Certified in Risk and Information Systems Control) is preferred.
- Experience: Typically, 10 years of experience in risk management, with a focus on third - party risk management in a corporate or financial institution setting.

HSBCVZ/GZ

About HSBC Technology China

We develop, implement and support software and IT services and processes that allow HSBC to remain at the forefront of high-quality banking systems.

You’ll achieve more when you join HSBC.

HSBC is an equal opportunity employer committed to building a culture where all employees are valued, respected and opinions count. We take pride in providing a workplace that fosters continuous professional development, flexible working and, opportunities to grow within an inclusive and diverse environment. We encourage applications from all suitably qualified persons irrespective of, but not limited to, their gender or genetic information, sexual orientation, ethnicity, religion, social status, medical care leave requirements, political affiliation, people with disabilities, color, national origin, veteran status, etc., We consider all applications based on merit and suitability to the role.”

Personal data held by the Bank relating to employment applications will be used in accordance with our Privacy Statement, which is available on our website.

Issued By HSBC Software Development (GuangDong) Limited

Knowledge Experience / Qualifications

Skills

- Risk Management: In - depth knowledge of risk - management frameworks and methodologies, with the ability to apply them to third - party relationships.
- Analytical Skills: Strong analytical skills to assess complex data, identify risks, and develop appropriate mitigation strategies.
- Communication: Excellent communication skills, both written and verbal, to effectively communicate risk information to different levels of the organization.
- Contractual and Legal Knowledge: Understanding of contract law and the ability to interpret and negotiate third - party contracts.

Qualifications

- Education: A bachelor's degree in business, finance, risk management, or a related field. A master's degree or relevant professional certifications (e.g., CRISC - Certified in Risk and Information Systems Control) is preferred.
- Experience: Typically, 10 years of experience in risk management, with a focus on third - party risk management in a corporate or financial institution setting.

HSBCVZ/GZ

About HSBC Technology China

We develop, implement and support software and IT services and processes that allow HSBC to remain at the forefront of high-quality banking systems.

You’ll achieve more when you join HSBC.

HSBC is an equal opportunity employer committed to building a culture where all employees are valued, respected and opinions count. We take pride in providing a workplace that fosters continuous professional development, flexible working and, opportunities to grow within an inclusive and diverse environment. We encourage applications from all suitably qualified persons irrespective of, but not limited to, their gender or genetic information, sexual orientation, ethnicity, religion, social status, medical care leave requirements, political affiliation, people with disabilities, color, national origin, veteran status, etc., We consider all applications based on merit and suitability to the role.”

Personal data held by the Bank relating to employment applications will be used in accordance with our Privacy Statement, which is available on our website.

Issued By HSBC Software Development (GuangDong) Limited