Chief Control Officer Initiatives and Remediation

At HSBC, the health and well-being of our employees remains of utmost importance. Many of our roles are permitted to work from home (in states in which HSBC is licensed to operate) until further notice. Upon resumption of normal operations, this role may be performed at our Arlington Heights, Illinois office.

As an HSBC employee, you will have access to tailored professional development opportunities and a competitive pay and benefits package. We work hard to ensure that our workplace is a diverse, inclusive and meritocratic environment, and we have a strong dedication to sustainability. Our Employee Resource Groups (ERGs) play a central part in life at HSBC, including the development of our employees and our connection to the communities and customers we serve. We value difference. We succeed together. We take responsibility. We get it done. And we want you to help us build the bank for the future.

The Cross-Function Chief Control Office is accountable for driving the effective governance and management of non-financial risks in the First Line of Defense across DBS (Technology, Operations, DCOO) and the Functions (Finance, Risk, Compliance, HR, Legal). As part of the First Line of Defense, the CCO ensures the bank operates within its risk appetite by providing specialist risk and control knowledge and promoting ongoing risk and control monitoring as our Bank becomes simpler, more efficient, more customer-focused, and leaner.

This proactive, centralized organization is designed to strengthen risk frameworks, risk management, and risk governance to enable a safer bank; partner with Risk and Control Owners to serve as trusted advisors and create a culture of continuous improvement and consistent risk management; enable accountability of Risk and Control owners to positively impact the control environment; and improve the risk and control landscape through forward-looking expertise and knowledge of industry trends.

At a high level, this organization is composed of the following teams:
  • Risk & Control Advisory: Focused on serving as 'the face of the CCO', liaising with Risk and Control owners and their Function or Area to provide proactive advice and input on key decisions, ensuring Risk and Control owners are accountable, enabling them to clearly articulate and manage the risk profile of a process, demonstrating active, robust non-financial risk management to key stakeholders (including the 2LOD, 3LOD, Regulators, US COO, US Transformation Office, etc.), and connecting the dots between other CCO teams below and the Function or Area served
  • Risk & Control Lifecycle, Reporting, and Regulatory: Focused on articulating Risk and Control environment to key stakeholders; managing issues, actions, and events; providing credible challenge and robust oversight to Continuous Monitoring Plans and Risk and Control Assessments; creating governance materials, reporting, and board papers for relevant Risk and Control Management Meetings and HNAH-wide forums such as the Risk Management Meeting; and creating materials demonstrating active, robust non-financial risk management to key stakeholders (including the 2LOD, 3LOD, Regulators, US COO, US Transformation Office, etc.)
  • CCO Initiatives, Control Design, and Remediations: Focused on performing end-to-end standard and thematic risk reviews of processes, identifying new risk and control themes and trends, owning CCO-driven special projects (e.g., NFRO), identifying and executing on opportunities to re-engineer inefficient processes and controls to be automated, preventative, and sustainable, identifying continuous improvement opportunities, utilizing and promoting utilization of analytics to identify issues, and assisting with implementations of changes to frameworks
  • TPRO, BIRO, and ARO: Focused on providing specialist expertise on Third Party, Business Information, and Affiliate Risk
  • 1LOD Testing: Focused on carrying out testing across DBS

This CCO Initiatives team member focused on Initiatives & Remediations will be responsible for completing project-based work encompassing the responsibilities of the "CCO Initiatives, Control Design, and Remediations" team above.

This role will require the holder to interface with a diverse group of senior stakeholders involved or affected by CCO initiatives, special projects, risk reviews, and remediations. Stakeholders may include senior management, risk and control owners, US COOs, US Transformation Office, and regulators. The holder will be expected to be deeply engaged during high-impact events such as Risk and Control regulatory remediations, provide specialist Risk and Control knowledge, guidance, and insights related to control design, influence and shape the implementation of risk-management and regulatory frameworks, conduct thoughtful first line risk reviews, deliver key strategic priorities for the Chief Control Office and US Bank, and promote desired behaviors and a positive risk culture.

In addition, holder will be expected to be intellectually curious and well-versed in key, high-impact topics and project areas to the Bank, such as automation.

Impact on the Business
  • Make the Bank safer through quality risk review, special project, and remediation work on control-related matters for DBS and Functions, guided by subject matter expertise in non-financial risk management
  • Identify and proactively manage current and emerging risks related to changes to services, processes and systems, across all functions, delivered by or impacting US COO and related functions
  • Implement the Non-Financial Risk Management Framework across DBS and the Functions within US
  • Thoughtfully design controls to be preventative, automated, and sustainable, making the Bank simpler, leaner, and more efficient

Customers / Stakeholders
  • Develop insights and solutions on risk and control matters for Risk and Control owners to harness
  • Assist in management of senior stakeholders at all GCB levels across DBS and Functions to drive strategic priorities and objectives

Leadership & Teamwork
  • Design and execute the right projects needed to effectively manage non-financial risk and build the capabilities needed
  • Make considered decisions that protect and enhance HSBC values, reputation and business

Major Challenges

You will be challenged
  • By significantly heightened Board and Executive focus on risk management
  • By working with the increasing expectations of the Group's lead regulators in US
  • To strike the correct balance between controls management and commerciality, while holding stakeholders to account
  • To cultivate a positive controls culture across the US leadership teams and throughout the organization
  • To be aware of and well-versed in key, high-impact topics and project areas to the Bank, such as automation

Role Context
  • Direct reporting into US CCO Initiatives Lead
  • Not subject to close supervision
  • Close working relationship with senior stakeholders across US Functions and DBS

You will need to perform a proactive, collaborative role across all US Functions, Global DBS, and externally to ensure ongoing management of an operationally excellent organization whilst being a subject matter expert in Risk Management with a comprehensive understanding of the Regulatory environment and emerging risk and regulatory issues.

The Group has adopted a risk management and internal control structure, referred to as the Non-Financial Risk Management Framework and has designed the Three Lines of Defense to ensure it achieves its commercial aims while meeting regulatory and legal requirements and its responsibilities to shareholders, customers and staff. All staff must familiarize themselves and always adhere with the roles and supporting responsibilities they play in the Three Lines of Defense model.


Employment eligibility to work with HSBC in the U.S. is required as the company will not pursue visa sponsorship for these positions

  • 7+ years of financial industry experience preferred, with experience working on project-based teams; international experience preferred
  • Experience across Operations, Risk Management, and / or Audit roles requiring management of diverse risk types, including but not limited to operational, regulatory, market, traded, and credit risk

  • Ability to develop risk-management solutions for senior management and regulators on a variety of risk-management-related topics
  • Ability to navigate the HSBC matrix and manage stakeholders across levels to improve NFR management
  • Detail-oriented and able to work independently and distil complex, ambiguous information to create insights for leaders
  • Ability to quickly analyse a status quo and identify opportunities for continuous improvement or process re-engineering
  • Intellectually curious and and well-versed in key, high-impact topics and project areas to the Bank, such as automation


All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.